ЕСОЗ - публічна документація
RCC (CSI-2792) ABAC rules_EN
- Natalia Horodytska (SoE eHealth)
Rule: @rule_13 | Action: @write | ||||||
Scenario: | Base | Resource | Routes | Context* | Source of context | Logic |
Employee with active write approval can write the data associated with the care plan Given Active write approval on care_plan When I require write access Then I can write | Based on care plan | care_plan | by id | care_plan | DB.care_plan.id=approvals.granted_resources[].value | There is an active approval (access_level=write) on the care_plan granted to the employee by the patient (one of user's employee) in MongoDB |
activity | by id | care_plan | care_plan_id & patient_id from URL (path) | |||
by search params | ||||||
medication_request_request | by id | care_plan | care_plan_id & patient_id from URL (path) | |||
by search params | ||||||
medication_request | by id | care_plan | care_plan_id & patient_id from URL (path) | |||
by search params | ||||||
medication_dispense | by id | care_plan | care_plan_id & patient_id from URL (path) | |||
by search params | ||||||
ЕСОЗ - публічна документація