JohnMoehrke Consent with Segmented data - Testing Guide (TG)
0.1.0-current - ci-build International flag

JohnMoehrke Consent with Segmented data - Testing Guide (TG), published by John Moehrke (himself). This guide is not an authorized publication; it is the continuous build for version 0.1.0-current built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/JohnMoehrke/ConsentWithSeg-testing/ and changes regularly. See the Directory of published versions

: The test plan for the IG - JSON Representation

Page standards status: Informative

Raw json | Download

{
  "resourceType" : "TestPlan",
  "id" : "theTestPlan",
  "url" : "http://johnmoehrke.github.io/ConsentWithSeg-testing/TestPlan/theTestPlan",
  "version" : "0.1.0-current",
  "status" : "active",
  "date" : "2024-11-20T15:14:57+00:00",
  "publisher" : "John Moehrke (himself)",
  "contact" : [
    {
      "name" : "John Moehrke (himself)",
      "telecom" : [
        {
          "system" : "url",
          "value" : "http://healthcaresecprivacy.blogspot.com"
        },
        {
          "system" : "email",
          "value" : "JohnMoehrke@gmail.com"
        }
      ]
    },
    {
      "name" : "John Moehrke (himself)",
      "telecom" : [
        {
          "system" : "email",
          "value" : "JohnMoehrke@gmail.com"
        }
      ]
    }
  ],
  "description" : "Test user access against various kinds of Consent",
  "jurisdiction" : [
    {
      "coding" : [
        {
          "system" : "http://unstats.un.org/unsd/methods/m49/m49.htm",
          "code" : "001"
        }
      ]
    }
  ],
  "testTools" : "some good tool",
  "testCase" : [
    {
      "sequence" : 1,
      "scope" : [
        {
          🔗 "reference" : "Consent/ex-consent-treat"
        }
      ],
      "testRun" : [
        {
          "narrative" : "```Gherkin\nFeature: Basic Consent \n\nBackground: purpose of use is allowed\n\nScenario: User requests access and is authorized due to basic consent \n\nScenario Outline: basic\n  Given @ConsentRecorder has or has not recorded a \\<Consent\\>\n    And default rule is \\<default\\>\n  When \\<user\\> uses @UserApp to request access control token\n    And @AccessControlDecider actor consults the @ConsentRepository\n    And \\<Consent\\> \n  Then Authorization \\<auth\\>\n\nExamples:\n\n  | Consent | default | User  | auth   |\n  |---------|---------|-------|--------|\n  | none    | deny    | User1 | deny   |\n  | none    | deny    | User2 | deny   |\n  | none    | permit  | User1 | permit |\n  | none    | permit  | User2 | permit |\n  | permit  | ~any~   | User1 | permit |\n  | permit  | ~any~   | User2 | permit |\n  | deny    | ~any~   | User1 | deny   |\n  | deny    | ~any~   | User2 | deny   |\n```",
          "script" : {
            "language" : {
              "coding" : [
                {
                  "system" : "urn:ietf:bcp:13",
                  "code" : "text/x-gherkin"
                }
              ],
              "text" : "Gherkin"
            },
            "sourceReference" : {
              🔗 "reference" : "DocumentReference/Dr-only-non-sensitive-script"
            }
          }
        }
      ]
    },
    {
      "sequence" : 2,
      "scope" : [
        {
          🔗 "reference" : "Consent/ex-consent-treat"
        }
      ],
      "testRun" : [
        {
          "narrative" : "Feature: todo"
        }
      ]
    },
    {
      "sequence" : 3,
      "scope" : [
        {
          🔗 "reference" : "Consent/ex-consent-treat"
        }
      ],
      "testRun" : [
        {
          "narrative" : "Feature: todo"
        }
      ]
    },
    {
      "sequence" : 4,
      "scope" : [
        {
          🔗 "reference" : "Consent/ex-consent-treat"
        }
      ],
      "testRun" : [
        {
          "narrative" : "```Gherkin\nFeature: Consent authorize activity for non-sensitive data\n\nScenario: User requests access and is permitted normal data due to Consent \n  Given ConsentRecorder records Consent\n    And The Consent given is for the User\n    And The Consent given restricts data for this user to non-sensitive data\n  When User uses UserApp to request data\n    And AccessControl actor consults the ConsentRepository\n    And Consent is found, \n    And Consent found does authorize this user only for non-sensitive data\n  Then Only non-sensitive data can be given\n    And SLS inspects the Search Response bundle and tags sensitive data (R-ConfidentialityCode)\n    And AccessEnforcement removes from the Search Response Bundle the data tagged as sensitive (R-ConfidentalityCode)\n    And Only non-sensitive data is given\n```",
          "script" : {
            "language" : {
              "coding" : [
                {
                  "system" : "urn:ietf:bcp:13",
                  "code" : "text/x-gherkin"
                }
              ],
              "text" : "Gherkin"
            },
            "sourceReference" : {
              🔗 "reference" : "DocumentReference/Dr-give-consent-script"
            }
          }
        }
      ]
    }
  ]
}