Scenario 2A - v0.2.2

FastAccessControl, published by MITRE. This guide is not an authorized publication; it is the continuous build for version 0.2.2 built by the FHIR (HL7® FHIR® Standard) CI Build. This version is based on the current content of https://github.com/awatson1978/fhir-access-control-ig/ and changes regularly. See the Directory of published versions

TestScript: Scenario 2A

Official URL: http://				Version: 0.2.2
Draft as of 2022-06-14				Computable Name: Scenario 2A

Generated Narrative: TestScript TestScript-Scenario2A

url: PolstToConsent

version: 0.2.2

name: Scenario 2A

title: R4 TestScript - PHI System - Anonymous Access

status: Draft

date: 2022-06-14 23:19:30+0000

publisher: MITRE

contact: MITRE: https://www.mitre.org

fixture
id
73594318-988d-5647-b3d8-1f1841578c27
autocreate: true
autodelete: true
resource: OrgA CT Location 2

test
id
3823df50-2a7e-48e7-8f70-921067974a05
name: 0.1 Create hospital organization
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code update: Update Organization Hospital Organization PUT /baseR4/Organization/J4aabjHFaXv73ZvME json true PUT /baseR4/Organization/J4aabjHFaXv73ZvME
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 201(Success). created false

test
id
f390140a-edd9-4c04-8131-f50e06f8a40a
name: 0.2 Create women's shelter organization
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code update: Update Organization Women's Shelter Organization PUT /baseR4/Organization/lyW5mPW2nf3DHC7h6 json true PUT /baseR4/Organization/lyW5mPW2nf3DHC7h6
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 201(Success). created false

test
id
80ca8957-a591-4a3c-835e-7018bf03660b
name: 0.3 Create hospital location
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code update: Update Location Hospital Location PUT /baseR4/Location/6kKu6iPnJtMozpaBp json true PUT /baseR4/Location/6kKu6iPnJtMozpaBp
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 201(Success). created false

test
id
ef27765c-a138-5669-b255-17bb91d30cc0
name: 0.4 Create women's shelter location
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code update: Update Location Women's Shelter Location PUT /baseR4/Location/qirz9TRTPfkDgBSs8 json true PUT /baseR4/Location/qirz9TRTPfkDgBSs8
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 201(Success). created false

test
id
ed7f8206-22ad-4bce-b3d8-83980dc0af5e
name: 0.5 Create social worker
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code update: Update Practitioner Social Worker PUT /baseR4/Practitioner json true PUT /baseR4/Practitioner
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 201(Success). created false

test
id
309ca261-92bf-5063-ba69-77f29c52c671
name: 0.6 Create restriction on accessing women's shelters
action
Operations
- Type Label Description Accept EncodeRequestUrl Method Url
* Test script operation code update: Update Restriction on accessing Women's Shelters PUT /baseR4/Consent/cotkDnGQjpHijDsRR json true PUT /baseR4/Consent/cotkDnGQjpHijDsRR
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 201(Success). created false

test
id
ed7f8206-22ad-4bce-b3d8-83980dc0af5e
name: 1.1.1 SocialWorker tries to anonymously access public organization data (and succeeds)
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code read: Read Organization 1.1.1 GET /baseR4/Organization/J4aabjHFaXv73ZvME json true GET /baseR4/Organization/J4aabjHFaXv73ZvME
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 200(OK). okay false

test
id
ed7f8206-22ad-4bce-b3d8-83980dc0af5e
name: 1.1.2 SocialWorker tries to anonymously access public location data (and succeeds)
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code read: Read Location 1.1.2 GET /baseR4/Location/6kKu6iPnJtMozpaBp json true GET /baseR4/Location/6kKu6iPnJtMozpaBp
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 200(OK). okay false

test
id
486e9754-3a48-45c0-b43e-94e16e078d71
name: 1.2.1 SocialWorker tries to anonymously access private organization data (and fails)
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code read: Read Organization 1.2.1 GET /baseR4/Organization/lyW5mPW2nf3DHC7h6 json true GET /baseR4/Organization/lyW5mPW2nf3DHC7h6
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 401(Unauthorized). forbidden false

test
id
486e9754-3a48-45c0-b43e-94e16e078d71
name: 1.2.2 SocialWorker tries to anonymously access private location data (and fails)
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code read: Read Location 1.2.2 GET /baseR4/Location/qirz9TRTPfkDgBSs8 json true GET /baseR4/Location/qirz9TRTPfkDgBSs8
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 401(forbidden). forbidden false

test
id
668a7b70-e747-42d3-a100-632f1a87cd40
name: 2.1 SocialWorker authenticates.
action
Operations
- Type Label Description Accept EncodeRequestUrl Method Url
* Test script operation code read: Read 2.1 GET /oauth/authorize json true GET /oauth/authorize?response_type=code&client_id=12345&redirect_uri=https%3A%2F%2Finferno.healthit.gov%2Fsuites%2Fcustom%2Fsmart%2Fredirect&scope=launch%2Fpatient+openid+fhirUser+offline_access+patient%2F*.read&state=b64686e6-5ebb-49c7-845a-821736c7d002&aud=https%3A%2F%2Fnational-directory.meteorapp.com
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 200(OK). okay false

test
id
0580315d-c072-46da-841e-500ad5d5f931
name: 2.2 Token request
action
Operations
- Type Label Description Accept EncodeRequestUrl Method Url
* Test script operation code read: Read 2.2 GET /oauth/token json true GET /oauth/token
action
Asserts
- Description Response WarningOnly
* Confirm that the returned HTTP status is 200(OK). okay false

test
id
595cab8f-6302-44f1-a930-6b02da515216
name: 2.3.1 - SocialWorker tries to anonymously access private location data (and succeeds)
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code update: Update Location 2.3.1 GET /baseR4/Location/qirz9TRTPfkDgBSs8 json true GET /baseR4/Location/qirz9TRTPfkDgBSs8
action
Asserts
- Description WarningOnly
* Confirm that the returned HTTP status is 200(OK). false

test
id
595cab8f-6302-44f1-a930-6b02da515216
name: 2.3.2 - SocialWorker tries to anonymously access private organization data (and succeeds)
action
Operations
- Type Resource Label Description Accept EncodeRequestUrl Method Url
* Test script operation code update: Update Organization 2.3.2 GET /baseR4/Organization/lyW5mPW2nf3DHC7h6 json true GET /baseR4/Organization/lyW5mPW2nf3DHC7h6
action
Asserts
- Description WarningOnly
* Confirm that the returned HTTP status is 200(OK). false