Examples of PrivilegeList:
|
Contents of a PrivilegeList
A PrivilegeList must contain at least one PrivilegeGroup with Scope = "urn:dk:gov:saml:cvrNumberIdentifier:<some number>".
A PrivilegeGroup has the following elements:
Exactly one Constraint specifying an organization identifier (see Organization Constraints)
At most one Constraint specifying a care team identifier (see Care Team Constraints)
At least one Privilege element
Organization Constraints
An organization constraint identifies an Organization resource by an external identifier and type.
There are three types of organizations:
SOR organizations:
Identified by Constraints with Name attribute = "urn:dk:gov:saml:sorIdentifier" and value = {sor-id}
Refers to Fhir Organization with Identifier.system = "urn:oid:1.2.208.176.1.1" and Identifier.value = {sor-id}
Example:
Constraint:
Code Block <Constraint Name="urn:dk:gov:saml:sorIdentifier">950531000016003</Constraint>
Refers to Organization with:
Code Block "Identifier": [{"system": "urn:oid:1.2.208.176.1.1", "value": "950531000016003"}]
STS organizations
Identified by Constraints with Name attribute = "urn:dk:kombit:orgUnit" and value = {sts-id}
Refers to Fhir Organization with Identifier.system = "https://www.kombit.dk/sts/organisation" and Identifier.value = {sts-id}
Example:
Contraint:
Code Block <Constraint Name="urn:dk:kombit:orgUnit">eeeeeeee-b760-11e9-a2a3-2a2ae2dbcce4</Constraint>
Refers to Organization with:
Code Block "Identifier": [{"system": "https://www.kombit.dk/sts/organisation", "value": "eeeeeeee-b760-11e9-a2a3-2a2ae2dbcce4"}]
SSL organizations
Identified by Constraints with Name attribute = "urn:dk:sundhed:ehealth:sslOrg"
Refers to Fhir Organization with Identifier.system = "http://ehealth.sundhed.dk/organization/ssl" and Identifier.value = {ssl-id}
Example:
Constraint:
Code Block <Constraint Name="urn:dk:sundhed:ehealth:sslOrg">aaaaaaaa-b760-11e9-a2a3-2a2ae2dbcce4</Constraint>
Refers to Organization with:
Code Block "Identifier": [{"system": "http://ehealth.sundhed.dk/organization/ssl", "value": "aaaaaaaa-b760-11e9-a2a3-2a2ae2dbcce4"}]
Care Team Constraints
A care team constraint identifies a CareTeam resource by an external identifier.
Care team constraints always have Name attribute = "urn:dk:sundhed:ehealth:careteam".
A care team constraint with value = {careteam-id} refers to Fhir CareTeam with Identifier.system = "urn:ietf:rfc:3986" and Identifier.value = {careteam-id}
Example:
Constraint:
Code Block <Constraint Name="urn:dk:sundhed:ehealth:careteam">cccccccc-b760-11e9-a2a3-2a2ae2dbcce4</Constraint>
Refers to CareTeam with:
Code Block "Identifier": [{"system": "urn:ietf:rfc:3986", "value": "cccccccc-b760-11e9-a2a3-2a2ae2dbcce4"}]
Privileges:
Allowed privileges:
Code Block urn:dk:sundhed:ehealth:role:tele_medicine_actorCode Block urn:dk:sundhed:ehealth:role:administrative_personnelCode Block urn:dk:sundhed:ehealth:role:healthcare_professionalCode Block urn:dk:sundhed:ehealth:role:report_generatorCode Block urn:dk:sundhed:ehealth:role:questionnaire_editorCode Block urn:dk:sundhed:ehealth:role:administratorCode Block urn:dk:sundhed:ehealth:role:clinical_administratorCode Block urn:dk:sundhed:ehealth:role:team_administratorCode Block urn:dk:sundhed:ehealth:role:order_placerCode Block urn:dk:sundhed:ehealth:role:service_and_logisticsCode Block urn:dk:sundhed:ehealth:role:incident_reporterCode Block urn:dk:sundhed:ehealth:role:supporterCode Block urn:dk:sundhed:ehealth:role:ssl_catalogue_annotatorCode Block urn:dk:sundhed:ehealth:role:ssl_catalogue_responsibleCode Block urn:dk:sundhed:ehealth:role:ssl_contract_responsibleCode Block urn:dk:sundhed:ehealth:role:treatment_responsibleCode Block urn:dk:sundhed:ehealth:role:monitoring_responsible