HackMD - Collaborative Markdown Knowledge Base

/data - Data Registry --/notebook - Data Registrations --/note --/medical-record --/observation --/professionnal ----/professional-1 - Registered Instance ----/professional-2 ----/professional-3 ----/professional-4 --/doctor ----/doctor-1 ----/doctor-2 --/nurse ----/nurse-1 ----/nurse-2 /data --/carer %CarerShapeTree#top ----/doctor-1 ----/nurse-2 ``` turtle <CarerShapeTree#top> tree:contains <#doc>, <#nurse> . <CarerShapeTree#doc> hasShape <DoctorShape> . <CarerShapeTree#nurse> hasShape <NurseShape> . ``` /data --/carer-doctors %CarerShapeTree#top ----/doctor-1 /data --/carer-nurses %CarerShapeTree#top ----/nurse-2 ``` turtle <MyDoctorShapeTree#top> tree:contains <PopularShapeTree#doc> . ``` med:medical-record -> 3 - great! Fabulous! Lovely! granting ericP access to Justin's MedRecord1 /data - Data Registry --/medical-record |references MedShapeTree#prescriotion, shapePath: "...hasPrescription>..."| ----/medical-record-1 --hasPrescription-> ../prescriptions/prescription-abc --/prescriptions ----/prescription-abc ----/prescription-def (future) --/observations ----observation-123 ----observation-456 ----observation-789 (future) Approaches to solve this: Server telling us things changed - Event handling from the server - third party agent applies acl updates based on new / changes resources, using context from access grants and shape trees - Flattened rule form of what was ultimately applied and why - Josh - Access grant provides some means to do that (recreate what was chosen by the user) - Justin - store the transactions, but maintain something to the currently effective set at each registration Forcing everything through a client library with awareness of what to do - doing PUTs through something that does them for you, which knows how to maintain things properly -- /data/ -- /prescription - <#prescriptions-tree> ---- /prescription-1 - <#prescription-tree> ---- /prescription-2 - <#prescription-tree> ---- /prescription-3 - <#prescription-tree> ---- /prescription-4 - <#prescription-tree> -- /observcation ## ShapeTree ``` tuttle <#CarePlan> tree:references [ shapeTree <Med#Prescription>; shapePath "...foo..." <#Prescription> tree:references [ shapeTree <Med#Condition>; shapePath "...bar..." ``` ## CarePlan#me ``` turtle <#me> <foo> <Prescriptio7#me> . ``` ## Prescrition7#me ``` turtle <#me> <bar> <Condition89#me> . ``` ### ACL for Prescriptions ``` <Prescriptions> wac:mode acl:Read ; wac:resource <Prescrition7#me> ; wac:whenRelatedBy "<CarePlan#me> :foo ?RESOURCE" ; wac:allow <Alice> . ``` ## Condtion89#me ``` turtle ... ``` ### ACL for Conditionz ``` <Conditions> wac:mode acl:Read ; wac:resource <Prescrition7#me> ; # wac:XXXwhenRelatedBy "<Prescription7#me> :bar ?RESOURCE" ; wac:whenRelatedBy "CarePlan#me> :foo [ :bar ?RESOURCE ]" wac:allow <Alice> . ``` <#PrescriptionAccess> a :AuthorizationStatement ; :mode acl:Read ; :whenRelatedWith <#Prescription7> :whenRelatedBy "bar" :allow <https://alice.example/profile/id#me> .