Package ca.uhn.fhir.rest.server.interceptor.consent

Interface IConsentService

All Known Implementing Classes:
DelegatingConsentService, RuleFilteringConsentService, SearchNarrowingConsentService
public interface IConsentService
This interface is intended to be implemented as the user-defined contract for the ConsentInterceptor.

Note: Since HAPI FHIR 5.1.0, methods in this interface have default methods that return ConsentOutcome.PROCEED

See Consent Interceptor for more information on this interceptor.

  • Method Details

    • startOperation

      default ConsentOutcome startOperation(RequestDetails theRequestDetails, IConsentContextServices theContextServices)
      This method is called when an operation is initially beginning, before any significant processing occurs. The service may use this method to decide whether the request needs to be reviewed further or not.
      Parameters:
      theRequestDetails - Contains details about the operation that is beginning, including details about the request type, URL, etc. Note that the RequestDetails has a generic Map (see RequestDetails.getUserData()) that can be used to store information and state to be passed between methods in the consent service.
      theContextServices - An object passed in by the consent framework that provides utility functions relevant to acting on consent directives.
      Returns:
      An outcome object. See ConsentOutcome

    • shouldProcessCanSeeResource

      default boolean shouldProcessCanSeeResource(RequestDetails theRequestDetails, IConsentContextServices theContextServices)
      This method will be invoked once prior to invoking canSeeResource(RequestDetails, IBaseResource, IConsentContextServices) and can be used to skip that phase.

      If this method returns false (default is true) willSeeResource(RequestDetails, IBaseResource, IConsentContextServices) will be invoked for this request, but canSeeResource(RequestDetails, IBaseResource, IConsentContextServices) will not.

      Parameters:
      theRequestDetails - Contains details about the operation that is beginning, including details about the request type, URL, etc. Note that the RequestDetails has a generic Map (see RequestDetails.getUserData()) that can be used to store information and state to be passed between methods in the consent service.
      theContextServices - An object passed in by the consent framework that provides utility functions relevant to acting on consent directives.
      Returns:
      Returns false to avoid calling canSeeResource(RequestDetails, IBaseResource, IConsentContextServices)
      Since:
      6.0.0

    • canSeeResource

      default ConsentOutcome canSeeResource(RequestDetails theRequestDetails, org.hl7.fhir.instance.model.api.IBaseResource theResource, IConsentContextServices theContextServices)
      This method is called if a user may potentially see a resource via READ operations, SEARCH operations, etc. This method may make decisions about whether or not the user should be permitted to see the resource.

      Implementations should make no attempt to modify the returned result within this method. For modification use cases (e.g. masking for consent rules) the user should use the willSeeResource(RequestDetails, IBaseResource, IConsentContextServices) method to actually make changes. This method is intended to only to make decisions.

      In addition, the ConsentOutcome must return one of the following statuses:

      There are two methods the consent service may use to suppress or modify response resources:

      • canSeeResource(RequestDetails, IBaseResource, IConsentContextServices) should be used to remove resources from results in scenarios where it is important to not reveal existence of those resources. It is called prior to any paging logic, so result pages will still be normal sized even if results are filtered.
      • willSeeResource(RequestDetails, IBaseResource, IConsentContextServices) should be used to filter individual elements from resources, or to remove entire resources in cases where it is not important to conceal their existence. It is called after paging logic, so any resources removed by this method may result in abnormally sized result pages. However, removing resourced using this method may also perform better so it is preferable for use in cases where revealing resource existence is not a concern.

      Performance note: Note that this method should be efficient, since it will be called once for every resource potentially returned (e.g. by searches). If this method takes a significant amount of time to execute, performance on the server will suffer.

      Parameters:
      theRequestDetails - Contains details about the operation that is beginning, including details about the request type, URL, etc. Note that the RequestDetails has a generic Map (see RequestDetails.getUserData()) that can be used to store information and state to be passed between methods in the consent service.
      theResource - The resource that will be exposed
      theContextServices - An object passed in by the consent framework that provides utility functions relevant to acting on consent directives.
      Returns:
      An outcome object. See ConsentOutcome. Note that this method is not allowed to modify the response object, so an error will be thrown if ConsentOutcome.getResource() returns a non-null response.

    • willSeeResource

      default ConsentOutcome willSeeResource(RequestDetails theRequestDetails, org.hl7.fhir.instance.model.api.IBaseResource theResource, IConsentContextServices theContextServices)
      This method is called if a user is about to see a resource, either completely or partially. In other words, if the user is going to see any part of this resource via READ operations, SEARCH operations, etc., this method is called. This method may modify the resource in order to filter/mask aspects of the contents, or even to enrich it.

      The returning ConsentOutcome may optionally replace the resource with a different resource (including an OperationOutcome) by calling the resource property on the ConsentOutcome.

      In addition, the ConsentOutcome must return one of the following statuses:

      Parameters:
      theRequestDetails - Contains details about the operation that is beginning, including details about the request type, URL, etc. Note that the RequestDetails has a generic Map (see RequestDetails.getUserData()) that can be used to store information and state to be passed between methods in the consent service.
      theResource - The resource that will be exposed
      theContextServices - An object passed in by the consent framework that provides utility functions relevant to acting on consent directives.
      Returns:
      An outcome object. See method documentation for a description.
      See Also:

    • completeOperationSuccess

      default void completeOperationSuccess(RequestDetails theRequestDetails, IConsentContextServices theContextServices)
      This method is called when an operation is complete. It can be used to perform any necessary cleanup, flush audit events, etc.

      This method is not called if the request failed. completeOperationFailure(RequestDetails, BaseServerResponseException, IConsentContextServices) will be called instead in that case.

      Parameters:
      theRequestDetails - Contains details about the operation that is beginning, including details about the request type, URL, etc. Note that the RequestDetails has a generic Map (see RequestDetails.getUserData()) that can be used to store information and state to be passed between methods in the consent service.
      theContextServices - An object passed in by the consent framework that provides utility functions relevant to acting on consent directives.
      See Also:

    • completeOperationFailure

      default void completeOperationFailure(RequestDetails theRequestDetails, ca.uhn.fhir.rest.server.exceptions.BaseServerResponseException theException, IConsentContextServices theContextServices)
      This method is called when an operation is complete. It can be used to perform any necessary cleanup, flush audit events, etc.

      This method will be called if the request did not complete successfully, instead of completeOperationSuccess(RequestDetails, IConsentContextServices). Typically this means that the operation failed and a failure is being returned to the client.

      Parameters:
      theRequestDetails - Contains details about the operation that is beginning, including details about the request type, URL, etc. Note that the RequestDetails has a generic Map (see RequestDetails.getUserData()) that can be used to store information and state to be passed between methods in the consent service.
      theContextServices - An object passed in by the consent framework that provides utility functions relevant to acting on consent directives.
      See Also: