Authentication

ToF is designed with minimum requirements for user authentication to access the data stored on the FHIR servers ToF is configured to use. Additional permissions may be required depending on the configuration of the ToF installation.

Permissions

If the ToF installation is configured to require permissions, only data that the user has been permitted to view/edit will be access to them in the user interface. The remainder of this section presumes that permissions are enabled in the installation.

Permissions are maintained for each individual resource in the system. For example, permissions may be different for an instance of an ImplementationGuide compared to a StructureDefinintion that the implementation guide references.

Each edit screen contains a "Permissions"  tab which allows the user to define the permissions for the resource. The user may search for users and groups, and add read and/or write permissions to the resource for the selected users/groups.

The user may select a different resource to copy permissions, either:

  1. Select a resource type and type search criteria in the text field. Suggestions will present below the text field. Select one of the suggestions and press the "Copy" button.
  2. Click the "Search" button next to the text field to select a resource using the advanced search pop-up window. Click the "Copy" button after you identify and select a resource.

If you have permissions to a resource via a group and that resource has other associated groups and you aren't a member, the name of the group will not appear and the "Permissions" tab will only display the ID of those other groups.

If you do not have permissions to edit a resource, you cannot click the "Edit" button on the resource from the browse screen. Future enhancements may allow the user to access the "Edit" screen in a disabled state when the user doesn't have edit permissions to the resource.

Managing Groups

All users can create/manage their groups. A group may only have one manager.

To create/edit/delete groups, click your name in the top-right of ToF, and select the "Groups" tab. Changes to the "Groups" tab are persisted immediately. The "Save" button only applies to editing information for your profile.

When you create a group, you are automatically added as a member to the group. You cannot remove yourself as a member from the group.

Importing Resources

When importing new resources, the permissions for those new resources default to allow the user performing the import view/edit access. To allow additional permissions, edit each resource and grant additional permissions.

Implementation Guide Permissions

You may copy permissions for an implementation guide to resources within the implementation guide. This functionality is primarily for scenarios where the permissions to the implementation guide have changed, and those changes need to be propagated down to the resources within the implementation guide.

Note: You cannot change permissions for a resource you don't have access. If you don't have access to one or more of the resources within the IG, you cannot copy permissions from the IG to that/those resources.

To do this:

  1. Open a project.
  2. Select Browse > "Edit ImplementationGuide."
  3. Select the "Permissions" tab.
  4. Click the "Copy" button in the "Copy IG Permissions" panel.
  5. After ToF copies the permissions, you will be prompted to indicate the number of resources changed as part of the request.