JohnMoehrke Consent with Segmented data - Testing Guide (TG)
0.1.0-current - ci-build
JohnMoehrke Consent with Segmented data - Testing Guide (TG)
0.1.0-current - ci-build
JohnMoehrke Consent with Segmented data - Testing Guide (TG), published by John Moehrke (himself). This guide is not an authorized publication; it is the continuous build for version 0.1.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/JohnMoehrke/ConsentWithSeg-testing/ and changes regularly. See the Directory of published versions
| Official URL: http://johnmoehrke.github.io/ConsentWithSeg-testing/TestPlan/theTestPlan | Version: 0.1.0-current | |||
| Standards status: Informative | Computable Name: | |||
Test user access against various kinds of Consent
Generated Narrative: TestPlan theTestPlan
url: theTestPlan
version: 0.1.0-current
status: Active
date: 2024-11-20 15:14:57+0000
publisher: John Moehrke (himself)
contact: John Moehrke (himself): http://healthcaresecprivacy.blogspot.com,JohnMoehrke@gmail.com, John Moehrke (himself): JohnMoehrke@gmail.com
description:
Test user access against various kinds of Consent
jurisdiction: Global (Whole world)
testTools:
some good tool
testCase
sequence: 1
scope: Consent: status = active; category = Consent; date = 2022-06-13; decision = permit
testRun
narrative:
Feature: Basic Consent Background: purpose of use is allowed Scenario: User requests access and is authorized due to basic consent Scenario Outline: basic Given @ConsentRecorder has or has not recorded a \<Consent\> And default rule is \<default\> When \<user\> uses @UserApp to request access control token And @AccessControlDecider actor consults the @ConsentRepository And \<Consent\> Then Authorization \<auth\> Examples: | Consent | default | User | auth | |---------|---------|-------|--------| | none | deny | User1 | deny | | none | deny | User2 | deny | | none | permit | User1 | permit | | none | permit | User2 | permit | | permit | ~any~ | User1 | permit | | permit | ~any~ | User2 | permit | | deny | ~any~ | User1 | deny | | deny | ~any~ | User2 | deny |Scripts
Language Source[x] Gherkin DocumentReference: status = current
testCase
sequence: 2
scope: Consent: status = active; category = Consent; date = 2022-06-13; decision = permit
TestRuns
Narrative Feature: todo
testCase
sequence: 3
scope: Consent: status = active; category = Consent; date = 2022-06-13; decision = permit
TestRuns
Narrative Feature: todo
testCase
sequence: 4
scope: Consent: status = active; category = Consent; date = 2022-06-13; decision = permit
testRun
narrative:
Feature: Consent authorize activity for non-sensitive data Scenario: User requests access and is permitted normal data due to Consent Given ConsentRecorder records Consent And The Consent given is for the User And The Consent given restricts data for this user to non-sensitive data When User uses UserApp to request data And AccessControl actor consults the ConsentRepository And Consent is found, And Consent found does authorize this user only for non-sensitive data Then Only non-sensitive data can be given And SLS inspects the Search Response bundle and tags sensitive data (R-ConfidentialityCode) And AccessEnforcement removes from the Search Response Bundle the data tagged as sensitive (R-ConfidentalityCode) And Only non-sensitive data is givenScripts
Language Source[x] Gherkin DocumentReference: status = current