Medplum

{ "name": "AccessPolicy", "location": "medplum", "description": "Access Policy for user or user group that defines how entities can or cannot access resources.", "properties": [ { "name": "AccessPolicy", "depth": 0, "types": [ { "datatype": "" } ], "path": "AccessPolicy", "min": 0, "max": "*", "short": "Access Policy for user or user group that defines how entities can or cannot access resources.", "definition": "Access Policy for user or user group that defines how entities can or cannot access resources.", "comment": "", "inherited": false }, { "name": "id", "depth": 1, "types": [ { "datatype": "string" } ], "path": "AccessPolicy.id", "min": 0, "max": "1", "short": "Logical id of this artifact", "definition": "The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes.", "comment": "", "inherited": true, "base": "Resource" }, { "name": "meta", "depth": 1, "types": [ { "datatype": "Meta", "documentLocation": "datatype" } ], "path": "AccessPolicy.meta", "min": 0, "max": "1", "short": "", "definition": "The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource.", "comment": "", "inherited": true, "base": "Resource" }, { "name": "implicitRules", "depth": 1, "types": [ { "datatype": "uri" } ], "path": "AccessPolicy.implicitRules", "min": 0, "max": "1", "short": "", "definition": "A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.", "comment": "", "inherited": true, "base": "Resource" }, { "name": "language", "depth": 1, "types": [ { "datatype": "code" } ], "path": "AccessPolicy.language", "min": 0, "max": "1", "short": "", "definition": "The base language in which the resource is written.", "comment": "", "inherited": true, "base": "Resource" }, { "name": "text", "depth": 1, "types": [ { "datatype": "Narrative", "documentLocation": "datatype" } ], "path": "AccessPolicy.text", "min": 0, "max": "1", "short": "Text summary of the resource, for human interpretation", "definition": "A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it \"clinically safe\" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety.", "comment": "", "inherited": true, "base": "DomainResource" }, { "name": "contained", "depth": 1, "types": [ { "datatype": "Resource" } ], "path": "AccessPolicy.contained", "min": 0, "max": "*", "short": "Contained, inline Resources", "definition": "These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope.", "comment": "", "inherited": true, "base": "DomainResource" }, { "name": "extension", "depth": 1, "types": [ { "datatype": "Extension", "documentLocation": "datatype" } ], "path": "AccessPolicy.extension", "min": 0, "max": "*", "short": "Additional content defined by implementations", "definition": "May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.", "comment": "", "inherited": true, "base": "DomainResource" }, { "name": "modifierExtension", "depth": 1, "types": [ { "datatype": "Extension", "documentLocation": "datatype" } ], "path": "AccessPolicy.modifierExtension", "min": 0, "max": "*", "short": "Extensions that cannot be ignored", "definition": "May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).", "comment": "", "inherited": true, "base": "DomainResource" }, { "name": "name", "depth": 1, "types": [ { "datatype": "string" } ], "path": "AccessPolicy.name", "min": 0, "max": "1", "short": "", "definition": "A name associated with the AccessPolicy.", "comment": "", "inherited": false }, { "name": "basedOn", "depth": 1, "types": [ { "datatype": "Reference", "documentLocation": "datatype" } ], "referenceTypes": [ { "datatype": "AccessPolicy", "documentLocation": "medplum" } ], "path": "AccessPolicy.basedOn", "min": 0, "max": "*", "short": "", "definition": "Other access policies used to derive this access policy.", "comment": "", "inherited": false }, { "name": "compartment", "depth": 1, "types": [ { "datatype": "Reference", "documentLocation": "datatype" } ], "referenceTypes": [], "path": "AccessPolicy.compartment", "min": 0, "max": "1", "short": "", "definition": "Optional compartment for newly created resources. If this field is set, any resources created by a user with this access policy will automatically be included in the specified compartment.", "comment": "", "inherited": false }, { "name": "resource", "depth": 1, "types": [ { "datatype": "BackboneElement" } ], "path": "AccessPolicy.resource", "min": 0, "max": "*", "short": "", "definition": "Access details for a resource type.", "comment": "", "inherited": false }, { "name": "resourceType", "depth": 2, "types": [ { "datatype": "string" } ], "path": "AccessPolicy.resource.resourceType", "min": 1, "max": "1", "short": "", "definition": "The resource type.", "comment": "", "inherited": false }, { "name": "compartment", "depth": 2, "types": [ { "datatype": "Reference", "documentLocation": "datatype" } ], "referenceTypes": [], "path": "AccessPolicy.resource.compartment", "min": 0, "max": "1", "short": "", "definition": "@deprecated Optional compartment restriction for the resource type.", "comment": "", "inherited": false }, { "name": "criteria", "depth": 2, "types": [ { "datatype": "string" } ], "path": "AccessPolicy.resource.criteria", "min": 0, "max": "1", "short": "", "definition": "The rules that the server should use to determine which resources to allow.", "comment": "The rules are search criteria (without the [base] part). Like Bundle.entry.request.url, it has no leading \"/\".", "inherited": false }, { "name": "readonly", "depth": 2, "types": [ { "datatype": "boolean" } ], "path": "AccessPolicy.resource.readonly", "min": 0, "max": "1", "short": "", "definition": "@deprecated Use AccessPolicy.resource.interaction = ['search', 'read', 'vread', 'history']", "comment": "", "inherited": false }, { "name": "interaction", "depth": 2, "types": [ { "datatype": "code" } ], "path": "AccessPolicy.resource.interaction", "min": 0, "max": "*", "short": "", "definition": "Permitted FHIR interactions with this resource type", "comment": "", "inherited": false }, { "name": "hiddenFields", "depth": 2, "types": [ { "datatype": "string" } ], "path": "AccessPolicy.resource.hiddenFields", "min": 0, "max": "*", "short": "", "definition": "Optional list of hidden fields. Hidden fields are not readable or writeable.", "comment": "", "inherited": false }, { "name": "readonlyFields", "depth": 2, "types": [ { "datatype": "string" } ], "path": "AccessPolicy.resource.readonlyFields", "min": 0, "max": "*", "short": "", "definition": "Optional list of read-only fields. Read-only fields are readable but not writeable.", "comment": "", "inherited": false }, { "name": "writeConstraint", "depth": 2, "types": [ { "datatype": "Expression", "documentLocation": "datatype" } ], "path": "AccessPolicy.resource.writeConstraint", "min": 0, "max": "*", "short": "", "definition": "Invariants that must be satisfied for the resource to be written. Can include %before and %after placeholders to refer to the resource before and after the updates are applied.", "comment": "", "inherited": false }, { "name": "ipAccessRule", "depth": 1, "types": [ { "datatype": "BackboneElement" } ], "path": "AccessPolicy.ipAccessRule", "min": 0, "max": "*", "short": "", "definition": "Use IP Access Rules to allowlist, block, and challenge traffic based on the visitor IP address.", "comment": "", "inherited": false }, { "name": "name", "depth": 2, "types": [ { "datatype": "string" } ], "path": "AccessPolicy.ipAccessRule.name", "min": 0, "max": "1", "short": "", "definition": "Friendly name that will make it easy for you to identify the IP Access Rule in the future.", "comment": "", "inherited": false }, { "name": "value", "depth": 2, "types": [ { "datatype": "string" } ], "path": "AccessPolicy.ipAccessRule.value", "min": 1, "max": "1", "short": "", "definition": "An IP Access rule will apply a certain action to incoming traffic based on the visitor IP address or IP range.", "comment": "", "inherited": false }, { "name": "action", "depth": 2, "types": [ { "datatype": "code" } ], "path": "AccessPolicy.ipAccessRule.action", "min": 1, "max": "1", "short": "", "definition": "Access rule can perform one of the following actions: \"allow\" | \"block\".", "comment": "", "inherited": false } ], "searchParameters": [ { "name": "name", "type": "string", "description": "The name of the access policy", "expression": "AccessPolicy.name" } ] }