refactor: hide conditional reference pseudonymization behind a featur…

…e flag
miracum · Jan 19, 2023 · f3a08d7 · f3a08d7
1 parent 9bd3806
commit f3a08d7
Show file tree

Hide file tree

Showing 7 changed files with 45 additions and 18 deletions.
diff --git a/src/FhirPseudonymizer.Tests/GPasPseudonymizationProcessorTests.cs b/src/FhirPseudonymizer.Tests/GPasPseudonymizationProcessorTests.cs
@@ -1,6 +1,7 @@
 using System.Collections.Generic;
 using System.Linq;
 using FakeItEasy;
+using FhirPseudonymizer.Config;
 using FhirPseudonymizer.Pseudonymization;
 using Hl7.Fhir.ElementModel;
 using Hl7.Fhir.FhirPath;
@@ -14,19 +15,26 @@ public class GPasPseudonymizationProcessorTests
 {
     public static IEnumerable<object[]> GetProcessData()
     {
-        yield return new object[] { "foo-", "bar", new FhirString("12345"), "foo-bar" };
-        yield return new object[] { null, "bar", new FhirString("12345"), "bar" };
-        yield return new object[] { "foo-", null, new ResourceReference("Patient/12345"), "foo-Patient" };
-        yield return new object[] { null, null, new ResourceReference("Patient/12345"), "Patient" };
+        foreach (var enableConditionalReferencePseudonymization in new[] { true, false })
+        {
+            yield return new object[] { "foo-", "bar", new FhirString("12345"), "foo-bar", enableConditionalReferencePseudonymization };
+            yield return new object[] { null, "bar", new FhirString("12345"), "bar", enableConditionalReferencePseudonymization };
+            yield return new object[] { "foo-", null, new ResourceReference("Patient/12345"), "foo-Patient", enableConditionalReferencePseudonymization };
+            yield return new object[] { null, null, new ResourceReference("Patient/12345"), "Patient", enableConditionalReferencePseudonymization };
+        }
     }
 
     [Theory]
     [MemberData(nameof(GetProcessData))]
     public void Process_SupportsDomainPrefixSetting(string domainPrefix, string domainName, DataType element,
-        string expectedDomain)
+        string expectedDomain, bool enableConditionalReferencePseudonymization)
     {
+        var features = new FeatureManagement()
+        {
+            ConditionalReferencePseudonymization = enableConditionalReferencePseudonymization,
+        };
         var psnClient = A.Fake<IPseudonymServiceClient>();
-        var processor = new PseudonymizationProcessor(psnClient);
+        var processor = new PseudonymizationProcessor(psnClient, features);
 
         var node = ElementNode.FromElement(element.ToTypedElement());
         while (!node.HasValue())

diff --git a/src/FhirPseudonymizer.Tests/ReferenceUtilityTests.cs b/src/FhirPseudonymizer.Tests/ReferenceUtilityTests.cs
@@ -4,7 +4,6 @@ namespace Microsoft.Health.Fhir.Anonymizer.Core.Utility;
 
 public class ReferenceUtilityTests
 {
-
     [Theory]
     [InlineData("Patient/123")]
     [InlineData("Encounter?identifier=123")]
@@ -23,5 +22,4 @@ public void TransformReferenceId_MatchesConditionalReferences(string uri)
     {
         Assert.Equal(ReferenceUtility.TransformReferenceId(uri, _ => "xxx"), uri.Replace("123", "xxx"));
     }
-
 }
diff --git a/src/FhirPseudonymizer/AnonymizerEngineExtensions.cs b/src/FhirPseudonymizer/AnonymizerEngineExtensions.cs
@@ -23,7 +23,7 @@ public static IServiceCollection AddAnonymizerEngine(this IServiceCollection ser
             var engine = new AnonymizerEngine(anonConfig);
 
             var psnClient = sp.GetRequiredService<IPseudonymServiceClient>();
-            engine.AddProcessor("pseudonymize", new PseudonymizationProcessor(psnClient));
+            engine.AddProcessor("pseudonymize", new PseudonymizationProcessor(psnClient, appConfig.Features));
 
             return engine;
         });
@@ -34,7 +34,7 @@ public static IServiceCollection AddAnonymizerEngine(this IServiceCollection ser
             var engine = new DePseudonymizerEngine(anonConfig);
 
             var psnClient = sp.GetRequiredService<IPseudonymServiceClient>();
-            engine.AddProcessor("pseudonymize", new DePseudonymizationProcessor(psnClient));
+            engine.AddProcessor("pseudonymize", new DePseudonymizationProcessor(psnClient, appConfig.Features));
 
             engine.AddProcessor("encrypt", new DecryptProcessor(anonConfig.GetParameterConfiguration().EncryptKey));
             return engine;

diff --git a/src/FhirPseudonymizer/Config/AppConfig.cs b/src/FhirPseudonymizer/Config/AppConfig.cs
@@ -13,6 +13,7 @@ public record AppConfig
     public GPasConfig GPas { get; init; } = new();
     public VfpsConfig Vfps { get; init; } = new();
     public ushort MetricsPort { get; set; } = 8081;
+    public FeatureManagement Features { get; set; } = new();
 }
 
 public record CacheConfig
@@ -49,3 +50,8 @@ public record PseudonymServiceBasicAuthConfig
     public string Username { get; init; }
     public string Password { get; init; }
 }
+
+public record FeatureManagement
+{
+    public bool ConditionalReferencePseudonymization { get; init; }
+}
diff --git a/src/FhirPseudonymizer/Pseudonymization/PseudonymizationProcessor.cs b/src/FhirPseudonymizer/Pseudonymization/PseudonymizationProcessor.cs
@@ -1,6 +1,7 @@
 using System;
 using System.Collections.Generic;
 using System.Text.RegularExpressions;
+using FhirPseudonymizer.Config;
 using Hl7.Fhir.ElementModel;
 using Microsoft.Health.Fhir.Anonymizer.Core.Extensions;
 using Microsoft.Health.Fhir.Anonymizer.Core.Models;
@@ -9,15 +10,20 @@
 
 namespace FhirPseudonymizer.Pseudonymization
 {
-    public class PseudonymizationProcessor : IAnonymizerProcessor
+    public partial class PseudonymizationProcessor : IAnonymizerProcessor
     {
-        public PseudonymizationProcessor(IPseudonymServiceClient psnClient)
+        public PseudonymizationProcessor(IPseudonymServiceClient psnClient, FeatureManagement features)
         {
             PsnClient = psnClient;
+            IsConditionalReferencePseudonymizationEnabled = features.ConditionalReferencePseudonymization;
         }
 
+        [GeneratedRegex("^(?<domain>.*?)(\\/|\\?)")]
+        private static partial Regex ResourceTypeRegex();
+
         protected IPseudonymServiceClient PsnClient { get; }
-        private Regex ResourceTypeMatcher { get; } = new(@"^(?<domain>.*?)(\/|\?)");
+        private Regex ResourceTypeMatcher { get; } = ResourceTypeRegex();
+        private bool IsConditionalReferencePseudonymizationEnabled { get; }
 
         public ProcessResult Process(
             ElementNode node,
@@ -44,19 +50,24 @@ public ProcessResult Process(
 
             // Pseudonymize the id part for "Reference.reference" node and
             // pseudonymize whole input for other node types
-            if (node.IsReferenceStringNode() || IsReferenceUriNode(node, input) || IsConditionalElement(node, input))
+            if (node.IsReferenceStringNode() || IsReferenceUriNode(node, input))
             {
                 // if the domain setting is not set,
                 // create a domain from the reference, ie "Patient/123" -> "Patient"
-                domain ??= ResourceTypeMatcher
-                    .Match(ReferenceUtility.GetReferencePrefix(input))
-                    .Groups["domain"].Value;
+                domain ??= ReferenceUtility
+                    .GetReferencePrefix(input)
+                    .TrimEnd('/');
 
                 node.Value = ReferenceUtility.TransformReferenceId(
                     input,
                     x => GetOrCreatePseudonym(x, domainPrefix.ToString() + domain)
                 );
             }
+            else if (IsConditionalReferencePseudonymizationEnabled && IsConditionalElement(node, input))
+            {
+                domain ??= ResourceTypeMatcher.Match(ReferenceUtility
+                    .GetReferencePrefix(input)).Groups["domain"].Value;
+            }
             else
             {
                 node.Value = GetOrCreatePseudonym(input, domainPrefix.ToString() + domain);
@@ -86,7 +97,7 @@ private static bool IsConditionalElement(ElementNode node, string value)
 
     public class DePseudonymizationProcessor : PseudonymizationProcessor
     {
-        public DePseudonymizationProcessor(IPseudonymServiceClient psnClient) : base(psnClient) { }
+        public DePseudonymizationProcessor(IPseudonymServiceClient psnClient, FeatureManagement features) : base(psnClient, features) { }
 
         protected override string GetOrCreatePseudonym(string input, string domain)
         {

diff --git a/src/FhirPseudonymizer/Startup.cs b/src/FhirPseudonymizer/Startup.cs
@@ -35,6 +35,7 @@ public void ConfigureServices(IServiceCollection services)
 
         services.AddSingleton(_ => appConfig);
         services.AddSingleton(_ => appConfig.GPas);
+        services.AddSingleton(_ => appConfig.Features);
 
         services.AddApiKeyAuth(appConfig.ApiKey);
 

diff --git a/src/FhirPseudonymizer/appsettings.json b/src/FhirPseudonymizer/appsettings.json
@@ -46,5 +46,8 @@
     "Address": "",
     "UnsafeUseInsecureChannelCallCredentials": true,
     "UseTls": false
+  },
+  "Features ": {
+    "ConditionalReferencePseudonymization": false
   }
 }