Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: User with episode approval receives access: HP

Ruels 

92122232425 aproval Combination of rules
#DescriptionRouteInputExpected resultActual ResultStatus
1Scope validation
token without scope "episode:read"403403passed
2

Data consistency validation: get entity by id using wrong episode id

{{host}}/api/patients/{{patient_id}}/episodes/{{WRONG_episode_id}}/encounters/encounter_id
404200FAILED
3Data consistency validation: get entities by search params using wrong episode id{{host}}/api/patients/{{patient_id}}/episodes/{{WRONG_episode_id}}/encounters?
404200FAILED
4User with active declaration receives access: HPepisode by iddoctor
with an active declaration
from third-party LE, no approval
200



45episode by search params
200



56encounter by id
200

67encounter by search params
200

78encounter by id via episode context
200

89encounter by search params via episode context
200
list filtered

10condition by id
200

1011condition by search params
200

1112condition by id via episode context
200

1213condition by search params via episode context
200
list filtered


1314observation by id
200

1415observation by search params
200

1516observation by id via episode context
200

1617observation by search params via episode context
200
list filtered


1718immunization by id
200

1819immunization by search params
200

1920immunization by id via episode context
200

2021immunization by search params via episode context
200
list filtered

22allergy_intolerance by id
200
BLOCKED by AI creation bug
23allergy_intolerance by search params
200
BLOCKED by AI creation bug
24allergy_intolerance by id via episode context
200
BLOCKED by AI creation bug
25allergy_intolerance by search params via episode context

200

list filtered


BLOCKED by AI creation bug
26User with episode approval receives access: HP
  1. episode by id
  2.  encounter by id episode context

3. encounter by search params episode context

4. condition by id episode context

5. condition by search params episode context

6. observation by id episode context

7. observation by search params episode context

8. AI by id episode context

9. AI by search params episode context

10. Immunization by id episode context

11. Immunization by search params episode context

doctor
without an active declaration
from third-party LE
having approval
262728
  1. 403  "message": "Access denied - you have no active declaration with the patient",
  2. +
  3. +
  4. +
  5. -
  6. +
  7. -
  8. +
  9. -
  10. +
  11. -

Failed
27User with episode approval try to receive access: approval expired

403 
access denied

BLOCKED by approval creation bug
28User with episode approval try to receive access: no episode matches

403 
access denied

BLOCKED by approval creation bug
29User from the same LE receives access: HP1-22doctor without an active declaration  from managing_organization, no approval29200403 
access denied
FAILED
30User with no permissions 1-22
403 
access denied
403 
access denied
passed

...