ЕСОЗ - публічна документація
1RC_[UPD] ABAC rules
- 1 Rule: @rule_-2 | Action: @read | (GraphQL only)
- 2 Rule: @rule_-1 | Action: @read
- 3 Rule: @rule_0 | Action: @read
- 4 Rule: @rule_1 | Action: @read
- 5 Rule: @rule_2 | Action: @read
- 6 Rule: @rule_3 | Action: @read
- 7 Rule: @rule_4 | Action: @read
- 8 Rule: @rule_5 | Action: @read
- 9 Rule: @rule_6 | Action: @read
- 10 Rule: @rule_7 | Action: @read
- 11 Rule: @rule_8 | Action: @read
- 12 Rule: @rule_9 | Action: @read | NOT IMPLEMENTED YET
- 13 Rule: @rule_10 | Action: @read
- 14 Rule: @rule_11 | Action: @read
- 15 Rule: @rule_12 | Action: @read
- 16 Rule: @rule_13 | Action: @write
- 17 Rule: @rule_14 | Action: @read
- 18 Rule: @rule_15 | Action: @read
- 19 Rule: @rule_16 | Action: @read
Rule base type | Description |
---|---|
Based on declaration | Employee with an active declaration can access all the patient's medical data (including person's/preperson's medical data which were merged with person with active declaration) |
Based on managing organization | Employee can read entities, created in his MSP |
Based on context episode | Employee can read medical data, that was collected during an episode of care, that employee has access to. |
Based on diagnostic report | Employee can read medical data, that was collected as a part of a diagnostic report, managed by the employee's legal entity. |
Based on origin episode | Employee can read medical data, that was collected as a part of a diagnostic report or episode of care, that employee has access to. |
Based on care plan | Employee with active approval on the care plan can read or write the data based on this care plan |
Based on patient | Employee with active approval on the patient can read the data related to this patient (including person's/preperson's medical data which were merged with this patient) |
Rule: @rule_-2 | Action: @read | (GraphQL only) | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
NHS employee can read patient’s data if he has Justification for monitoring
Given Justification on monitoring patient's data given by the user (works only from Admin panel, graphql api) | Based on user token | episode | JustificationFilter schema | patient_id | person_id from JustificationFilter schema | There is an active token & an active justification |
encounter | ||||||
observation | ||||||
condition | ||||||
allergy_intolerance | ||||||
immunization | ||||||
risk_assessment | ||||||
device | ||||||
medication_statement | ||||||
medication_request | ||||||
medication_dispense | ||||||
service_request | ||||||
diagnostic_report | ||||||
procedure | ||||||
medication_administration | ||||||
care_plan | ||||||
activity |
Rule: @rule_-1 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read insensitive patient’s data When I require read access Then I can read | Based on user token | allergy_intolerance | by id |
|
| There is an active token for client_type.name != CABINET |
immunization | ||||||
risk_assessment | ||||||
device | ||||||
medication_statement | ||||||
specimen |
Rule: @rule_0 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Patient can read it's own data When I require read access Then I can read | Based on patient token | episode | by id |
| patient_id from URL | There is an active token given by Cabinet to a patient |
encounter | ||||||
observation | ||||||
condition | ||||||
allergy_intolerance | ||||||
immunization | ||||||
risk_assessment | ||||||
device | ||||||
medication_statement | ||||||
service_request | ||||||
diagnostic_report | ||||||
procedure | ||||||
medication_administration | ||||||
care_plan | ||||||
activity | ||||||
clinical_impression |
Rule: @rule_1 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active declaration can read all patient data (including merged persons/prepersons data) When I require read access Then I can read | Based on declaration and user token | episode | by id | person_id | person_id from URL | There is an active declaration between the patient and the employee in OPS from the MSP from token |
by search params | ||||||
encounter | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
observation | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
condition | by id | |||||
by search params | ||||||
by id in episode context | ||||||
by search params in episode context | ||||||
service_request | by id | |||||
by search params | ||||||
diagnostic_report | by id | |||||
by search params | ||||||
procedure | by id | |||||
by search params | ||||||
medication_administration | by id | |||||
by search params | ||||||
care_plan | by id | |||||
activity | by id | |||||
by search params | ||||||
approval | by id | |||||
by search params | ||||||
clinical_impression | by id | |||||
by search params | ||||||
medication_request_request & medication_request & | by id | |||||
by search params | ||||||
device_request | ||||||
device_dispense | ||||||
device | by search params | |||||
by id (details in person context) | ||||||
device_association | by search params | |||||
by id (details in person context) | ||||||
detected_issue | by search params | |||||
by id (details in person context) |
Rule: @rule_2 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read entity created in the employee's MSP When I require read access Then I can read | Based on managing organization | service_request | by id | requester_legal_entity | DB.service_request.managing_organization | managing_organization==id |
by search param | search param {managing_organization} from URL | managing_organization (requester_legal_entity)==token.client_id | ||||
episode | by id | managing_organisation | DB.episode.managing_organization OR DB.diagnostic_report.managing_organization | managing_organization==id | ||
by search param | search param {requester_legal_entity} from URL | managing_organization (requester_legal_entity)==token.client_id | ||||
care_plan | managing_organisation | DB.care_plan.managing_organization | managing_organization ==token.client_id | |||
activity | managing_organisation | DB.care_plan.managing_organization | ||||
search param {managing_organization_id} from URL | ||||||
medication_request_request & medication_request | by id | legal_entity | search param {legal_entity_id} from URL | legal_entity_id==id | ||
by search param | legal_entity_id ==token.client_id | |||||
medication_dispense | by id (details in person context) | legal_entity | search param {legal_entity_id} from URL | legal_entity_id==id | ||
by search params (by MR id) | legal_entity_id ==token.client_id | |||||
device_request | requester_legal_entity | search param {requester_legal_entity} from URL | requester_legal_entity==token.client_id | |||
DB.device_requests.requester_legal_entity | requester_legal_entity==token.client_id | |||||
device_dispenses | performer_legal_entity | search param {performer_legal_entity} from URL | performer_legal_entity==token.client_id | |||
DB.device_requests.performer_legal_entity | performer_legal_entity==token.client_id | |||||
device | by search params | recorder_legal_entity | search param {recorder_legal_entity} from URL | recorder_legal_entity==token.client_id | ||
by id | DB.devices.recorder_legal_entity | recorder_legal_entity==token.client_id | ||||
device_association | by search params | recorder_legal_entity | search param {recorder_legal_entity} from URL | recorder_legal_entity==token.client_id | ||
by id | DB.device_associations.recorder_legal_entity | recorder_legal_entity==token.client_id | ||||
detected_issue | by search params | recorder_legal_entity | search param {recorder_legal_entity} from URL | recorder_legal_entity==token.client_id | ||
by id | DB.detected_issues.recorder_legal_entity | recorder_legal_entity==token.client_id |
Rule: @rule_3 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data of episodes created in the employee's MSP Given Episode context has been created on my MSP When I require read access Then I can read | Based on context episode | encounter | by id | episode | DB.encounter.episode | episode.managing_organization==token.client_id |
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
observation | by id | DB.observation.episode | context_episode_id.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
condition | by id | DB.condition.episode | context_episode_id.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
service_request | by id | DB.service_request.encounter.episode | service_request.encounter.episode.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
diagnostic_report | by id | DB.diagnostic_report.encounter.episode | diagnostic_report.encounter.episode.managing_organization==token.client_id | |||
by search params | context_episode_id from URL (path) | episode.managing_organization==token.client_id | ||||
procedure | by id | DB.procedures.encounter.episode | procedures.encounter.episode.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
medication_administration | by id | IF context is encounter THEN: | medication_administration.encounter.episode.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
device | by id | DB.devices.context_episode_id | devices.context_episode_id.managing_organization==token.client_id | |||
by search params | search param {context_episode_id} from URL | episode.managing_organization==token.client_id | ||||
risk_assessment | by id | IF context is encounter THEN: | risk_assessments.encounter.episode.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
medication_statement | by id | IF context is encounter THEN: | medication_statements.encounter.episode.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
immunization | by id | IF context is encounter THEN: | immunizations.encounter.episode.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
allergy_intolerance | by id | IF context is encounter THEN: | allergy_intolerances.encounter.episode.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
medication_request | by id | DB.medication_request.context_episode_id | medication_requests.context_episode_id.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
medication_dispense | by id | DB.medication_request.context_episode_id | medication_dispenses.medication_requests.context_episode_id.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
medication_request_request | by id | DB.medication_request_request.context_episode_id | medication_request_requests.context_episode_id.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
clinical_impression | by id | DB.clinical_impression.context_episode_id | clinical_impressions.context_episode_id.managing_organization==token.client_id | |||
by search params | search param {episode_id} from URL | episode.managing_organization==token.client_id | ||||
device_request | search param {context_episode_id} from URL | episode.managing_organization==token.client_id | ||||
DB.device_requests.context_episode_id | device_requests.context_episode_id.managing_organization==token.client_id | |||||
device_dispense | search param {context_episode_id} from URL | episode.managing_organization==token.client_id | ||||
DB.device_dispenses.context_episode_id | device_dispenses.context_episode_id.managing_organization==token.client_id | |||||
device_association | by search params | search param {context_episode_id} from URL | episode.managing_organization==token.client_id | |||
by id | DB.device_associations.context_episode_id | device_associations.context_episode_id.managing_organization==token.client_id | ||||
detected_issue | by search params | search param {context_episode_id} from URL | episode.managing_organization==token.client_id | |||
by id | DB.detected_issues.context_episode_id | detected_issues.context_episode_id.managing_organization==token.client_id |
Rule: @rule_4 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval can read all the data (including merged persons/prepersons data) of specified in approval patient Given Active approval on patient When I require read access Then I can read | Based on patient_id
| episode | patient_id
| patient_id OR person_id from URL
| There is an active approval on patient’s data granted to the employee (one of user's employee) in MongoDB
| |
encounter | ||||||
observation | ||||||
condition | ||||||
service_request | ||||||
procedure | ||||||
diagnostic_report | ||||||
care_plan | ||||||
activity | ||||||
medication_request | by id | |||||
by search params | ||||||
medication_request_request | by id | |||||
by search params | ||||||
medication_dispense | by id (details in person context) | |||||
by search params (by MR id) | ||||||
clinical_impression | by id | |||||
by search params | ||||||
device_request | ||||||
device_dispense | ||||||
device | by search params | |||||
by id | ||||||
short devices by search params | ||||||
short devices by id | ||||||
device_association | by search params | |||||
by id | ||||||
detected_issue | by search params | |||||
by id |
Rule: @rule_5 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval or employees from legal_entity with active approval can read all the data of specified in approval episodes Given Active approval on episode When I require read access Then I can read | Based on context episode | episode | by id | episode | There is an active approval on the episode granted to the employee (one of user's employee) OR to the legal_entity (one of legal_entity's employee) in MongoDB | |
encounter | by id | DB.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
observation | by id | DB.observation.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
condition | by id | DB.condition.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
service request | by id | DB.service_requset.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
by id in episode context | episode_id from URL (path) | |||||
by search params in episode context | ||||||
diagnostic_report | by id | DB.diagnostic_report.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
medication_administration | by id | IF context is encounter THEN: | ||||
by search params | search param {episode_id} from URL | |||||
procedure | by id | DB.procedures.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
medication_request & medication_dispense | by id | DB.medication_request.context_episode_id | ||||
by search params | search param {episode_id} from URL | |||||
medication_request_request | by id | DB.medication_request_request.context_episode_id | ||||
by search params | search param {episode_id} from URL | |||||
clinical_impression | by id | DB.clinical_impression.context_episode_id | ||||
by search params | search param {episode_id} from URL | |||||
device_request | search param {context_episode_id} from URL | |||||
DB.device_requests.context_episode_id | ||||||
device_dispense | search param {context_episode_id} from URL | |||||
DB.device_dispenses.context_episode_id | ||||||
device | by search params | search param {context_episode_id} from URL | ||||
by id | DB.devices.context_episode_id | |||||
device_association | by search params | search param {context_episode_id} from URL | ||||
by id | DB.device_associations.context_episode_id | |||||
detected_issue | by search params | search param {context_episode_id} from URL | ||||
by id | DB.detected_issues.context_episode_id |
Rule: @rule_6 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read entity originated by episode created in the employee's MSP Given Entity has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | encounter | by id | origin_episode | DB.encounter.origin_episode | origin_episode.managing_organization==token.client_id |
by search params | Search param {origin_episode_id} from URL | |||||
diagnostic repost | by id | DB.diagnostic_report.origin_episode | ||||
by search params | Search param {origin_episode_id} from URL | |||||
procedures | by id | DB.procedures.encounter.episode | ||||
by search params | search param {episode_id} from URL | |||||
device_dispense | Search param {origin_episode_id} from URL | |||||
DB.device_dispense.origin_episode_id |
Rule: @rule_7 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data of diagnostic report originated by episode created in the employee's MSP Given Diagnostic report context has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | observation | by id | diagnostic_report | DB.observation.diagnostic_report.origin_episode | origin_episode.managing_organization==token.client_id |
by search params | Search param {diagnostic_report_id} from URL |
Rule: @rule_8 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data of encounter originated by episode created in the employee's MSP Given Encounter context has been originated by mine MSP episode When I require read access Then I can read | Based on origin episode | observation | by id | encounter | DB.observation.context.origin_episode | origin_episode.managing_organization==token.client_id |
by search params | Search param {encounter_id} from URL | |||||
condition | by id | DB.condition.context.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
diagnostic_report | by id | DB.diagnostic_report.encounter.origin_episode | ||||
by search params | Search param {encounter_id} from URL | |||||
medication_administration | by id | IF context is encounter THEN: | ||||
by search params | search param {encounter_id} from URL | |||||
procedure | by id | DB.procedures.encounter.episode | ||||
by search params | search param {encounter_id} from URL | |||||
device_dispense | Search param {encounter_id} from URL | |||||
DB.device_dispense.encounter.origin_episode_id |
Rule: @rule_9 | Action: @read | NOT IMPLEMENTED YET | ||||||
Scenario: | Base | Resource | Routes | Context | Source of context | Logic |
Employee with active approval can read data, originated by the episode Given Active approval on patient When I require read access Then I can read |
| encounter |
|
|
|
|
| observation |
|
|
|
| |
| condition |
|
|
|
| |
| service_request |
|
|
|
| |
| diagnostic_report |
|
|
|
|
Rule: @rule_10 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee can read all the data of diagnostic report created in the employee's MSP Given Diagnostic report context has been originated by mine MSP When I require read access Then I can read | Based on diagnostic report | observation | by id | diagnostic_report | DB.observation.diagnostic_report.managing_organization | diagnostic_report.managing_organization==token.client_id |
by search params | Search param {diagnostic_report_id} from URL |
Rule: @rule_11 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval or employees from legal_entity with active approval can read all the data of specified in approval diagnostic report Given Active approval on diagnostic report When I require read access Then I can read | Based on diagnostic report | observation | by id | diagnostic_report | DB.observation.diagnostic_report.managing_organization | There is an active approval on the diagnostic report granted to the employee (one of user's employee) OR to the legal_entity (one of legal_entity's employee) in MongoDB |
by search params | Search param {diagnostic_report_id} from URL |
Rule: @rule_12 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval can read the data associated with the care plan Given Active approval on care_plan When I require read access Then I can read | Based on care plan | care_plan | by id | care_plan | DB.care_plan.id=approvals.granted_resources[].value | There is an active approval (access_level=read) on the care_plan granted to the employee by the patient (one of user's employee) in MongoDB |
activity | by id | care_plan_id & patient_id from URL (path) | ||||
by search params | ||||||
medication_request_request | by id | care_plan_id & patient_id from URL (path) | ||||
by search params | ||||||
medication_request | by id | care_plan_id & patient_id from URL (path) | ||||
by search params | ||||||
medication_dispense | by id | care_plan_id & patient_id from URL (path) | ||||
by search params | ||||||
device_request | by id | DB.device_request.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
by search params | care_plan & patient_id from URL (path)=approvals.granted_resources[].value.care_plan |
Rule: @rule_13 | Action: @write | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval can write the data associated with the care plan Given Active approval on care_plan When I require write access Then I can write | Based on care plan | care_plan | by id | care_plan | DB.care_plan.id=approvals.granted_resources[].value | There is an active approval (access_level=write) on the care_plan granted to the employee by the patient (one of user's employee) in MongoDB |
activity | by id | care_plan_id & patient_id from URL (path) | ||||
by search params | ||||||
medication_request_request | by id | care_plan_id & patient_id from URL (path) | ||||
by search params | ||||||
medication_request | by id | care_plan_id & patient_id from URL (path) | ||||
by search params | ||||||
medication_dispense | by id | care_plan_id & patient_id from URL (path) | ||||
by search params | ||||||
device_request | by id | DB.device_request.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
by search params | care_plan & patient_id from URL (path)=approvals.granted_resources[].value.care_plan |
Rule: @rule_14 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval on the care plan can read the data based on this care plan Given Entity based on care_plan When I require read access Then I can read | Based on care plan | service_request | by id | care_plan (based_on) | DB.service_request.based_on.care_plan[].id=approvals.granted_resources[].value | There is an active approval (access_level=read/write) on the care_plan granted to the employee by the patient (one of user's employee) in MongoDB |
by search params | care_plan | care_plan_id from URL (search param) & patient_id from path | ||||
encounter | by id | care_plan (based_on service_request) | DB.encounter.based_on.service_request.based_on.care_plan[].id=approvals.granted_resources[].value | |||
diagnostic_report | by id | DB.diagnostic_report.based_on.service_request.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
procedure | by id | DB.procedure.based_on.service_request.based_on.care_plan[].id=approvals.granted_resources[].value | ||||
|
| device_dispense | care_plan (based_on device_request) | DB.device_dispense.based_on.device_request.based_on.care_plan[].id=approvals.granted_resources[].value |
|
Rule: @rule_15 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with verified unexpired approval on procedure can read all the data of this procedure Given Active approval on procedure When I require read access Then I can read | Based on procedure | procedure | by id | procedure | DB.procedures._id | There is a verified unexpired approval on procedure granted to the employee (one of user's employee) in MongoDB |
Rule: @rule_16 | Action: @read | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active approval can read all the data (including merged persons/prepersons data) of specified in approval resource types that relates to patient Given Active approval on resource type(s) When I require read access Then I can read | Based on patient_id
| device
| by search params | patient_id
| patient_id from URL resource_type from URL | There is an active approval on resource type granted to the employee (one of user's employee) in MongoDB
|
by id | patient_id from URL resource_type from URL | |||||
device_association | by search params | patient_id from URL resource_type from URL | ||||
by id | patient_id from URL resource_type from URL | |||||
detected_issue | by search params | patient_id from URL resource_type from URL | ||||
by id | patient_id from URL resource_type from URL |
- all routes need to have patient_id in context as an core parameter
ЕСОЗ - публічна документація