This project contains all scripts to fetch and store data as well as a fully functioning API to fetch this data.
The project is based on PHP 8.1, API-Platform 2.5 and Symfony 5.4
Live API is available at https://data.instamed.fr
5 type of data are currently available :
- The RPPS (Répertoire Partagé des Professionnels de Santé) contains all the data of French health professionals
- The drugs data contains all the data of allowed drugs on the French Market
- The diseases data contains all the data from the OMS CIM-10 database
- The allergens data contains all the alergens that are known
- The CCAM data contains all the medical acts and their reimbursment rate by the social security
- The NGAP data contains a database of medical acts
Prerequisites:
- Have docker installed
- Have docker-compose installed
Setup with test data:
Duration: ~10/15 minutes
$ make setup-dev
To run the docker environment you can start the docker server with the following command :
docker-compose upThen here are some useful commands
# Starts a bash session in the container
make shell
# Install a composer package
make composer-require package='name/of/your/package'All code is tested using phpunit All test files are in the tests/ folder in 3 sub folders :
- Unit : Contains all unit tests of the project
- Integration : Contains all the integration tests of the project
- Functional : Contains all the functional tests of the project
To run the tests, run the command
make phpunitThe goal of this exercice is to add an authentication system inside this project using API KEY header verification
With the help of this documentation, create a User Entity with the following properties :
- id : uuid
- name : string
- email : unique string
- roles : array
- password : string
- plainPassword : string
- apiKey : string
The database update must be run using doctrine migrations. (The bundle is already installed & configured)
With the help of this documentation. you will configure the security.
2 roles should be added :
- ROLE_CUSTOMER
- ROLE_ADMIN
The role
ROLE_ADMINshould inherit the roleROLE_CUSTOMER
add a new firewall that will block all access to the routes following this path /api/*. The documentation available on /api should still be accessible with an anonymous access.
All roles are allowes to access the routes.
With the help of this documentation, create a custom authenticator. This service will do the following :
- Read the
X-Api-Keyheader sent in the request - Retrieve the existing user linked to this Api Key
- Authenticate the user using a
SelfValidatingPassport
If any of these steps do not work properly, the authenticator must return a CustomUserMessageAuthenticationException with the message Missing or Invalid API KEY
With the help of this documentation, add custom fixtures to create 3 User Entities :
- user 1 :
- name : Admin
- email : [email protected]
- roles : [ROLE_ADMIN]
- password : password
- api-key : random 16 char long string
- user 2 :
- name : Customer 1
- email : [email protected]
- roles : [ROLE_CUSTOMER]
- password : password
- api-key : random 16 char long string
- user 3 :
- name : Customer 2
- email : [email protected]
- roles : [ROLE_CUSTOMER]
- password : password
- api-key : random 16 char long string
With the help of this documentation, and the existing tests, add a new file tests/Functional/AuthenticationTest.php. You will create an AuthenticationTest class extending the ApiTestCase class
Inside this file, you will add 3 tests :
testAuthenticationInvalidWithMissingApiKey: It will test the case when noX-API-KEYheader is sent in the requesttestAuthenticationInvalidWithInvalidApiKey: It will test the case theX-API-KEYheader sent is invalidtestAuthenticationValid: It will test the case theX-API-KEYheader sent is valid
For this, you should use the existing functions declared in the ApiTestCase base class