Anonymous access policy

HadleyLab · Oct 11, 2024 · cbf1e0a · cbf1e0a
1 parent eb33296
commit cbf1e0a
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 29 deletions.
diff --git a/resources/seeds/AccessPolicy/anonymous.yaml b/resources/seeds/AccessPolicy/anonymous.yaml
@@ -1,11 +1,11 @@
 or:
   - engine: matcho
     matcho:
-      uri: /fhir/Questionnaire/patient-create/$assemble
+      uri: /fhir/Questionnaire/patient-create
       request-method: get
   - engine: matcho
     matcho:
-      uri: /fhir/Questionnaire/set-password/$assemble
+      uri: /fhir/Questionnaire/set-password
       request-method: get
   - engine: matcho
     matcho:
@@ -18,11 +18,36 @@ or:
   - engine: matcho
     matcho:
       uri: /fhir/User
-      request-method: patch
       params:
-       .data.reset_token: string?
+        .data.reset_token: string?
+      request-method: patch
   - engine: matcho
     matcho:
       uri: /fhir/
       request-method: post
+  - engine: matcho
+    matcho:
+      params:
+        resource/type: Patient
+      operation:
+        id: FhirCreate
+        resourceType: Operation
+  - engine: matcho
+    matcho:
+      params:
+        password: nil?
+        resource/type: User
+      operation:
+        id: FhirCreate
+        resourceType: Operation
+  - engine: matcho
+    matcho:
+      body:
+        id: nil?
+        name: patient
+      params:
+        resource/type: Role
+      operation:
+        id: FhirCreate
+        resourceType: Operation
 engine: complex
diff --git a/zenproject/zrc/system.edn b/zenproject/zrc/system.edn
@@ -90,31 +90,8 @@
  access-policies
  {:zen/tags  #{aidbox/service}
   :engine    aidbox/seed-v2
-  :resources {:AccessPolicy {:test-wildcard-policy {:engine "allow" :link [{:resourceType "User"}]}
-                             :admin-policy {:engine "allow"
-                                            :roleName "admin"}
-                             :practitioner-policy {:engine "allow"
-                                                   :roleName "practitioner"}
-                             :patient-role-policy {:engine "allow"
-                                                   :roleName "patient"}
-                             :receptionist-role-policy {:engine "allow"
-                                                        :roleName "receptionist"}
-                             :twofawebhookaccess
-                             {:engine "allow"
-                              :link [{:resourceType "Client" :id "twofawebhook"}]}
-                             :public-appointment-policy
-                             {:engine "allow"
-                              :link [{:resourceType "Client" :id "anonymous"}]}
-                             :patient-questionnaire-policy
-                             {:engine "allow"
-                              :link [{:resourceType "Client" :id "patient-questionnaire"}]}
-                             :federated-identity-signin {:engine "json-schema"
-                                                         :schema {:required ["jwt"]
-                                                                  :properties {:jwt {:required ["iss", "aud", "sub"]
-                                                                                     :properties {:iss {:const "https://ingest.emr.beda.software"}
-                                                                                                  :aud {:type "array", :maxItems 2, :minItems 1, :items {:enum ["software.beda.emr", "software.beda.fhirmhealth.fhirmhealth"], :type "string"}}
-                                                                                                  :sub {:type "string"
-                                                                                                        :minLength 1}}}}}}}}}
+  :resources {:AccessPolicy {:admin-policy {:engine "allow"
+                                            :roleName "admin"}}}}
 
  encounter-participant-display
  {:zen/tags #{aidbox.search-parameter.v1/search-parameter}