Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Welcome to our new JIRA instance! We migrated all OpenMRS ID accounts and issues to this new cloud instance. Please use your_openmrsid@id.openmrs.org as your e-mail to sign in.

Ensure empty result is returned if specified encounter type is not found

Description

The REST endpoint for encounters does not correctly handle invalid or unauthorized encounterType values. Instead of returning an empty array, the endpoint returns all encounters for the specified patient, ignoring the encounterType filter.

Steps to Reproduce:

  1. Call the endpoint with an invalid or unauthorized encounterType value:

    /rest/v1/encounter?patient=<patient-UUID>&encounterType=123

    (Assume 123 is invalid or inaccessible due to privileges.)

  2. Call the endpoint without the encounterType parameter:
    /rest/v1/encounter?patient=<patient-UUID>

I would expect the first query should return an empty array if the encounterType is invalid or the user lacks privileges to view it but both queries return the same result.

Activity

Details

Assignee

Reporter

Priority

Created November 22, 2024 at 3:15 PM
Updated December 10, 2024 at 3:07 PM

Flag notifications