NHSDigital · anjalitrace2-nhs · Feb 17, 2026 · Feb 20, 2026 · Feb 20, 2026 · Feb 24, 2026
@@ -105,7 +105,7 @@ publish-ci-image: ## Publish the CI image
 
 test: check-warn ## Run the unit tests
 	@echo "Running unit tests"
-	pytest --ignore=tests/smoke $(TEST_ARGS)
+	PYTHONPATH=. poetry run pytest --ignore tests/smoke $(TEST_ARGS)
 
 test-features-integration: check-warn ## Run the BDD feature tests in the integration environment
 	@echo "Running feature tests in the integration environment ${TF_WORKSPACE_NAME}"

@@ -16,7 +16,9 @@
 
 @mock_aws
 @mock_repository
-def test_read_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_read_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     # Create the document pointer
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)

@@ -24,7 +24,9 @@
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_search_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
     repository.create(doc_pointer)
@@ -516,7 +518,9 @@ def test_search_document_reference_happy_path_with_nicip_type(
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_no_results(repository: DocumentPointerRepository):
+def test_search_document_reference_no_results(
+    repository: DocumentPointerRepository,
+):
     event = create_test_api_gateway_event(
         headers=create_headers(),
         query_string_parameters={
@@ -633,7 +637,9 @@ def test_search_document_reference_invalid_nhs_number(
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_invalid_type(repository: DocumentPointerRepository):
+def test_search_document_reference_invalid_type(
+    repository: DocumentPointerRepository,
+):
     event = create_test_api_gateway_event(
         headers=create_headers(),
         query_string_parameters={

@@ -268,7 +268,9 @@ def test_search_post_document_reference_happy_path_with_multiple_categories(
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_no_results(repository: DocumentPointerRepository):
+def test_search_document_reference_no_results(
+    repository: DocumentPointerRepository,
+):
     event = create_test_api_gateway_event(
         headers=create_headers(),
         body=json.dumps(

@@ -31,7 +31,9 @@
 @mock_repository
 @freeze_time("2024-03-21T12:34:56.789")
 @freeze_uuid("00000000-0000-0000-0000-000000000001")
-def test_create_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_create_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     doc_ref_data = load_document_reference_data("Y05868-736253002-Valid")
 
     event = create_test_api_gateway_event(
@@ -1610,7 +1612,7 @@ def test_create_document_reference_with_date_and_meta_lastupdated_ignored(
 @mock_repository
 @freeze_time("2024-03-21T12:34:56.789")
 @freeze_uuid("00000000-0000-0000-0000-000000000001")
-def test_create_document_reference_with_date_overidden(
+def test_create_document_reference_with_date_overridden(
     repository: DocumentPointerRepository,
 ):
     doc_ref_data = load_document_reference_data("Y05868-736253002-Valid-with-date")

@@ -16,7 +16,9 @@
 
 @mock_aws
 @mock_repository
-def test_delete_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_delete_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
     repository.create(doc_pointer)
@@ -131,7 +133,9 @@ def test_delete_document_reference_invalid_producer_id():
 
 @mock_aws
 @mock_repository
-def test_delete_document_reference_not_exists(repository: DocumentPointerRepository):
+def test_delete_document_reference_not_exists(
+    repository: DocumentPointerRepository,
+):
     event = create_test_api_gateway_event(
         headers=create_headers(), path_parameters={"id": "Y05868-99999-99999-999999"}
     )

@@ -16,7 +16,9 @@
 
 @mock_aws
 @mock_repository
-def test_read_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_read_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     # Create the document pointer
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
@@ -151,7 +153,9 @@ def test_read_document_reference_incorrect_ods_code():
 
 @mock_aws
 @mock_repository
-def test_read_document_reference_invalid_json(repository: DocumentPointerRepository):
+def test_read_document_reference_invalid_json(
+    repository: DocumentPointerRepository,
+):
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
     doc_pointer.document = "invalid json"

@@ -23,7 +23,9 @@
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_search_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
     repository.create(doc_pointer)
@@ -55,7 +57,9 @@ def test_search_document_reference_happy_path(repository: DocumentPointerReposit
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_no_results(repository: DocumentPointerRepository):
+def test_search_document_reference_no_results(
+    repository: DocumentPointerRepository,
+):
     event = create_test_api_gateway_event(
         headers=create_headers(),
         query_string_parameters={
@@ -168,7 +172,9 @@ def test_search_document_reference_invalid_nhs_number(
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_invalid_type(repository: DocumentPointerRepository):
+def test_search_document_reference_invalid_type(
+    repository: DocumentPointerRepository,
+):
     event = create_test_api_gateway_event(
         headers=create_headers(),
         query_string_parameters={

@@ -25,7 +25,9 @@
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_search_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
     repository.create(doc_pointer)
@@ -59,7 +61,9 @@ def test_search_document_reference_happy_path(repository: DocumentPointerReposit
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_no_results(repository: DocumentPointerRepository):
+def test_search_document_reference_no_results(
+    repository: DocumentPointerRepository,
+):
     event = create_test_api_gateway_event(
         headers=create_headers(),
         body=json.dumps(
@@ -171,7 +175,9 @@ def test_search_document_reference_invalid_nhs_number(
 
 @mock_aws
 @mock_repository
-def test_search_document_reference_invalid_type(repository: DocumentPointerRepository):
+def test_search_document_reference_invalid_type(
+    repository: DocumentPointerRepository,
+):
     event = create_test_api_gateway_event(
         headers=create_headers(),
         body=json.dumps(

@@ -23,7 +23,9 @@
 @mock_aws
 @mock_repository
 @freeze_time("2024-03-21T12:34:56.789")
-def test_update_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_update_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
     repository.create(doc_pointer)
@@ -629,7 +631,9 @@ def test_update_document_reference_immutable_fields(repository):
 
 @mock_aws
 @mock_repository
-def test_update_document_reference_cannot_change_status_to_not_current(repository):
+def test_update_document_reference_cannot_change_status_to_not_current(
+    repository,
+):
     doc_ref = load_document_reference("Y05868-736253002-Valid")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
     repository.create(doc_pointer)
@@ -677,7 +681,9 @@ def test_update_document_reference_cannot_change_status_to_not_current(repositor
 
 @mock_aws
 @mock_repository
-def test_update_document_reference_with_no_context_related_for_ssp_url(repository):
+def test_update_document_reference_with_no_context_related_for_ssp_url(
+    repository,
+):
     doc_ref = load_document_reference("Y05868-736253002-Valid-with-ssp-content")
     doc_pointer = DocumentPointer.from_document_reference(doc_ref)
     repository.create(doc_pointer)

@@ -29,7 +29,9 @@
 @mock_aws
 @mock_repository
 @freeze_time("2024-03-21T12:34:56.789")
-def test_upsert_document_reference_happy_path(repository: DocumentPointerRepository):
+def test_upsert_document_reference_happy_path(
+    repository: DocumentPointerRepository,
+):
     doc_ref_data = load_document_reference_data("Y05868-736253002-Valid")
 
     event = create_test_api_gateway_event(
@@ -1578,7 +1580,7 @@ def test_upsert_document_reference_with_date_and_meta_lastupdated_ignored(
 @mock_aws
 @mock_repository
 @freeze_time("2024-03-21T12:34:56.789")
-def test_upsert_document_reference_with_date_overidden(
+def test_upsert_document_reference_with_date_overridden(
     repository: DocumentPointerRepository,
 ):
     doc_ref_data = load_document_reference_data("Y05868-736253002-Valid-with-date")

@@ -1,4 +1,5 @@
 import json
+import re
 import sys
 from os import path
 
@@ -9,6 +10,39 @@
 from nrlf.core.logger import LogReference, logger
 from nrlf.core.model import ConnectionMetadata
 
+default_lookup_path = "/opt/python/nrlf_permissions"
+
+
+def get_pointer_permissions_v2(
+    connection_metadata: ConnectionMetadata,
+    request_path: str,
+    lookup_path=default_lookup_path,
+):
+    producer_or_consumer = (
+        re.search("^/(producer|consumer)/", request_path).group().strip("/")
+    )
+
+    ods_code = connection_metadata.ods_code
+    app_id = connection_metadata.nrl_app_id
+
+    key = f"{producer_or_consumer}/{app_id}/{ods_code}.json"
+    logger.log(LogReference.V2PERMISSIONS011, key=key)
+
+    file_path = f"{lookup_path}/{key}"
+
+    pointer_permissions = {}
+    try:
+        with open(file_path) as file:
+            pointer_permissions = json.load(file)
+    except Exception as exc:
+        logger.log(
+            LogReference.V2PERMISSIONS014,
+            exc_info=sys.exc_info(),
+            stacklevel=5,
+            error=str(exc),
+        )
+    return pointer_permissions
+
 
 def get_pointer_types(
     connection_metadata: ConnectionMetadata, config: Config

@@ -11,10 +11,16 @@
 from aws_lambda_powertools.utilities.typing import LambdaContext
 from pydantic import BaseModel
 
-from nrlf.core.authoriser import get_pointer_types, parse_permissions_file
+from nrlf.core.authoriser import (
+    get_pointer_permissions_v2,
+    get_pointer_types,
+    parse_permissions_file,
+)
 from nrlf.core.codes import SpineErrorConcept
 from nrlf.core.config import Config
 from nrlf.core.constants import (
+    CLIENT_RP_DETAILS,
+    CONNECTION_METADATA,
     NHSD_CORRELATION_ID_HEADER,
     PERMISSION_ALLOW_ALL_POINTER_TYPES,
     X_CORRELATION_ID_HEADER,
@@ -137,12 +143,39 @@ def wrapper(*args, **kwargs) -> Dict[str, Any]:
 RepositoryType = Union[Type[DocumentPointerRepository], None]
 
 
-def load_connection_metadata(headers: Dict[str, str], config: Config):
-    logger.log(LogReference.HANDLER002, headers=headers)
-    metadata = parse_headers(headers)
-    logger.log(LogReference.HANDLER003, metadata=metadata.model_dump())
+def _use_v2_permissions_model(headers: Dict[str, str]) -> bool:
+    case_insensitive_headers = {key.lower(): value for key, value in headers.items()}
+    # if either or both headers are missing
+    return (
+        CLIENT_RP_DETAILS not in case_insensitive_headers.keys()
+        or CONNECTION_METADATA not in case_insensitive_headers.keys()
+    )
+
+
+def _load_v2_connection_metadata(headers: Dict[str, str], path: str):
+    logger.log(LogReference.HANDLER004d)
+    metadata = parse_headers(headers, use_v2_permissions=True)
+
+    logger.log(LogReference.HANDLER004e)
+    pointer_permissions = get_pointer_permissions_v2(metadata, path)
+
+    metadata.pointer_types = pointer_permissions.get("types", [])
+
+    logger.log(
+        LogReference.HANDLER004f, pointer_types=metadata.pointer_types
+    )  # TODO: log other permissions as they're added
+
+    return metadata
+
+
+def load_connection_metadata(headers: Dict[str, str], config: Config, path=""):
+
+    if _use_v2_permissions_model(headers):
+        return _load_v2_connection_metadata(headers, path)
+
+    metadata = parse_headers(headers, use_v2_permissions=False)
     if PERMISSION_ALLOW_ALL_POINTER_TYPES in metadata.nrl_permissions:
-        logger.log(LogReference.HANDLER004a)
+        logger.log(LogReference.HANDLER004b)
         metadata.pointer_types = PointerTypes.list()
         return metadata
 
@@ -262,7 +295,7 @@ def wrapper(event: APIGatewayProxyEvent, context: LambdaContext, **kwargs):
 
             config = Config()
             logger.log(LogReference.HANDLER001, config=config.model_dump())
-            metadata = load_connection_metadata(event.headers, config)
+            metadata = load_connection_metadata(event.headers, config, event.path)
 
             if metadata.pointer_types == []:
                 logger.log(