Special Instructions
As a pre-requisite, you have run the CHATC_ARR_CONF test and your system contains the expected set of data for this test to be executed correctly and is integrated with Gazelle ADR Provider simulator.
This test is executed using Gazelle Webservice Tester as a CH:ATC Patient Audit Consumer actor. A test suite has been designed to issue search requests on AuditEvent resources in conformance to the CH:ATC specifications.
One of the error conditions is related to the support to IUA and CH:ADR profile. We want your system to demonstrate its ability to verify an authorization decision.
The Patient Audit Record Repository actor is also expected to act as
an AuthorizationDecision Consumer. This test will also be used to assess
this role for error case. In order to validate the conformity of your system in this
role, you'll need to follow the instructions
from this test case :
CHADR_FOR_CONSUMER
Description
The tested System Under Test is the Patient Audit Record Repository. This test covers the ITI-81 : Retrieve ATNA Audit Event transaction.
-Before anything, configure your system to be able to test its role as an ADR Consumer.
This test checks the ability of your system to handle the following error cases:
- Check that the system rejects the request if the user identified in the SAML token is not authorized to access the informations related to the patient identifier defined in entity-id parameter (grouped with CH:ADR client)
- entity-id parameter is not provided (but date parameter provided)
- date parameter not provided (but entity-id provided)
- no match found
- unauthorized parameter is used in the query
The requests will be sent to your SUT from Gazelle Webservice Tester. To execute this test:
- Access Gazelle Webservice Tester and log into the application;
- Go to menu "Run";
- Select the test project name EPR CH:ATC Patient Audit Consumer from the drop-down list;
- Select test suite ErrorCases by ticking the checkbox in front of its name;
- Enter the URL of your system under test endpoint (shall be a secured endpoint)
- Click on "Run" button
- Wait for the script to complete its execution;
- When the script stops, copy the permanent link of the execution to the test step in Gazelle Test Management
The
conformance of the responses sent back by your system shall be
assessed.
All returned code shall be 400 (Bad Request) or 401 (Unauthorized) for the IUA error.
Evaluation
The global status of the GWT execution shall report a Success.
The monitor will check that Error codes are returned by your server in the execution.