Table of Contents |
---|
...
Rule | Base | Resource | Routes | Context | Logic | Source of context |
---|---|---|---|---|---|---|
@rule_-2 (GraphQL only) @read @episode @encounter @observation @condition @allergy_intolerance @primmunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration@care_plan @activity Scenario: NHS employee can read patient’s data if he has Justification for monitoring Given Justification on monitoring patient's data given by the user (works only from Admin panel, graphql api) When I require read access Then I can read | Based on user token | by id | patient_id | There is an active token | ||
by search params | There is an active token | |||||
@rule_-1 @read @allergy_intolerance @immunization @risk_assessment @device @medication_statement Scenario: Employee can read insensitive patient’s data Given User access token with client_type not equal to cabinet When I require read access Then I can read | Based on user token | by id | There is an active token | |||
by search params | There is an active token | |||||
@rule_0 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration@care_plan @activity @clinical_impression Scenario: Patient can read it's own data Given Patient has access_token given by Cabinet When I require read access Then I can read | Based on patient token | by id | patient_id | There is an active token given by Cabinet to a patient | ||
by search params | ||||||
@rule_1 @read @episode @encounter @observation @condition @service_request @diagnostic_report @procedure @medication_administration @care_plan @activity @approval @clinical_impression Scenario: Employee with active declaration can read all patient data Given Active declaration with patient And declaration from the same MSP When I require read access Then I can read | Based on declaration | episode | by id | patient_id | There is an active declaration between the patient and the doctor in OPS | patient_id from URL |
by search params | ||||||
encounter | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
observation | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
condition | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
service_request | by id | |||||
by search params | ||||||
diagnostic_report | by id | |||||
by search params | ||||||
care_plan | by id | |||||
by search params | ||||||
activity | by id | |||||
by search params | ||||||
approval | by id | |||||
by search params | ||||||
clinical_impression | by id | |||||
by search params | ||||||
medication_request_request | by id | |||||
by search params | ||||||
medication_request | by id | |||||
by search params | ||||||
medication_dispense | by id | |||||
by search params (Search Medication dispenses by Medication request ID) | ||||||
@rule_2 @read @episode @service_request @diagnostic_report @procedures Scenario: Doctor can read entity created in the doctors MSP Given Entity has been created on my MSP When I require read access Then I can read | Based on managing organization | episode | by id | episode | managing_organization==token.client_id | DB.episode.managing_organization |
by search params | search param {managing_organization} from URL | |||||
service_request | by id | service request | DB.service_request.managing_organization | |||
by search params | search param {requester_legal_entity} from URL | |||||
diagnostic_report | by id | diagnostic_report | DB.diagnostic_report.managing_organization | |||
by search params | search param {managing_organization} from URL | |||||
procedures | by search params | managing_organization | search param {managing_organization} from URL | |||
medication_request_request | by id | legal_entity + patient_id | legal_entity_id==id | search param {legal_entity_id} from URL | ||
by search param | legal_entity_id ==token.client_id | |||||
medication_request | by id | legal_entity + patient_id | legal_entity_id==id | search param {legal_entity_id} from URL | ||
by search param | legal_entity_id ==token.client_id | |||||
medication_dispense | by id | legal_entity + patient_id | legal_entity_id==id | search param {legal_entity_id} from URL | ||
by search param (Search Medication dispenses by Medication request ID) | legal_entity_id ==token.client_id | |||||
@rule_3 @read @encounter @observation @condition @service_request @diagnostic_report @device @medication_statement @immunization @risk_assessment @medication_administration @procedure @allergy_intolerance @clinical_impression Scenario: Doctor can read all the data of episodes created in the doctors MSP Given Episode context has been created on my MSP When I require read access Then I can read | Based on context episode | encounter | by id | episode | episode.managing_organization==token.client_id | DB.encounter.episode |
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
observation | by id | DB.observation.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
condition | by id | DB.condition.episode | ||||
by search params | search param {episode_id} from URL | |||||
by is in episode context |
| |||||
by search params in episode context | ||||||
service_request | by id | DB.service_request.encounter.episode.managing_organization | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
diagnostic_report | by id | DB.diagnostic_report.encounter.episode.managing_organization | ||||
by search params | context_episode_id from URL (path) | |||||
medication_statement | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
immunization | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
device | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
risk_assessment | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
medication_administration | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
procedure | by id | DB.procedures.encounter.episode.managing_organization | ||||
by search params | search param {episode_id} from URL | |||||
allergy_intolerance | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
clinical_impression | by id | DB.clinical_impression.episode | ||||
by search params | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
medication_request | by id | episode | DB.medication_request.context_episode_id | |||
by search params | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
medication_dispense | by id | episode | DB.medication_request.context_episode_id | |||
by search params (Search Medication dispenses by Medication request ID) | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
medication_request_request | by id | episode | DB.medication_request_request.context_episode_id | |||
by search params | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
@rule_4 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @medication_administration Scenario: Doctor with active approval can read all the data of specified in approval patient Given Active approval on patient When I require read access Then I can read | not implemented yet | |||||
@rule_5 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device@medication_statement @service_request @diagnostic_report @procedure @medication_administration @clinical_impression Scenario: Doctor with active approval can read all the data of specified in approval episodes Given Active approval on episode When I require read access Then I can read | Based on context episode | episode | by id | episode | There is an active approval on the episode granted to the employee (one of user's employee) in MongoDB | |
encounter | by id | DB.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
observation | by id | DB.observation.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
condition | by id | DB.condition.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
service request | by id | DB.service_requset.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
diagnostic report | by id | DB.diagnostic_report.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
procedure | by id | DB.procedures.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
clinical_impression | by id | DB.clinical_impression.episode | ||||
by search params | search param {episode_id} from URL | |||||
medication_request | by id | episode | DB.medication_request.context_episode_id | |||
by search params | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
medication_dispense | by id | episode | DB.medication_request.context_episode_id | |||
by search param (Search Medication dispenses by Medication request ID) | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
medication_request_request | by id | episode | DB.medication_request_request.context_episode_id | |||
by search params | search param {episode_id} from URL (can be used with {encounter_id} search param for sort by encounter) | |||||
@rule_6 @read @diagnostic_report @encounter @procedure Scenario: Doctor can read entity originated by episode created in the doctors MSP Given Entity has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | encounter | by id | origin_episode | origin_episode.managing_organization==token.client_id | DB.encounter.origin_episode |
by search params | Search param {origin_episode_id} from URL | |||||
diagnostic repost | by id | DB.diagnostic_report.origin_episode | ||||
by search params | Search param {origin_episode_id} from URL | |||||
procedures | by search params | DB.diagnostic_report.origin_episode | ||||
@rule_7 @read @observation Scenario: Doctor can read all the data of diagnostic report originated by episode created in the doctors MSP Given Diagnostic report context has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | observation | by id | diagnostic_report | origin_episode.managing_organization==token.client_id | DB.observation.diagnostic_report.origin_episode |
by search params | Search param {diagnostic_report_id} from URL | |||||
@rule_8 @read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration @clinical_impression Scenario: Doctor can read all the data of encounter originated by episode created in the doctors MSP Given Encounter context has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | observation | by id | encounter | origin_episode.managing_organization==token.client_id | DB.observation.context.origin_episode |
by search params | Search param {encounter_id} from URL | |||||
condition | by id | DB.condition.context.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
service request | by id | DB.service_request.encounter.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
diagnostic_report | by id | DB.diagnostic_report.encounter.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
procedure | by id | DB.procedure.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
|
|
|
| |||
|
| |||||
|
|
|
| |||
|
| |||||
@rule_9 @read @encounter @observation @condition @service_request @diagnostic_report Scenario: Doctor with active approval can read data, originated by the episode Given Active approval on episode When I require read access Then I can read | not implemented yet | |||||
@rule_10 @read @observation Scenario: Doctor can read all the data of diagnostic report created in the doctors MSP Given Diagnostic report context has been originated by mine MSP When I require read access Then I can read | Based on diagnostic report | observation | by id | diagnostic_report | diagnostic_report.managing_organization==token.client_id | DB.observation.diagnostic_report.managing_organization |
by search params | Search param {diagnostic_report_id} from URL | |||||
@rule_11 @read @observation Scenario: Doctor with active approval can read all the data of specified in approval diagnostic report Given Active approval on diagnostic report When I require read access Then I can read | Based on diagnostic report | observation | by id | diagnostic_report | There is an active approval on the diagnostic report granted to the employee (one of user's employee) in MongoDB | DB.observation.diagnostic_report |
by search params | Search param {diagnostic_report_id} from URL | |||||
@rule_12 @read @care_plan @activity @medication_request @medication_request_request Scenario: Doctor with active approval can read the data associated with the care plan. Given Active approval on care_plan When I require read access Then I can read | Based on care plan | care_plan | by id | care_plan | There is an active approval (access_level=read) on the care_plan granted to the employee (one of user's employee) in MongoDB | DB.care_plan.id=approvals.granted_resources[].value |
activity | by id | care_plan_id from URL (path) DB.activities.care_plan[].id=approvals.granted_resources[].value | ||||
by search params | ||||||
medication_request_requests | by search params | care_plan_id from URL (path) DB.medication_request_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
medication_requests | by search params | care_plan_id from URL (path) DB.medication_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
medication_dispense | by id | care_plan + patient_id | care_plan_id & patient_id from URL (path) | |||
by search params (Search Medication dispenses by Medication request ID) | ||||||
@rule_13 @write @care_plan @activity @medication_request @medication_request_request Scenario: Doctor with active approval can write the data associated with the care plan. Given Active approval on care_plan When I require write access Then I can write | Based on care plan | care_plan | by id | care_plan | There is an active approval (access_level=write) on the care_plan granted to the employee (one of user's employee) in MongoDB | DB.care_plan.id=approvals.granted_resources[].value |
complete | ||||||
cancel | ||||||
activity | by id | care_plan_id from URL (path) DB.activities.care_plan[].id=approvals.granted_resources[].value | ||||
by search params | ||||||
create | ||||||
complete | ||||||
cancel | ||||||
medication_request_requests | by search params | care_plan_id from URL (path) DB.medication_request_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
medication_requests | by search params | care_plan_id from URL (path) DB.medication_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
medication_dispense | by id | care_plan + patient_id | care_plan_id & patient_id from URL (path) | |||
by search params (Search Medication dispenses by Medication request ID) | ||||||
@rule_14 @read @service_request @encounter @diagnostic_report @procedure @medication_dispense Scenario: User with active approval on the care plan can read the data based on this care plan. Given Entity based on care_plan And Active approval on care_plan When I require read access Then I can read | Based on care plan | service_request | by id | care_plan | There is an active approval (access_level=read/write) on the care_plan granted to the employee (one of user's employee) in MongoDB | DB.service_request.based_on.care_plan[].id=approvals.granted_resources[].value |
by search params | care_plan_id from URL (search param) DB.service_request.based_on.care_plan[].id=approvals.granted_resources[].value | |||||
encounter | by id | care_plan_id from URL (search param) DB.based_on.service_requests.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
diagnostic_report | by id | |||||
procedure | by id |
...