Delegated Access System (Local) #614
Open
+1,574
−51
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…terface and handlers [DELEGATED-ACCESS]
[DELEGATED-ACCESS]
… select flow [DELEGATED-ACCESS]
…Settings page [DELEGATED-ACCESS]
[DELEGATED-ACCESS]
…t and add BE changes [DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
…ng info [DELEGATED-ACCESS]
[DELEGATED-ACCESS]
[DELEGATED-ACCESS]
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🧩 Delegated Resource Access System
Overview
The Delegated Resource Access feature allows users to grant editing permissions on specific FHIR resources to other authorized users.
This functionality is designed to support collaborative data management — for example, when an authorized delegate needs temporary or partial access to update a user’s records. We do not allow delegated edit for sources that are external (not Fasten).
Location
You can find this feature in the Settings page under the Delegated Access section.
Functionality
Owner Access
The main user (resource owner) has full control over their resources.
Delegated Access
A resource owner can delegate edit rights to another user.
Delegated users can view and edit resource JSON directly within the UI.
Read-Only Access
If a user is not delegated, the resource remains read-only.
The UI shows the JSON content but does not allow editing or saving.
Implementation Details
Real-time JSON validation via the
validateJson()method.A “Save Changes” button that is disabled when the JSON is invalid.
A warning message (
Invalid JSON) appears next to the button when validation fails.Read-only mode (
non-delegated) displays:The resource JSON content in a highlighted
<pre><code>block.🛠️ Backend Changes — Delegated Access API
To support delegated access and editing, several new secure API endpoints were added to the backend. These endpoints manage delegation creation, retrieval, and resource editing permissions.
Endpoints Overview
Security Notes
All routes are protected under the
securegroup, ensuring authenticated access.Delegation permissions are verified per resource to prevent unauthorized edits.
Future enhancements may include activity logging, delegation expiration support and mapping the delegated data as medical history or labs data.
DELEGATED_DEMO.mp4