DateType OperationParam contains time

[svenhaag]

• Using HAPI FHIR REST Search
• Using an @OperationParam of type org.hl7.fhir.r4.model.DateType
• Sending request with body:

{
  "resourceType": "Parameters",
  "parameter": [
    {
      "name": "endOfWorld",
      "valueDate": "2023-04-01T01:02:03.000Z"
    }
  ]
}

Expected behavior

• Expected the operation param to contain only the date, no time data

Actual behavior

• operation param contains date AND time

[jamesagnew]

I'm not sure I follow this, would you be able to provide a code snippet showing how this is happening?

[svenhaag]

Please check out my demo app and run the integration test.
Especially notice this part.

[jamesagnew]

Ah, I see, so an OperationParam of type DateType where the client has incorrectly supplied a value with too much precision.

To make the test you linked to pass, we would have to silently drop data which I don't believe is a safe solution.

I could see us increasing strictness so that this returns HTTP 400 though.. This would probably have to be a config item though, as we do try to honour Postel's Law in the server and try to be lenient in what we accept by default.

[svenhaag]

Hi, I think the culprit lies in the wrong parsing of the json. The parser does not call any of the DateType constructor. Instead, the value is written in the DateType object via org.hl7.fhir.r4.model.PrimitiveType#setValueAsString.

[jamesagnew]

This is roughly deliberate - As I say, we do try to be lenient by default with user supplied input especially when the error is something like the user providing too much precision. Obviously silently allowing this isn't ideal (I'd be much happier if we logged a warning here) but I think the current behaviour is better than silently dropping the extra precision.

Certainly I think if we had configuration on the RestfulServer to enable strict validation of URL parameters this would be nice though.