http - delete - needs to be more policy directive and reference #AccessDenied

XMLWordPrintableJSON

    • Type: Change Request
    • Resolution: Persuasive
    • Priority: Medium
    • FHIR Core (FHIR)
    • STU3
    • FHIR Infrastructure
    • Normative
    • REST (http)
    • Hide

      Add a policy note about the impact of delete and add a reference to the #accessdenied issue.

      Also, add 202 to the list of possible responses, if it is desired to return a more non-committal result.

      Show
      Add a policy note about the impact of delete and add a reference to the #accessdenied issue. Also, add 202 to the list of possible responses, if it is desired to return a more non-committal result.
    • Grahame Grieve/John Moehrke: 13-0-0
    • Enhancement
    • Non-substantive
    • STU3

      The http section on delete should be more directive on the allowance for policy to impact actual actions. What actually happens on a delete is going to be highly influenced by policy, and the authority of the request. The behaviou given would be an idealogical pattern, where policy variations are possible.

      Also, when a resource is deleted, policy will affect future accesses to that. There can then be a mention of the security page on #AccessDenied

            Assignee:
            Unassigned
            Reporter:
            John Moehrke
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: