Comments (10)
Had a discussion with ONA team.
Notes -
The approach of moving the sync filters to client is not simple also it has performance impact on the client.
eg- App will just know the immediate location of the practitioner but sync logic requires fetching all the child locations.
Number of such child locations can be of the order of a few hundred and they don't want to add additional step before sync. This will have impact on clients where internet connectivity is low.
They are also thinking of using FHIR gateway to host their custom endpoints. This is ideally outside of the scope of FHIR gateway but they don't want to maintain different servers. We will have to evaluate how we should make the Gateway more flexible for these usecases
from fhir-access-proxy.
This is not straight forward task as the AccessChecker design explicitly prevents request mutation.
from fhir-access-proxy.
So yeah, we explicitly prevent mutating the input request by the access-checker plugin because otherwise it would be hard to reason about the query in the server code. Looking at ONA's use-case, it seems that the issues of access-control and implementing a sync-strategy are mixed together into an access-checker. That is probably the bigger question to answer whether we want to support that pattern or not; because I think sync-strategy is a separate concern.
To answer what to do for this issue, here are some options after talking with @vivekmittal07 (in the order of my personal preference):
- Encourage ONA to separate the sync-strategy and move it to the client as discussed above (so access-checker plugin does access-control only).
- Add an interface for mutating the FHIR query but only allow adding URL parameters (this is mostly for read/search queries and can be applied to both URLs and POST body content when doing search by POST). This is what we wanted to support in the original design doc too.
- Send the raw query to the access-checker and let it change however it wants.
from fhir-access-proxy.
@vivekmittal07 Any thoughts on the approaches above? Do we think that Bashir's first option will work in their currently designed architecture?
from fhir-access-proxy.
Yes this can work but need significant changes in the client by ONA. We will have to discuss with them if this is something they are willing to do.
from fhir-access-proxy.
Can we clear this up quickly? Changing out client-APIs can be done, but gets harder once something is deployed and gets more rolled out.
from fhir-access-proxy.
We decided to proceed with 2nd option mentioned in #122 (comment)
Supporting custom endpoints is not straightforward and it will be good to see how we can support this. This is outside the scope of the bug. I will create a new feature request for this.
from fhir-access-proxy.
Thanks @vivekmittal07 for the updates, I went ahead and created #139 for separating the custom endpoint question. That part is not a Beta blocker. So let's focus this issue on request mutation question, especially using extra URL params.
from fhir-access-proxy.
This bug was closed, but I cannot tell if we decided to drop it, or if it was resolved? If the latter, can you associate the PR?
from fhir-access-proxy.
The changes are already merged and the PR is attached above - #140
from fhir-access-proxy.
Related Issues (20)
- Resource finder utility for processing bundles HOT 2
- As a developer for OHS, it would be nice if the example / test different configurations of HAPI were the same.
- Release new image for FHIR Gateway HOT 4
- As a developer, I can follow instructions to see how the FHIR gateway can be used to support Smart-on-FHIR apps HOT 3
- Create sample plugin using Fhir Gateway maven artifact HOT 5
- EPIC: As an early adopter, I am able to directly use the Gateway in production without maintaining a fork. HOT 1
- Evaluate requirements/feasibility of supporting custom endpoints HOT 2
- Support AllowedQueriesChecker for Bundle Entry Requests
- Request mutation for POST requests
- Support gzip encoding for data transfer HOT 1
- Make a new release 0.2.0 HOT 1
- Release new build to maven HOT 1
- Upgrade to JDK 17 and other related version upgrades HOT 7
- Check for all patients access in ListAccessChecker for deletion in Bundle HOT 1
- Support sending gzipped request body to the FHIR server
- Update spring version to 5.3.27 HOT 1
- Implement the option for having a list of access-checkers instead of just one.
- Implement an `AccessChecker` based on "SMART Backend Services". HOT 2
- Block access if the token is revoked (but not expired)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fhir-access-proxy.