IAuthRuleBuilderOperationNamedAndScoped (HAPI FHIR - Server Framework 6.11.5-SNAPSHOT API)

public interface IAuthRuleBuilderOperationNamedAndScoped

Method Summary

Modifier and Type

Method

Description

IAuthRuleBuilderRuleOpClassifierFinished

andAllowAllResponses()

Responses for this operation will not be checked

IAuthRuleBuilderRuleOpClassifierFinished

andAllowAllResponsesWithAllResourcesAccess()

Responses for this operation will not be checked and access to all resources is allowed.

IAuthRuleBuilderRuleOpClassifierFinished

andRequireExplicitResponseAuthorization()

Responses for this operation must be authorized by other rules.

Method Details
- andAllowAllResponses
  
  IAuthRuleBuilderRuleOpClassifierFinished andAllowAllResponses()
  
  Responses for this operation will not be checked
- andAllowAllResponsesWithAllResourcesAccess
  
  IAuthRuleBuilderRuleOpClassifierFinished andAllowAllResponsesWithAllResourcesAccess()
  
  Responses for this operation will not be checked and access to all resources is allowed. This is intended for operations which are known to fetch a graph of resources that is known to be safe, such as `$everything` which may access and fetch resources outside the patient's compartment but enforces safety in what it fetches via strict SQL queries.
- andRequireExplicitResponseAuthorization
  
  IAuthRuleBuilderRuleOpClassifierFinished andRequireExplicitResponseAuthorization()
  
  Responses for this operation must be authorized by other rules. For example, if this rule is authorizing the Patient $everything operation, there must be a separate rule (or rules) that actually authorize the user to read the resources being returned