search

hapifhir / hapi-fhir

🔥 HAPI FHIR - Java API for HL7 FHIR Clients and Servers
http://hapifhir.io
Apache License 2.0
1.94k stars 1.3k forks source link

Referential integrity on write if resource is deleted #5948

Open relikd opened 1 month ago

relikd commented 1 month ago

Disabling enfore_referential_itegrity_on_write does not disable integrity checks on deleted resources. For example, I would like to create a Provenance or AuditEvent to indicate that a resource has been deleted. But when using the STORAGE_PRECOMMIT_RESOURCE_DELETED Pointcut, hapi will not allow to create a reference on the already deleted resource.

There exists a check for resource creation:

https://github.com/hapifhir/hapi-fhir/blob/97cfb6de37719c94c24255aaaeb091a521486ff3/hapi-fhir-storage/src/main/java/ca/uhn/fhir/jpa/dao/index/DaoResourceLinkResolver.java#L131-L139

However, this check is skipped if the resource exists, but is deleted:

https://github.com/hapifhir/hapi-fhir/blob/97cfb6de37719c94c24255aaaeb091a521486ff3/hapi-fhir-storage/src/main/java/ca/uhn/fhir/jpa/dao/index/DaoResourceLinkResolver.java#L163-L167

jamesagnew commented 1 month ago

Interesting. FWIW I'd definitely agree that we shouldn't be blocking this create with that setting disabled.