Jam*_*mie 2 hyperledger-fabric hyperledger-composer
我有一个名为MedicalFile的资产,其中包含对组织的引用.参与者HealthCareProfessional也属于一个组织.
现在,我想定义一个ACL规则,该规则限制医疗保健专业人员仅查看MedicalFile与其组织相关联的医疗文件.
我想出了以下规则:
rule OrganisationMedicalFilePermission {
description: "An organisation may updates a medical file which they have permission from"
participant(h): "nl.epd.blockchain.HealthCareProfessional"
operation: ALL
resource(m): "nl.epd.blockchain.MedicalFile"
condition: (m.organisations.includes(h.organisation))
action: ALLOW
}
一旦我使用Loopback调用RESTful API,这将导致一个空数组.我被认证为医疗保健专业人士.
资产和参与者:
asset Organisation identified by id {
o String id
o String name
o String city
o String zipCode
o String street
o String houseNumber
o String houseNumberExtra optional
o OrganisationType organisationType
}
asset MedicalFile identified by bsn {
o String bsn
--> Patient owner
--> Patient[] mentors optional
--> Organisation[] organisations optional
o Visit[] visits optional
o String[] allergies optional
o Treatment[] treatments optional
o Medicine[] medicine optional
}
participant HealthCareProfessional identified by bsn {
o String bsn
o String firstName
o String namePrefix optional
o String lastName
--> Organisation organisation
}
我的问题是,是否可以创建一个验证此问题的条件.如果没有,我的选择是什么?
小智 5
这是一个很好的问题; 我已经使用在线游乐场测试了下面的更新ACL .
这是更新的规则:
rule LimitAccess {
description: "An organisation may updates a medical file which they have permission from"
participant(h): "nl.epd.blockchain.HealthCareProfessional"
operation: ALL
resource(m): "nl.epd.blockchain.MedicalFile"
condition: (
m.organisations.some(function (organisation) {
return organisation.getIdentifier() === h.organisation.getIdentifier();
} )
)
action: ALLOW
}
该some函数是扫描关系数组的关键部分.还要注意getIdentifier()函数的使用,而不是直接尝试访问标识符.
| 归档时间: |
|
| 查看次数: |
1176 次 |
| 最近记录: |