Adding the validation profiles for PPQm + updating the documentation

324b8fb3 · Vincent Hofman · aa2cf737 · 324b8fb3 · 324b8fb3 · 324b8fb3
Commit 324b8fb3 authored 2 months ago by Vincent Hofman
--- a/EHS/PPQm/CH-PPQ-3-MobilePrivacyPolicyFeed-ValidationProfile.json
+++ b/EHS/PPQm/CH-PPQ-3-MobilePrivacyPolicyFeed-ValidationProfile.json
+{
+  "profileType": "HTTPREQUEST",
+  "id": "CH-PPQ-3-MobilePrivacyPolicyFeed",
+  "name": "PPQ-3_HTTP_POST_PUT_DELETE_Consent Request",
+  "description": "Validation Profile for validating a PPQ-3 Feed",
+  "context": "EPR",
+  "assertions": [
+    {
+      "selector": "request.method",
+      "id": "MethodChecking",
+      "description": "HTTP method shall be either POST, PUT or DELETE",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "CLOSEDLIST",
+          "values": [
+            "POST",
+            "PUT",
+            "DELETE"
+          ]
+        }
+      ]
+    },
+    {
+      "selector": "request.version",
+      "id": "HTTP1VersionChecking",
+      "description": "The HTTP version shall be HTTP/1.1 ",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "FIXEDVALUE",
+          "fixedValue": "HTTP/1.1"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.path",
+      "id": "URIRegexChecking",
+      "description": "The PPQ-3 request SHALL be sent to [baseUrl]/Consent",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(\\S)+\\/Consent$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Host').values",
+      "id": "HostChecking",
+      "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\-\\/]+(:(\\d)+)?$",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\-\\/]+(:(\\d)+)?$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Authorization').values",
+      "id": "Authorization_parameter_presence",
+      "description": "The Authorization parameter is mandatory.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Authorization').values",
+      "id": "Authorization_parameter_value",
+      "description": "Authorization parameter's value SHALL be Bearer, followed by the token.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.headers('Authorization').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^Bearer\\ [-a-zA-Z0-9._~+\\/]+=*$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('traceparent').values",
+      "id": "traceparent_parameter_presence",
+      "description": "The traceparent parameter is mandatory in the HTTP header.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('traceparent').values",
+      "id": "traceparent_parameter_value",
+      "description": "traceparent parameter's value SHALL be as defined in fhir.ch, section tracecontext.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.headers('traceparent').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(?!f{2})([\\da-f]{2})-(?!0{32})([\\da-f]{32})-(?!0{16})([\\da-f]{16})-([\\da-f]{2})$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('identifier').values",
+      "id": "identifier_parameter_presence",
+      "description": "identifier parameter can be used only once.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('identifier').values",
+      "id": "identifier_parameter_value",
+      "description": "identifier parameter is a UUID as defined in FHIR Datatypes. Regex: ^urn:uuid:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.headers('identifier').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^urn:uuid:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('_format').values",
+      "id": "_format_parameter_presence",
+      "description": "_format parameter can be used only once.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('_format').values",
+      "id": "_format_parameter_value",
+      "description": "_format parameter's value shall be either json or xml.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.uri.queryParams('_format').values.size() > 0",
+      "checks": [
+        {
+          "type": "CLOSEDLIST",
+          "values": [
+            "json",
+            "xml"
+          ]
+        }
+      ]
+    }
+  ]
+}
\ No newline at end of file
--- a/EHS/PPQm/CH-PPQ-4-MobilePrivacyPolicyBundleFeed-ValidationProfile.json
+++ b/EHS/PPQm/CH-PPQ-4-MobilePrivacyPolicyBundleFeed-ValidationProfile.json
+{
+  "profileType": "HTTPREQUEST",
+  "id": "CH-PPQ-4-MobilePrivacyPolicyBundleFeed",
+  "name": "PPQ-4_HTTP_POST_BaseURL Request",
+  "description": "Validation Profile for validating a PPQ-4 Bundle Feed",
+  "context": "EPR",
+  "assertions": [
+    {
+      "selector": "request.method",
+      "id": "MethodChecking",
+      "description": "The only HTTP method which SHALL be supported is POST.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "FIXEDVALUE",
+          "fixedValue": "POST"
+        }
+      ]
+    },
+    {
+      "selector": "request.version",
+      "id": "HTTP1VersionChecking",
+      "description": "The HTTP version shall be HTTP/1.1 ",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "FIXEDVALUE",
+          "fixedValue": "HTTP/1.1"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.path",
+      "id": "URIRegexChecking",
+      "description": "The PPQ-4 request SHALL be sent to [baseUrl].",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(\\S)$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Host').values",
+      "id": "HostChecking",
+      "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\-\\/]+(:(\\d)+)?$",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\-\\/]+(:(\\d)+)?$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Authorization').values",
+      "id": "Authorization_parameter_presence",
+      "description": "The Authorization parameter is mandatory.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Authorization').values",
+      "id": "Authorization_parameter_value",
+      "description": "Authorization parameter's value SHALL be Bearer, followed by the token.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.headers('Authorization').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^Bearer\\ [-a-zA-Z0-9._~+\\/]+=*$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('traceparent').values",
+      "id": "traceparent_parameter_presence",
+      "description": "The traceparent parameter is mandatory in the HTTP header.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('traceparent').values",
+      "id": "traceparent_parameter_value",
+      "description": "traceparent parameter's value SHALL be as defined in fhir.ch, section tracecontext.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.headers('traceparent').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(?!f{2})([\\da-f]{2})-(?!0{32})([\\da-f]{32})-(?!0{16})([\\da-f]{16})-([\\da-f]{2})$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('_format').values",
+      "id": "_format_parameter_presence",
+      "description": "_format parameter can be used only once.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('_format').values",
+      "id": "_format_parameter_value",
+      "description": "_format parameter's value shall be either json or xml.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.uri.queryParams('_format').values.size() > 0",
+      "checks": [
+        {
+          "type": "CLOSEDLIST",
+          "values": [
+            "json",
+            "xml"
+          ]
+        }
+      ]
+    }
+  ]
+}
\ No newline at end of file
--- a/EHS/PPQm/CH-PPQ-5-MobilePrivacyPolicyRetrieve-ValidationProfile.json
+++ b/EHS/PPQm/CH-PPQ-5-MobilePrivacyPolicyRetrieve-ValidationProfile.json
+{
+  "profileType": "HTTPREQUEST",
+  "id": "CH-PPQ-5-MobilePrivacyPolicyRetrieve",
+  "name": "PPQ-5_HTTP_GET_Consent Request",
+  "description": "Validation Profile for validating a PPQ-5 Retrieve",
+  "context": "EPR",
+  "assertions": [
+    {
+      "selector": "request.method",
+      "id": "MethodChecking",
+      "description": "The only HTTP method which SHALL be supported is GET.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "FIXEDVALUE",
+          "fixedValue": "GET"
+        }
+      ]
+    },
+    {
+      "selector": "request.version",
+      "id": "HTTP1VersionChecking",
+      "description": "The HTTP version shall be HTTP/1.1 ",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "FIXEDVALUE",
+          "fixedValue": "HTTP/1.1"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.path",
+      "id": "URIRegexChecking",
+      "description": "The PPQ-5 request SHALL be sent to [baseUrl]/Consent.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(\\S)+\\/Consent$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Host').values",
+      "id": "HostChecking",
+      "description": "Host Shall be a server name; Regex: ^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\-\\/]+(:(\\d)+)?$",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(http[s]?:\\/\\/)?[a-zA-Z0-9.\\-\\/]+(:(\\d)+)?$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Authorization').values",
+      "id": "Authorization_parameter_presence",
+      "description": "The Authorization parameter is mandatory.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 1,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('Authorization').values",
+      "id": "Authorization_parameter_value",
+      "description": "Authorization parameter's value SHALL be Bearer, followed by the token.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.headers('Authorization').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^Bearer\\ [-a-zA-Z0-9._~+\\/]+=*$"
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('traceparent').values",
+      "id": "traceparent_parameter_presence",
+      "description": "The traceparent parameter is mandatory in the HTTP header.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.headers('traceparent').values",
+      "id": "traceparent_parameter_value",
+      "description": "traceparent parameter's value SHALL be as defined in fhir.ch, section tracecontext.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.headers('traceparent').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(?!f{2})([\\da-f]{2})-(?!0{32})([\\da-f]{32})-(?!0{16})([\\da-f]{16})-([\\da-f]{2})$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri",
+      "id": "identifier_parameter_presence",
+      "description": "(patient:)identifier parameter is mandatory.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^(\\S)*(patient:)?identifier(\\S)$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('patient:identifier').values",
+      "id": "patient:identifier_parameter_presence",
+      "description": "patient:identifier parameter can be used only once.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('patient:identifier').values",
+      "id": "patient:identifier_parameter_value",
+      "description": "Patient identifier parameter is a EPR-SPID. Regex: ^urn:oid:2\\.16\\.756\\.5\\.30\\.1\\.127\\.3\\.10\\.3|\\d{18}$.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.uri.queryParams('patient:identifier').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^urn:oid:2\\.16\\.756\\.5\\.30\\.1\\.127\\.3\\.10\\.3|\\d{18}$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('identifier').values",
+      "id": "identifier_parameter_presence",
+      "description": "identifier parameter can be used only once.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('identifier').values",
+      "id": "identifier_parameter_value",
+      "description": "identifier parameter is a UUID as defined in FHIR Datatypes. Regex: ^urn:uuid:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.uri.queryParams('identifier').values.size() > 0",
+      "checks": [
+        {
+          "type": "REGEX",
+          "regex": "^urn:uuid:[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('_format').values",
+      "id": "_format_parameter_presence",
+      "description": "_format parameter can be used only once.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "checks": [
+        {
+          "type": "OCCURRENCE",
+          "minOccurrence": 0,
+          "maxOccurrence": 1
+        }
+      ]
+    },
+    {
+      "selector": "request.uri.queryParams('_format').values",
+      "id": "_format_parameter_value",
+      "description": "_format parameter's value shall be either json or xml.",
+      "requirementPriority": "MANDATORY",
+      "checksComposition": "oneOf",
+      "applyIf": "request.uri.queryParams('_format').values.size() > 0",
+      "checks": [
+        {
+          "type": "CLOSEDLIST",
+          "values": [
+            "json",
+            "xml"
+          ]
+        }
+      ]
+    }
+  ]
+}
\ No newline at end of file
--- a/EHS/PPQm/README.md
+++ b/EHS/PPQm/README.md
@@ -35,7 +35,7 @@ This validation profile's documentation references:
 |   _format_parameter_value   |   CLOSEDLIST   |   [json,xml] |   _format parameter's value shall be either json or xml. |


-## PPQ-4 Mobile Privacy Policy Feed assertions
+## PPQ-4 Mobile Privacy Policy Bundle Feed assertions

 |   id  |   Check's type |   Value |   Description    |
 |---    |---    |---    |---    |
@@ -51,19 +51,19 @@ This validation profile's documentation references:
 |   _format_parameter_value   |   CLOSEDLIST   |   [json,xml] |   _format parameter's value shall be either json or xml. |


-## PPQ-5 Mobile Privacy Policy Feed assertions
+## PPQ-5 Mobile Privacy Policy Retrieve assertions

 |   id  |   Check's type |   Value |   Description    |
 |---    |---    |---    |---    |
 |   MethodChecking   |   FIXEDVALUE   |   GET |   The only HTTP method which SHALL be supported is GET.  |
 |   HTTP1VersionChecking   |   FIXEDVALUE  |   HTTP/1.1 |   The HTTP version shall be HTTP/1.1  |
-|   URIRegexChecking   |   REGEX   |   `^(\S)+\/Consent$` |   The PPQ-3 request SHALL be sent to [baseUrl]/Consent |
+|   URIRegexChecking   |   REGEX   |   `^(\S)+\/Consent$` |   The PPQ-5 request SHALL be sent to [baseUrl]/Consent |
 |   HostChecking   |   REGEX   |   `^(http[s]?:\/\/)?[a-zA-Z0-9.\-\/]+(\:(\d)+)?$` |   Host Shall be a server name  |
 |   Authorization_parameter_presence   |   OCCURRENCE   |   1..1 |   The Authorization parameter is mandatory  |
 |   Authorization_parameter_value   |   REGEX   |   `^Bearer\\ [-a-zA-Z0-9._~+\\/]+=*$` |   Authorization parameter's value SHALL be Bearer, followed by the token. |
 |   traceparent_parameter_presence   |   OCCURRENCE   |   0..1 |   The traceparent parameter is recommended in the HTTP header|
 |   traceparent_parameter_value   |   REGEX   |   `^(?!f{2})([\da-f]{2})-(?!0{32})([\da-f]{32})-(?!0{16})([\da-f]{16})-([\da-f]{2})$` |   traceparent parameter's value SHALL be as defined in fhir.ch, section [tracecontext](https://fhir.ch/ig/ch-epr-mhealth/tracecontext.html). |
-|   identifier_parameter_presence   |   CLOSEDLIST   |   [identifier,patient:identifier] |   identifier parameter is mandatory. |
+|   identifier_parameter_presence   |   REGEX   |   `^(\S)*(patient:)?identifier(\S)*$` |   identifier parameter is mandatory. |
 |   patientId_parameter_presence   |   OCCURRENCE   |   0..1 |   patient:identifier parameter can be used only once. |
 |   patientId_parameter_value   |   REGEX   |   `^urn:oid:2\.16\.756\.5\.30\.1\.127\.3\.10\.3\|\d{18}$` |   Patient identifier parameter is a EPR-SPID. Regex: `^urn:oid:2\.16\.756\.5\.30\.1\.127\.3\.10\.3\|\d{18}$`.  |
 |   policySetId_parameter_presence   |   OCCURRENCE   |   0..1 |   PolycySet identifier parameter can be used only once. |