Implement location/role based AccessChecker #103
Comments
bashir2
added
enhancement
|
Thanks @vivekmittal07 for filing this; do you mind separating this to at least two (or maybe more) issues to make them more fine-grained. For example, the requirement/design doc can be a separate issue and based on that we can have 2-3 other tickets for the implementation. Please also add a little bit of context to the main issue description. |
|
Marking as new, since this is blocked on #105. |
|
Moving to backlog until we clarify what the plugin should look like (and it is generic enough). |
|
Discussing this further with @vivekmittal07 and the team, it seems it is unlikely to implement something that is generic enough to be used out-of-the-box by any implementer. So this would serve only as another example. We decided this is not a Beta launch blocker. |
|
Providing something usable out-of-the-box, or at least that was a potential
stretch to if possible while providing a meaningful example that developers
could look at as a reference example for their own policies - which was the
actual main goal
Without this, I think it will be very hard for developers to grasp and see
here.
Do we have such an example today? And if not, what would be an alternate,
meaningful proposal after the research and investigation that has already
been done?
…On Mon, Mar 27, 2023, 8:48 AM Bashir Sadjad ***@***.***> wrote:
Discussing this further with @vivekmittal07
<https://github.com/vivekmittal07> and the team, it seems it is unlikely
to implement something that is generic enough to be used out-of-the-box by
any implementer. So this would serve only as another example. We decided
this is not a Beta launch blocker.
—
Reply to this email directly, view it on GitHub
<#103 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADBU37TMRL2ITJ43Z6Y3KTLW6GZDHANCNFSM6AAAAAAU3ID6BQ>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
|
Based on that I still believe this to be a beta blocker for viability of
the FHIR gateway. But I was not at the discussion.
On Mon, Mar 27, 2023, 8:59 AM Justin Jesada Tansuwan ***@***.***>
wrote:
… Providing something usable out-of-the-box, or at least that was a
potential stretch to if possible while providing a meaningful example that
developers could look at as a reference example for their own policies -
which was the actual main goal
Without this, I think it will be very hard for developers to grasp and see
here.
Do we have such an example today? And if not, what would be an alternate,
meaningful proposal after the research and investigation that has already
been done?
On Mon, Mar 27, 2023, 8:48 AM Bashir Sadjad ***@***.***>
wrote:
> Discussing this further with @vivekmittal07
> <https://github.com/vivekmittal07> and the team, it seems it is unlikely
> to implement something that is generic enough to be used out-of-the-box by
> any implementer. So this would serve only as another example. We decided
> this is not a Beta launch blocker.
>
> —
> Reply to this email directly, view it on GitHub
> <#103 (comment)>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/ADBU37TMRL2ITJ43Z6Y3KTLW6GZDHANCNFSM6AAAAAAU3ID6BQ>
> .
> You are receiving this because you commented.Message ID:
> ***@***.***>
>
|
|
There are 2 possible goals for this -
We as a group think option 1 is more useful and also this will help with the FHIR Gateway adoption. Action items for beta
Post beta, it would be good to implement this to see if we can get IPRD to start using this. |
Any practical Healthcare solution needs some form of Role based access control and also limit the access based on the primary location, organization, careteam of a practitioner.
We should support a configurable access checker to ease onboarding process for our partners.
Blocked on
The text was updated successfully, but these errors were encountered: