Skip to content
This repository has been archived by the owner on Apr 13, 2023. It is now read-only.

fix: http errors from routing dependency #243

Merged
merged 1 commit into from
Mar 11, 2021
Merged

fix: http errors from routing dependency #243

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions serverless.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ custom:
oauthRedirect: ${opt:oauthRedirect, 'http://localhost'}
config: ${file(serverless_config.json)}
bundle:
externals:
- fhir-works-on-aws-routing
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you explain how this fixes the issue? and if I were to throw an error in the authz package do we need to add it here as well?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The method isHttpError in the http-errors package that is being used in the routing package is not compatible with webpack. Therefore this external setting does not use webpack to package the routing package. It use the routing package as is. This setting is defined here.

RBAC tests was run, and they ran successfully.
https://github.com/awslabs/fhir-works-on-aws-deployment/blob/78db6f67101ee6f87365631c33ad88c3da0ef934/integration-tests/rbac-permission.test.ts

These tests involved the authZ package throwing unauthorized errors.

Manually testing creating a Patient as an auditor gives this 403 error, which is expected.

{
    "resourceType": "OperationOutcome",
    "text": {
        "status": "generated",
        "div": "<div xmlns=\"http://www.w3.org/1999/xhtml\"><h1>Operation Outcome</h1><table border=\"0\"><tr><td style=\"font-weight: bold;\">error</td><td>[]</td><td><pre>Unauthorized</pre></td></tr></table></div>"
    },
    "issue": [
        {
            "severity": "error",
            "code": "security",
            "diagnostics": "Unauthorized"
        }
    ]
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What makes a package "not compatible" with webpack? Just trying to understand when we need to add packages to this section

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Talked offline -- it is hard to determine if a package is compatible with webpack or no. Having integration tests is our mechanism to prevent these failures

packager: yarn
copyFiles: # Copy any additional files to the generated package
- from: 'bulkExport/glueScripts/export-script.py'
Expand Down