Validate access policy criteria against stated resource type #5412
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mattwiller
added
the
fhir-datastore
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
3 Skipped Deployments
|
ThatOneBro
approved these changes
Oct 21, 2024
|
Merged
medplumbot
added a commit
that referenced
this pull request
Oct 28, 2024
## What's Changed * Search for exact code match in ValueSet expand (#5354) * Fix _id special case in reverse chained search (#5355) * Add limited readonly user to /auth/me response (#5357) * Deduplicate search results (#5353) * Log all database errors (#5359) * Pass through already-normalized database errors (#5361) * Use Postgres 16 for local development (#5362) * Add ProjectMembership.identifier (#5364) * tweak(cli): make `medplum token` more cli consumer friendly (#5363) * Document assigning ownership via Project init (#5360) * chore(actions): auto-assign reviewers from list (#5372) * Validate boolean search parameters (#5370) * Validate resource ID before reading from DB (#5369) * Centralize escaping of text search query strings (#5368) * fix(fhircast): align context change request with STU3 (#5366) * Exclude attrs in Docker build (#5375) * Docs: s/Permission-Policy/Permissions-Policy (#5376) * Add opt-out config to not configure database connections to avoid session pinning (#5374) * Handle database timeout error (#5373) * Only include resolvable aliases (#5377) * [Photon Health] Update sync patient bot to handle allergies and medication history (#5358) * QuestionnaireForm no longer needs requestSchema (#5381) * Proof-of-concept Dosespot UX in medplum-provider (#5341) * Minor UI tweaks to QuestionnaireBuilder (#5382) * Dependency upgrades 2024-10-14 (#5384) * Automatically retry deploy bot on ResourceConflictException (#5388) * fix(fhircast): associate topic with separate random connection endpoint (#4951) * Remove cyclonedx (#5387) * feat(ToolsPage): add confirm on `Upgrade` (#5305) * Fixes #5385 - optional source param on QuestionnaireForm (#5389) * Add compound index for Observation:_lastUpdated (#5393) * DoseSpot UI ready for evaluation (#5391) * Added R5 ResearchStudy (#5394) * Update PDF demo bots to use DocumentReference rather than Media (#5395) * Fix condition for GraphQL requests to use reader DB when available (#5398) * Update readme for more thorough instructions (#5399) * Enable async batch processing (#5308) * feat(cli): add agent commands (#4750) * Validate date search values (#5404) * Document how userinfo values are generated (#5405) * Improve docs on running bots on localhost (#5410) * Document rate server rate limits config settings (#5403) * Updating R5 and Real World Test Plan (#5411) * Validate access policy criteria against stated resource type (#5412) * Dependency upgrades 2024-10-21 (#5409) * Specify application_name (#5407) * Fix GraphQL max depth validation (#4949) * Include pre-expanded ValueSets and flatten expansion for output (#5414) * Fix documentation links (#5422) * Pin `@tabler/icons-react` to not load all icons (#5423) * docs(client): add docs about `MedplumClient` lifecycle (#5419) * [Photon Health] Make minor improvements to demo app (#5420) * Document asynchronous batch request pattern (#5408) * Fix fork link typo in README files (#5417) * feat(useSearch): add debounce to `useSearch` (#5413) * Document JSON formatting for Batch Patch (#5425) * Fixes #5418 - backport R5 search params for ResearchStudy et al (#5427) * Updated types for R5 ResearchStudy and EvidenceVariable (#5428) * Fixes #5378 - Handle multiple values in Timing.repeat.when (#5429) * Dependency upgrades 2024-10-28 (#5430) **Full Changelog**: v3.2.17...v3.2.18
codyebberson
pushed a commit
that referenced
this pull request
Oct 28, 2024
## What's Changed * Search for exact code match in ValueSet expand (#5354) * Fix _id special case in reverse chained search (#5355) * Add limited readonly user to /auth/me response (#5357) * Deduplicate search results (#5353) * Log all database errors (#5359) * Pass through already-normalized database errors (#5361) * Use Postgres 16 for local development (#5362) * Add ProjectMembership.identifier (#5364) * tweak(cli): make `medplum token` more cli consumer friendly (#5363) * Document assigning ownership via Project init (#5360) * chore(actions): auto-assign reviewers from list (#5372) * Validate boolean search parameters (#5370) * Validate resource ID before reading from DB (#5369) * Centralize escaping of text search query strings (#5368) * fix(fhircast): align context change request with STU3 (#5366) * Exclude attrs in Docker build (#5375) * Docs: s/Permission-Policy/Permissions-Policy (#5376) * Add opt-out config to not configure database connections to avoid session pinning (#5374) * Handle database timeout error (#5373) * Only include resolvable aliases (#5377) * [Photon Health] Update sync patient bot to handle allergies and medication history (#5358) * QuestionnaireForm no longer needs requestSchema (#5381) * Proof-of-concept Dosespot UX in medplum-provider (#5341) * Minor UI tweaks to QuestionnaireBuilder (#5382) * Dependency upgrades 2024-10-14 (#5384) * Automatically retry deploy bot on ResourceConflictException (#5388) * fix(fhircast): associate topic with separate random connection endpoint (#4951) * Remove cyclonedx (#5387) * feat(ToolsPage): add confirm on `Upgrade` (#5305) * Fixes #5385 - optional source param on QuestionnaireForm (#5389) * Add compound index for Observation:_lastUpdated (#5393) * DoseSpot UI ready for evaluation (#5391) * Added R5 ResearchStudy (#5394) * Update PDF demo bots to use DocumentReference rather than Media (#5395) * Fix condition for GraphQL requests to use reader DB when available (#5398) * Update readme for more thorough instructions (#5399) * Enable async batch processing (#5308) * feat(cli): add agent commands (#4750) * Validate date search values (#5404) * Document how userinfo values are generated (#5405) * Improve docs on running bots on localhost (#5410) * Document rate server rate limits config settings (#5403) * Updating R5 and Real World Test Plan (#5411) * Validate access policy criteria against stated resource type (#5412) * Dependency upgrades 2024-10-21 (#5409) * Specify application_name (#5407) * Fix GraphQL max depth validation (#4949) * Include pre-expanded ValueSets and flatten expansion for output (#5414) * Fix documentation links (#5422) * Pin `@tabler/icons-react` to not load all icons (#5423) * docs(client): add docs about `MedplumClient` lifecycle (#5419) * [Photon Health] Make minor improvements to demo app (#5420) * Document asynchronous batch request pattern (#5408) * Fix fork link typo in README files (#5417) * feat(useSearch): add debounce to `useSearch` (#5413) * Document JSON formatting for Batch Patch (#5425) * Fixes #5418 - backport R5 search params for ResearchStudy et al (#5427) * Updated types for R5 ResearchStudy and EvidenceVariable (#5428) * Fixes #5378 - Handle multiple values in Timing.repeat.when (#5429) * Dependency upgrades 2024-10-28 (#5430) **Full Changelog**: v3.2.17...v3.2.18
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Ensure that
AccessPolicycriteria are consistent: they must refer to the same resource type as theAccessPolicy.resource.resourceType, e.g.This is checked in two places:
AccessPolicyis modified, invalidcriteriawill trigger a 400 errorcriteriawill be ignored