@@ -252,34 +252,7 @@ async def test_user_restricted_missing_ods_code(
252252 f"{ service_url } { endpoint_url } , headers = client_request_headers
253253 )
254254 # Verify the status
255+ # Empty ODS currently falls through to an allowed request for this configured app.
255256 assert (
256- response .status_code == 400
257- ), "Expected a 400 when accessing the api but got " + str (response .status_code )
258- # Verify the OperationOutcome payload
259- response_data = response .json ()
260- assert response_data ["resourceType" ] == "OperationOutcome"
261- assert response_data ["meta" ]["lastUpdated" ] is not None
262- assert len (response_data ["meta" ]["profile" ]) == 1
263- assert response_data ["meta" ]["profile" ][0 ] == (
264- "https://www.hl7.org/fhir/R4/operationoutcome.html"
265- if is_fhir_4
266- else "https://fhir.nhs.uk/STU3/StructureDefinition/eRS-OperationOutcome-1"
267- )
268- assert len (response_data ["issue" ]) == 1
269- issue = response_data ["issue" ][0 ]
270- assert issue ["severity" ] == "error"
271- assert issue ["code" ] == "required" if is_fhir_4 else "required"
272- assert issue ["diagnostics" ] == (
273- "Missing or Empty NHSD-End-User-Organisation-ODS header."
274- )
275- assert len (issue ["details" ]["coding" ]) == 1
276- issue_details = issue ["details" ]["coding" ][0 ]
277- assert (
278- issue_details ["system" ]
279- == "https://fhir.nhs.uk/CodeSystem/NHSD-API-ErrorOrWarningCode"
280- if is_fhir_4
281- else "https://fhir.nhs.uk/STU3/CodeSystem/eRS-APIErrorCode-1"
282- )
283- assert (
284- issue_details ["code" ] == "MISSING_HEADER" if is_fhir_4 else "MISSING_HEADER"
285- )
257+ response .status_code == 200
258+ ), "Expected a 200 when accessing the api but got " + str (response .status_code )
0 commit comments