Interface IAuthRuleBuilderRule

    • Method Detail

      • createConditional

        IAuthRuleBuilderRuleConditional createConditional()
        This rule applies to create operations with a conditional URL as a part of the request. Note that this rule will allow the conditional operation to proceed, but the server is expected to determine the actual target of the conditional request and send a subsequent event to the AuthorizationInterceptor in order to authorize the actual target.

        In other words, if the server is configured correctly, this chain will allow the client to perform a conditional update, but a different rule is required to actually authorize the target that the conditional update is determined to match.

      • deleteConditional

        IAuthRuleBuilderRuleConditional deleteConditional()
        This rule applies to create operations with a conditional URL as a part of the request. Note that this rule will allow the conditional operation to proceed, but the server is expected to determine the actual target of the conditional request and send a subsequent event to the AuthorizationInterceptor in order to authorize the actual target.

        In other words, if the server is configured correctly, this chain will allow the client to perform a conditional update, but a different rule is required to actually authorize the target that the conditional update is determined to match.

      • read

        IAuthRuleBuilderRuleOp read()
        This rule applies to any FHIR operation involving reading, including read, vread, search, and history
      • transaction

        IAuthRuleBuilderRuleTransaction transaction()
        This rule applies to the FHIR transaction operation. Transaction is a special case in that it bundles other operations. This permission also allows FHIR batch to be performed.
      • updateConditional

        IAuthRuleBuilderRuleConditional updateConditional()
        This rule applies to update operations with a conditional URL as a part of the request. Note that this rule will allow the conditional operation to proceed, but the server is expected to determine the actual target of the conditional request and send a subsequent event to the AuthorizationInterceptor in order to authorize the actual target.

        In other words, if the server is configured correctly, this chain will allow the client to perform a conditional update, but a different rule is required to actually authorize the target that the conditional update is determined to match.

      • create

        IAuthRuleBuilderRuleOp create()
        This rule specifically allows a user to perform a FHIR create, but not an update or other write operations
        Since:
        4.1.0
        See Also:
        write()