search

CDCgov / prime-reportstream

ReportStream is a public intermediary tool for delivery of data between different parts of the healthcare ecosystem.
https://reportstream.cdc.gov
Creative Commons Zero v1.0 Universal
71 stars 39 forks source link

[Bug] OTC / Proctored fields: Invalid device_id matches to otc N value. #1493

Open san-nat opened 3 years ago

san-nat commented 3 years ago

Describe the bug 1 bug found during Otc/proctored field functional testing https://github.com/CDCgov/prime-reportstream/pull/1238

When a receiver has a quality filter with matcher having rule has otc set to N e.g qualityFilter: [ "matches(test_authorized_for_otc, N)" ] and device_id is not in the mapping lookup, receiver receives this data.

Impact impact is low to medium

To Reproduce Steps to reproduce the behavior:

  1. Use the attached organization-local.yaml and replace the local yaml. Re-start the settings container for the new settings to be applied on the prime-router. docker compose restart settings
  2. run the above curl command for each request 
    curl -X POST   -H 'client: waters'     -H 'Content-Type: text/csv'       --data-binary '@path_to/invalid_device_id.csv'     'http://localhost:7071/api/reports'
  3. actual 
    
"destinations" : [ {
"organization" : "reference_all",
"organization_id" : "reference_all",
"service" : "reference_all",
"sending_at" : "2021-07-06T14:41-04:00",
"itemCount" : 1
}, {
"organization" : "Qreceiver_otcN",
"organization_id" : "Qreceiver_otcN",
"service" : "Qreceiver_otcN",
"sending_at" : "2021-07-06T14:41-04:00",
"itemCount" : 1
} ]```
  4. expected - for invalid device id, I expect data to be received by reference_all org only & not by Qreceiver_otcN Expected behavior

Screenshots If applicable, add screenshots to help explain your problem.

https://app.zenhub.com/files/304423150/0c713826-fc49-4975-bfc4-179b1f413a04/downloadScreen Shot 2021-07-06 at 2.43.13 PM.png

TomNUSDS commented 3 years ago

Another way to reproduce this bug is:

  1. Go to editor.swagger.io
  2. Open the openap.yml file in their editor https://raw.githubusercontent.com/CDCgov/prime-reportstream/master/prime-router/docs/openapi.yml Result: the swagger editor reports two errors with the api:

Structural error at components.schemas.Destination.properties.sending_at.type should be equal to one of the allowed values allowedValues: array, boolean, integer, number, object, string Line 548

Semantic error at components.schemas.Receiver.properties.translations.items.anyOf.2.$ref $refs must reference a valid location in the document Line 716

jimduff-usds commented 2 years ago

@TomNUSDS - is your comment on the right ticket? - it seems unrelated to this ticket (which we are planning to close, as @carlosfelix2 is reworking the is_otc feature anyway)

TomNUSDS commented 2 years ago

@jimduff-usds You're right, it does seem unrelated. I probably just put a comment on the wrong open tab.