diff --git a/paths/population_statistics_authorisation.yaml b/paths/population_statistics_authorisation.yaml index 0fc6821..1ccaccd 100644 --- a/paths/population_statistics_authorisation.yaml +++ b/paths/population_statistics_authorisation.yaml @@ -3,7 +3,7 @@ get: - Population statistics operationId: getStatisticsAuthorisation summary: Authorisation - description: Reports the authorisations for group-by items for the specified practice(s). Care groups are allowed to query the authorisations of the underlying practices. Practices are allowed to query their own settings. + description: Reports the authorisations for group-by items for the specified practice(s). Care groups are allowed to query the authorisations of the underlying practices. Practices are always allowed to access their own population statistics, therefore authorisation applies only to care groups wanting to access a practice statistics object (group-by item). parameters: - name: agbs in: query @@ -15,7 +15,7 @@ get: description: The agb of the practice(s) for which the authorisations should be reported. responses: 200: - description: An array with for each practice an object describing the authorisation settings for the practice and for the care groups. + description: An array with for each practice an object describing the authorisation settings for the care group. content: application/json: schema: @@ -25,17 +25,6 @@ get: properties: practice: $ref: '../schemas/agb.yaml' - groupBy: - type: array - items: - type: object - properties: - item: - $ref: ../schemas/StatisticsGroupBy-enum.yaml - description: All possible enum values are always in the output. - active: - type: boolean - description: True if authorised, otherwise false. caregroups: type: array items: @@ -46,7 +35,16 @@ get: agb: $ref: '../schemas/agb.yaml' groupBy: - $ref: '#/get/responses/200/content/application~1json/schema/items/properties/groupBy' + type: array + items: + type: object + properties: + item: + $ref: ../schemas/StatisticsGroupBy-enum.yaml + description: All possible enum values are always in the output. + active: + type: boolean + description: True if authorised, otherwise false. 400: $ref: '../zoo-api.yaml#/components/responses/ReqFailure' 401: diff --git a/paths/population_statistics_authorisation_{item}_caregroup_{tag}.yaml b/paths/population_statistics_authorisation_{item}_caregroup_{tag}.yaml index 67fca7d..ad41c8f 100644 --- a/paths/population_statistics_authorisation_{item}_caregroup_{tag}.yaml +++ b/paths/population_statistics_authorisation_{item}_caregroup_{tag}.yaml @@ -2,9 +2,9 @@ post: tags: - Population statistics operationId: setGroupByItemCareGroup - summary: Authorisation of care groups + summary: Authorisation description: |- - Set the authorisation for statistic group-by items for care groups. This enables or disables the statistic for use by the care group. Only when authorized as the practice the settings may be changed. + Set the authorisation for statistic group-by items for care groups. This enables or disables the statistic for use by the care group. Only when the API-user is authorized as the practice the settings may be changed. parameters: - name: item in: path diff --git a/paths/population_statistics_authorisation_{item}_practice.yaml b/paths/population_statistics_authorisation_{item}_practice.yaml deleted file mode 100644 index 6f35581..0000000 --- a/paths/population_statistics_authorisation_{item}_practice.yaml +++ /dev/null @@ -1,54 +0,0 @@ -post: - tags: - - Population statistics - operationId: setGroupByItemPractice - summary: Authorisation of practice - description: |- - Set the authorisation for statistic group-by items for the practice. This enables or disables the statistic for all the employees of the practice at once. Only when authorized as the practice the settings may be changed. - parameters: - - name: 'item' - in: path - schema: - $ref: '../schemas/StatisticsGroupBy-enum.yaml' - required: true - - $ref: '../zoo-api.yaml#/components/parameters/AgbSubject' - required: true - description: AGB of the practice for which the authorisation should be set. This should match the JWT-authorisation. - - name: active - in: query - schema: - type: boolean - description: True to set the authorisation, false to remove. - required: true - - name: employee - in: query - schema: - type: string - description: The employee that is adding the authorisation. Any string is accepted, but it is recommended to use a employee code derived from this API. - required: true - responses: - '200': - description: The response parrots the request, except for the `employee` and `timestamp` properties. If the authorisation is changed the `employee` and `timestamp` from the request are responded, but if the request didn't change the authorisation, then the `employee` and `timestamp` from the last change are in the payload. - content: - application/json: - schema: - type: object - properties: - employee: - type: string - timestamp: - $ref: ../schemas/dateTime.yaml - agb: - $ref: ../schemas/agb.yaml - authorizedFor: - $ref: '../schemas/StatisticsGroupBy-enum.yaml' - tag: - $ref: '../schemas/tag.yaml' - example: "" - description: Always the empty tag. - enddate: - $ref: '../schemas/date.yaml' - '401': - $ref: '../zoo-api.yaml/#/components/responses/NoAuth' - '403': - $ref: '../zoo-api.yaml/#/components/responses/NoAccess'