准备工作
设置必要的 FHIR 存储区配置和资源,并强制执行访问权限控制。如需了解详情,请参阅控制对 FHIR 资源的访问权限。
概览
借助 ExplainDataAccess
方法,您可以根据强制执行的政策和意见征求,了解哪些操作者对给定资源拥有哪些访问权限。
ExplainDataAccess
方法可以帮助您回答以下问题:
- 谁可以访问给定资源?
- 这些角色可以出于什么目的访问此资源?
- 哪些意见征求资源会强制执行上述访问权限?
了解数据访问
如需使用 ExplainDataAccess
,请传入感兴趣的资源的标识符。响应会提供允许或禁止访问所提供资源的意见征求范围(操作者、用途、环境)列表。意见征求范围的例外情况列在 ExplainDataAccessConsentScope.exceptions 字段中。如果一项政策允许 actor
出于任何用途访问 Observation/ob1
,而存在一项拒绝政策禁止 actor
出于 research
用途访问此资源,则可能会出现例外情况。每个意见征求范围都包含有关哪个意见征求资源通过 ExplainDataAccessConsentScope.enforcing_consents 强制执行此类访问权限的信息,这有助于您了解此资源上强制执行的适用意见征求的详细信息。
允许同意指令和拒绝同意指令的数量上限为 1,000 个。此限制会限制应用于给定资源的意见征求范围的数量。如果同意范围的数量超出限制,ExplainDataAccessResponse.warning 字段将包含相关消息。
以下是说明给定资源的数据访问权限的请求示例:
curl -X GET \ -H "Authorization: Bearer $(gcloud auth application-default print-access-token)" \ -H "Content-Type: application/json" \ "https://healthcare.googleapis.com/v1beta1/projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID:explainDataAccess?resource_id=Observation/7473784b-46a8-470c-b9a6-fe38a01025aa"
您应该收到类似以下内容的 JSON 响应:
{ "consentScopes":[ { "decision":"CONSENT_DECISION_TYPE_PERMIT", "enforcingConsents":[ { "consentResource":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Consent/73c54e8d-2789-403b-9dee-13085c5d5e34", "type":"CONSENT_POLICY_TYPE_PATIENT", "enforcementTime":"2024-02-09T02:48:02.721589Z", "patientConsentOwner":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Patient/3c6aa096-c054-4c22-b2b4-1e4a4d203de2", "matchingAccessorScopes":[ { "actor":"Practitioner/12942879-f89f-41ae-aa80-0b911b649833", "purpose":"v3/ETREAT", "environment":"*" } ] } ], "accessorScope":{ "actor":"Practitioner/12942879-f89f-41ae-aa80-0b911b649833", "purpose":"v3/ETREAT", "environment":"*" } }, { "decision":"CONSENT_DECISION_TYPE_PERMIT", "enforcingConsents":[ { "consentResource":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Consent/10998b60-a252-405f-aa47-0702554ddc8e", "type":"CONSENT_POLICY_TYPE_PATIENT", "enforcementTime":"2024-02-09T02:48:02.721589Z", "patientConsentOwner":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Patient/3c6aa096-c054-4c22-b2b4-1e4a4d203de2", "matchingAccessorScopes":[ { "actor":"Practitioner/12942879-f89f-41ae-aa80-0b911b649833", "purpose":"*", "environment":"App/123" } ] } ], "accessorScope":{ "actor":"Practitioner/12942879-f89f-41ae-aa80-0b911b649833", "purpose":"*", "environment":"App/123" } }, { "decision":"CONSENT_DECISION_TYPE_PERMIT", "enforcingConsents":[ { "consentResource":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Consent/5c8e3f8a-9fd5-480d-a08e-f29b89feccde", "type":"CONSENT_POLICY_TYPE_ADMIN", "enforcementTime":"2024-02-09T02:50:03.973252Z", "matchingAccessorScopes":[ { "actor":"Practitioner/12942879-f89f-41ae-aa80-0b911b649833", "purpose":"v3/BIORCH", "environment":"App/golden" } ] } ], "accessorScope":{ "actor":"Practitioner/12942879-f89f-41ae-aa80-0b911b649833", "purpose":"v3/BIORCH", "environment":"App/golden" } } ] }
在此示例中,系统允许以下访问:
- 在所有环境中,出于
v3/ETREAT
目的使用Practitioner/12942879-f89f-41ae-aa80-0b911b649833
,且已征得患者同意。 - 在
App/123
环境中具有所有用途的Practitioner/12942879-f89f-41ae-aa80-0b911b649833
,需征得患者同意。 App/golden
环境中具有v3/BIORCH
用途的Practitioner/12942879-f89f-41ae-aa80-0b911b649833
,需经管理员同意才能授予。
其他 ExplainDataAccess 响应示例
{ "consentScopes":[ { "decision":"CONSENT_DECISION_TYPE_PERMIT", "accessorScope":{ "actor":"Practitioner/doctor", "purpose":"*", "environment":"*" }, "enforcingConsents":[ { "consentResource":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Consent/pc1", "type":"CONSENT_POLICY_TYPE_PATIENT", "enforcementTime":"2024-01-02T14:10:55.271144Z", "patientConsentOwner":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Patient/p1", "matchingAccessorScopes":[ { "actor":"Practitioner/doctor", "purpose":"*", "environment":"*" } ] } ], "exceptions":[ { "decision":"CONSENT_DECISION_TYPE_DENY", "accessorScope":{ "actor":"Practitioner/doctor", "purpose":"v3/TREAT", "environment":"*" }, "enforcingConsents":[ { "consentResource":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Consent/ac1", "type":"CONSENT_POLICY_TYPE_ADMIN", "enforcementTime":"2024-01-02T14:10:55.229196Z", "matchingAccessorScopes":[ { "actor":"Practitioner/doctor", "purpose":"v3/TREAT", "environment":"*" } ] }, { "consentResource":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Consent/ac1-dup", "type":"CONSENT_POLICY_TYPE_ADMIN", "variants":["CONSENT_VARIANT_CASCADE"], "enforcementTime":"2024-01-02T14:10:55.229196Z", "cascadeOrigins":[ "projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Patient/p1" ], "matchingAccessorScopes":[ { "actor":"Practitioner/doctor", "purpose":"v3/TREAT", "environment":"*" } ] } ] } ] }, { "decision":"CONSENT_DECISION_TYPE_DENY", "accessorScope":{ "actor":"Practitioner/doctor", "purpose":"v3/TREAT", "environment":"*" }, "enforcingConsents":[ { "consentResource":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Consent/ac1", "type":"CONSENT_POLICY_TYPE_ADMIN", "enforcementTime":"2024-01-02T14:10:55.229196Z", "matchingAccessorScopes":[ { "actor":"Practitioner/doctor", "purpose":"v3/TREAT", "environment":"*" } ] }, { "consentResource":"projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Consent/ac1-dup", "type":"CONSENT_POLICY_TYPE_ADMIN", "variants":["CONSENT_VARIANT_CASCADE"], "enforcementTime":"2024-01-02T14:10:55.229196Z", "cascadeOrigins":[ "projects/PROJECT_ID/locations/LOCATION/datasets/DATASET_ID/fhirStores/FHIR_STORE_ID/fhir/Patient/p1" ], "matchingAccessorScopes":[ { "actor":"Practitioner/doctor", "purpose":"v3/TREAT", "environment":"*" } ] } ] } ] }
在此示例中,Practitioner/doctor
被允许在所有环境中出于除 v3/TREAT
以外的所有用途访问资源。意见征求强制执行政策是患者意见征求 Consent/pc1
,意见征求强制执行政策是管理员政策 (Consent/ac1
和 Consent/ac1-dup
)。Consent/ac1-dup
是与资源所有者 Patient/p1
匹配的管理员级级联政策。