This page is part of the FHIR Specification (v5.0.0-snapshot3: R5 Snapshot #3, to support Connectathon 32). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions
Security Work Group | Maturity Level: 0 | Trial Use | Use Context: Country: World, Not yet ready for Production use, Not yet ready for Production use |
Official URL: http://hl7.org/fhir/ValueSet/permission-rule-combining
|
Version: 5.0.0-snapshot3 | |||
draft as of 2022-08-05 | Computable Name: PermissionRuleCombining | |||
Flags: Experimental, Immutable | OID: 2.16.840.1.113883.4.642.3.3231 |
This value set is used in the following places:
Codes identifying rule combining algorithm.
http://hl7.org/fhir/permission-rule-combining
This expansion generated 14 Dec 2022
This value set contains 6 concepts
Expansion based on PermissionRuleCombining v5.0.0-snapshot3 (CodeSystem)
Code | System | Display | Definition |
deny-overrides | http://hl7.org/fhir/permission-rule-combining | Deny-overrides | The deny overrides combining algorithm is intended for those cases where a deny decision should have priority over a permit decision. |
permit-overrides | http://hl7.org/fhir/permission-rule-combining | Permit-overrides | The permit overrides combining algorithm is intended for those cases where a permit decision should have priority over a deny decision. |
ordered-deny-overrides | http://hl7.org/fhir/permission-rule-combining | Ordered-deny-overrides | The behavior of this algorithm is identical to that of the “Deny-overrides” rule-combining algorithm with one exception. The order in which the collection of rules is evaluated SHALL match the order as listed in the permission. |
ordered-permit-overrides | http://hl7.org/fhir/permission-rule-combining | Ordered-permit-overrides | The behavior of this algorithm is identical to that of the “Permit-overrides” rule-combining algorithm with one exception. The order in which the collection of rules is evaluated SHALL match the order as listed in the permission. |
deny-unless-permit | http://hl7.org/fhir/permission-rule-combining | Deny-unless-permit | The “Deny-unless-permit” combining algorithm is intended for those cases where a permit decision should have priority over a deny decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result. |
permit-unless-deny | http://hl7.org/fhir/permission-rule-combining | Permit-unless-deny | The “Permit-unless-deny” combining algorithm is intended for those cases where a deny decision should have priority over a permit decision, and an “Indeterminate” or “NotApplicable” must never be the result. It is particularly useful at the top level in a policy structure to ensure that a PDP will always return a definite “Permit” or “Deny” result. This algorithm has the following behavior. |
See the full registry of value sets defined as part of FHIR.
Explanation of the columns that may appear on this page:
Lvl | A few code lists that FHIR defines are hierarchical - each code is assigned a level. For value sets, levels are mostly used to organize codes for user convenience, but may follow code system hierarchy - see Code System for further information |
Source | The source of the definition of the code (when the value set draws in codes defined elsewhere) |
Code | The code (used as the code in the resource instance). If the code is in italics, this indicates that the code is not selectable ('Abstract') |
Display | The display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application |
Definition | An explanation of the meaning of the concept |
Comments | Additional notes about how to use the code |