Rule | Base | Resource | Routes | Context | Logic | Source of context |
---|
|
|
|
|
|
|
|
@rule_0 @episode @encounter @observation @condition@service_request @diagnostic_report @procedures @allergy_intolerance @immunization @risk_assessment @device @medication_statement @procedure @medication_administration |
|
| Scenario: Patient can read it's own data |
| Given Patient has access_token given by Cabinet |
| When I require read access |
| Then I can read |
| Based on patient token |
| by id | patient_id | There is an active token given by Cabinet to a patient |
|
by search params |
@rule_1 @read @episode @encounter @observation @condition @service_request @diagnostic_report @procedures
|
| Scenario: Doctor with active declaration can read all patient data |
| Given Active declaration with patient |
| And declaration from the same MSP |
| When I require read access |
| Then I can read |
| Based on declaration
| episode | by id | patient_id
| There is an active declaration between the patient and the doctor in OPS
| patient_id from URL
|
by search params |
encounter
| by id |
by search params |
by id in episode context |
by search params in episode context |
observation
| by id |
by search params |
by id in episode context |
by search params in episode context |
condition | by id |
by search params |
by id in episode context |
by search params in episode context |
service_request | by id |
by search params |
diagnostic_report | by id |
by search params |
procedures | by search params |
|
|
|
|
|
|
|
@rule_2 @read @episode @service_request @diagnostic_report @procedures
|
| Scenario: Doctor can read entity created in the doctors MSP |
| Given Entity has been created on my MSP |
| When I require read access |
| Then I can read |
| Based on managing organization
| episode | by id | episode | managing_organization==token.client_id
| DB.episode.managing_organization |
by search params | search param {managing_organization} from URL |
service_request
| by id | service request | DB.service_request.managing_organization |
by search params | search param {requester_legal_entity} from URL |
diagnostic_report | by id | diagnostic_report | DB.diagnostic_report.managing_organization |
by search params | search param {managing_organization} from URL |
procedures | by search params | managing_organization | search param {managing_organization} from URL |
|
|
|
|
|
|
|
@rule_3 @read @encounter @observation @condition @service_request @diagnostic_report |
| Scenario: Doctor can read all the data of episodes created in the doctors MSP |
| Given Episode context has been created on my MSP |
| When I require read access |
| Then I can read |
| Based on context episode | encounter | by id | episode
| episode.managing_organization==token.client_id
| DB.encounter.episode |
by search params | search param {episode_id} from URL |
by id in episode context | episode_id from URL (path) |
by search params in episode context |
observation | by id | DB.observation.episode |
by search params | search param {episode_id} from URL |
by id in episode context | episode_id from URL (path) |
by search params in episode context |
condition | by id | DB.condition.episode |
by search params | search param {episode_id} from URL |
by is in episode context | episode_id from URL (path) |
by search params in episode context |
service_request | by id | DB.service_request.encounter.episode.managing_organization |
by search params | search param {episode_id} from URL |
by id in episode context | episode_id from URL (path) |
diagnostic_report | by id | DB.diagnostic_report.encounter.episode.managing_organization |
by search params | context_episode_id from URL (path) |
|
|
|
|
|
|
|
@rule_4 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @medication_administration |
| Scenario: Doctor with active approval can read all the data of specified in approval patient |
| Given Active approval on patient |
| When I require read access |
| Then I can read |
| not implemented yet |
|
|
|
|
|
|
|
|
|
|
|
|
@rule_5 @read @episode @encounter @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration |
| Scenario: Doctor with active approval can read all the data of specified in approval episodes |
| Given Active approval on episode |
| When I require read access |
| Then I can read |
| Based on context episode
| episode | by id | episode
| There is an active approval on the episode granted to the employee (one of user's employee) in MongoDB
| DB.episode.id |
encounter
| by id | DB.encounter.episode |
by search params | search param {episode_id} from URL |
by id in episode context | episode_id from URL (path) |
by search params in episode context |
observation
| by id | DB.observation.episode |
by search params | search param {episode_id} from URL |
by id in episode context | episode_id from URL (path) |
by search params in episode context |
condition
| by id | DB.condition.episode |
by search params | search param {episode_id} from URL |
by id in episode context | episode_id from URL (path) |
by search params in episode context |
service request
| by id | DB.service_requset.encounter.episode |
by search params | search param {episode_id} from URL |
by id in episode context | episode_id from URL (path) |
diagnostic report | by id | DB.diagnostic_report.encounter.episode |
by search params | search param {episode_id} from URL |
procedure | by id | DB.procedures.encounter.episode |
by search params | search param {episode_id} from URL |
|
|
|
|
|
|
|
@rule_6 @read @diagnostic_report @encounter @procedure |
| Scenario: Doctor can read entity originated by episode created in the doctors MSP |
| Given Entity has been originated by mine MSP episode |
| When I require read access |
| Then I can read |
| Based on origin episode
| encounter | by id | origin_episode
| origin_episode.managing_organization==token.client_id
| DB.encounter.origin_episode |
by search params | Search param {origin_episode_id} from URL |
diagnostic repost | by id | DB.diagnostic_report.origin_episode |
by search params | Search param {origin_episode_id} from URL |
procedures | by search params | DB.diagnostic_report.origin_episode |
|
|
|
|
|
|
|
@rule_7 @read @observation |
| Scenario: Doctor can read all the data of diagnostic report originated by episode created in the doctors MSP |
| Given Diagnostic report context has been originated by mine MSP episode |
| When I require read access |
| Then I can read |
| Based on origin episode | observation | by id | diagnostic_report | origin_episode.managing_organization==token.client_id | DB.observation.diagnostic_report.origin_episode |
by search params | Search param {diagnostic_report_id} from URL |
|
|
|
|
|
|
|
@rule_8 @read @observation @condition @allergy_intolerance @immunization @risk_assessment @device @medication_statement @service_request @diagnostic_report @procedure @medication_administration |
| Scenario: Doctor can read all the data of encounter originated by episode created in the doctors MSP |
| Given Encounter context has been originated by mine MSP episode |
| When I require read access |
| Then I can read |
| Based on origin episode | observation | by id | encounter
| origin_episode.managing_organization==token.client_id
| DB.observation.context.origin_episode |
by search params | Search param {encounter_id} from URL |
condition | by id | DB.condition.context.origin_episode |
by search params | Search param {encounter_id} from URL |
service request | by id | DB.service_request.encounter.origin_episode |
by search params | Search param {encounter_id} from URL |
diagnostic_report | by id | DB.diagnostic_report.encounter.origin_episode |
by search params | Search param {encounter_id} from URL |
procedure | by id | DB.procedure.origin_episode |
by search params | Search param {encounter_id} from URL |
|
|
|
|
|
|
|
@rule_9 @read @encounter @observation @condition @service_request @diagnostic_report |
| Scenario: Doctor with active approval can read data, originated by the episode |
| Given Active approval on episode |
| When I require read access |
| Then I can read |
| Based on origin episode |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|