Upd: Config endpoints

Signed-off-by: George J Padayatti <[email protected]>

openapi/v2023.8.2/definitions/AgreementData.yaml

@@ -1,6 +1,6 @@
 type: object
 title: AgreementData
-description: "Agreement data contains specifications of exactly what is collected."
+description: "DataAgreement data contains specifications of exactly what is collected."
 x-not-in-database: false
 
 required:
@@ -16,8 +16,8 @@ properties:
     description: ""
 
   agreement:
-    $ref: "./Agreement.yaml"
-    x-fk-model: "Agreement"
+    $ref: "./DataAgreement.yaml"
+    x-fk-model: "DataAgreement"
     description: ""
 
   name:

openapi/v2023.8.2/definitions/AgreementFilter.yaml

@@ -1,6 +1,6 @@
 type: object
 title: AgreementFilter
-description: "Query filter for API endpoint listing Agreement objects"
+description: "Query filter for API endpoint listing DataAgreement objects"
 x-not-in-database: true
 
 required:

openapi/v2023.8.2/definitions/AgreementLifecycle.yaml

@@ -1,6 +1,6 @@
 type: object
 title: AgreementLifecycle
-description: "TBD: Models the valid lifecycle states of an Agreement"
+description: "TBD: Models the valid lifecycle states of an DataAgreement"
 x-not-in-database: false
 
 required:

openapi/v2023.8.2/definitions/AgreementPurpose.yaml

@@ -30,4 +30,4 @@ properties:
     type: string
     format: ""
     example: ""
-    description: "In order to sign an Agreement, this relation needs to have a cryptopgraphic hash of the JSON serialized data to be included in the Signature payload of the Agreement. Hashes are collected as the hex representation of the SHA-1 sum of all UTF8 encoded string versions of the JSON representation of data. SHA1(jsonSerializedData)"
+    description: "In order to sign an DataAgreement, this relation needs to have a cryptopgraphic hash of the JSON serialized data to be included in the Signature payload of the DataAgreement. Hashes are collected as the hex representation of the SHA-1 sum of all UTF8 encoded string versions of the JSON representation of data. SHA1(jsonSerializedData)"

openapi/v2023.8.2/definitions/AuditTracker.yaml

@@ -33,7 +33,7 @@ properties:
     type: string
     format: ""
     example: ""
-    description: "A URL receiving a callback with the Agreement object + Revision + AuditEventType"
+    description: "A URL receiving a callback with the DataAgreement object + Revision + AuditEventType"
 
   callbackConsentRecord:
     type: string

openapi/v2023.8.2/definitions/ConsentRecord.yaml

@@ -1,6 +1,6 @@
 type: object
 title: ConsentRecord
-description: "A Consent Record expresses consent (as defined in this building block's specification) to a single Agreement. There must be a UNIQUE constraint on (agreementRevision, individual)"
+description: "A Consent Record expresses consent (as defined in this building block's specification) to a single DataAgreement. There must be a UNIQUE constraint on (agreementRevision, individual)"
 x-not-in-database: false
 
 required:
@@ -15,9 +15,9 @@ properties:
     description: 'Objects may be passed back by some API endpoints without an id (PK), denoting that they are a "draft", i.e. a ConsentRecord that is not yet stored in the database and only exist in transit. Draft ConsentRecords do not have a Revision, but if paired up with a Signature, a valid Revision should be generated.'
 
   agreement:
-    $ref: "./Agreement.yaml"
-    x-fk-model: "Agreement"
-    description: "The Agreement to which consent has been given"
+    $ref: "./DataAgreement.yaml"
+    x-fk-model: "DataAgreement"
+    description: "The DataAgreement to which consent has been given"
 
   agreementRevision:
     $ref: "./Revision.yaml"

openapi/v2023.8.2/definitions/ConsentRecordFilter.yaml

@@ -13,8 +13,8 @@ properties:
     description: ""
 
   agreement:
-    $ref: "./Agreement.yaml"
-    x-fk-model: "Agreement"
+    $ref: "./DataAgreement.yaml"
+    x-fk-model: "DataAgreement"
     description: ""
 
   agreementRevision:

openapi/v2023.8.2/definitions/DataAgreement.yaml

@@ -0,0 +1,126 @@
+type: object
+title: DataAgreement
+description: >
+  An agreement contains the specification of a single purpose that can be consented to. 
+  An DataAgreement is universal and can be consented to by *many* individuals through a DataAgreementRecord"
+x-not-in-database: false
+required:
+  - purpose
+  - purposeDescription
+  - controllerUrl
+  - controllerName
+  - policy
+  - lawfulBasis
+  - methodOfUse
+  - active
+  - forgettable
+  - lifecycle
+properties:
+  id:
+    type: string
+    format: ""
+    example: ""
+    description: ""
+
+  version:
+    type: string
+    format: ""
+    example: ""
+    description: "The version of this specification to which a receipt conforms"
+
+  controllerId:
+    type: string
+    description: ID of the controller
+
+  controllerUrl:
+    type: string
+    description: URL of data controller (may be omitted if no data involved)
+
+  controllerName:
+    type: string
+    description: Name of data controller (may be omitted if no data involved)
+
+  policy:
+    $ref: "./Policy.yaml"
+    description: >
+      Policy under which this DataAgreement shall be governed. 
+      When creating a data agreement, the latest policy can be used to fill the default value, 
+      and organisation admin can decide to change it in data agreement level
+
+  purpose:
+    type: string
+    description: Name of purpose
+
+  purposeDescription:
+    type: string
+    description: Description of purpose
+
+  lawfulBasis:
+    type: string
+    format: ""
+    example: ""
+    description: "Lawful basis of the agreement - consent / legal_obligation / contract / vital_interest / public_task / legitimate_interest"
+    enum:
+      - consent
+      - legal_obligation
+      - contract
+      - vital_interest
+      - public_task
+      - legitimate_interest
+
+  methodOfUse:
+    type: string
+    format: ""
+    example: ""
+    description: "null/data_source/data_using_service"
+    enum:
+      - null
+      - data_source
+      - data_using_service
+
+  dpiaDate:
+    type: string
+    format: ""
+    example: ""
+    description: The date on which the DPIA report is generated after a DPIA
+
+  dpiaSummaryUrl:
+    type: string
+    description: The URl providing the DPIA result reports, summary etc that can be verified by any interested parties
+
+  signature:
+    $ref: "./Signature.yaml"
+    x-fk-model: "Signature"
+    description: >
+      Signature of authorizing party of DataAgreement. 
+      Note: Signatures may be chained in case of multiple signatures.
+
+  active:
+    type: boolean
+    format: ""
+    example: ""
+    description: "DataAgreement is active and new DataAgreementRecords can be created."
+
+  forgettable:
+    type: boolean
+    format: ""
+    example: ""
+    description: "DataAgreementRecord may be deleted when consent is withdrawn, as its existence is not necessary for auditability."
+
+  compatibleWithVersionId:
+    type: string
+    format: ""
+    x-fk-model: "DataAgreement"
+    description: >
+      WIP: This field indicates that Data Agreement Records may be transferred from this 
+      compatible previous revision of the same DataAgreement.
+
+  lifecycle:
+    type: string
+    description: >
+      WIP: Current Lifecycle state of the DataAgreement. 
+      Lifecycle states are used to manage internal workflows and 
+      should not be assigned semantic meanings for active Data Agreement Records.
+    enum:
+      - draft
+      - complete

openapi/v2023.8.2/definitions/Policy.yaml

@@ -1,6 +1,6 @@
 type: object
 title: Policy
-description: 'A policy governs data and Agreement in the realm of an organisation that is refered to as "data controller" (GDPR) and owner of referencing Agreements.'
+description: 'A policy governs data and DataAgreement in the realm of an organisation that is refered to as "data controller" (GDPR) and owner of referencing Agreements.'
 x-not-in-database: false
 
 required:

openapi/v2023.8.2/definitions/Revision.yaml

@@ -1,6 +1,6 @@
 type: object
 title: Revision
-description: "A *generic* revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.\n\nAside from \"successor\" column, a revision should be considered locked."
+description: "A *generic* revision model captures the serialized contents of any schema's single row. This is then subject to 1) cryptographic signature and 2) auditing.\n\nAside from \"successor\" column, a revision should be considered locked."
 x-not-in-database: false
 
 required:

openapi/v2023.8.2/definitions/Signature.yaml

@@ -1,10 +1,12 @@
 type: object
 title: Signature
-description: "A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object."
+description: >
+  A generic signature contains a cryptographic hash of some value, 
+  together with a signature created by some private key in another system. 
+  Required signing methods: Revision object or another Signature object.
 x-not-in-database: false
 
 required:
-  - id
   - payload
   - signature
   - verificationMethod
@@ -90,6 +92,9 @@ properties:
     format: ""
     example: ""
     description: 'Name of the schema model that objectReference points to. Values: "signature" or "revision"'
+    enum:
+      - revision
+      - signature
 
   objectReference:
     type: string

openapi/v2023.8.2/index.yaml

@@ -2,8 +2,8 @@ components:
   schemas:
     Pagination:
       $ref: "./definitions/Pagination.yaml"
-    Agreement:
-      $ref: ./definitions/Agreement.yaml
+    DataAgreement:
+      $ref: ./definitions/DataAgreement.yaml
     AgreementData:
       $ref: ./definitions/AgreementData.yaml
     AgreementFilter:
@@ -78,30 +78,28 @@ paths:
     post:
       $ref: ./paths/configCreateAgreement.yaml
   /config/data-agreement/{dataAgreementId}:
-    delete:
-      $ref: ./paths/configDeleteAgreement.yaml
     get:
       $ref: ./paths/configReadAgreement.yaml
     put:
       $ref: ./paths/configUpdateAgreement.yaml
+    delete:
+      $ref: ./paths/configDeleteAgreement.yaml
   /config/data-agreements:
     get:
       $ref: ./paths/configListAgreement.yaml
-    post:
-      $ref: ./paths/configListAgreementFilter.yaml
-  /config/policies:
-    get:
-      $ref: ./paths/configListPolicy.yaml
   /config/policy:
     post:
       $ref: ./paths/configCreatePolicy.yaml
   /config/policy/{policyId}:
-    delete:
-      $ref: ./paths/configDeletePolicy.yaml
     get:
-      $ref: ./paths/configReadPolicy.yaml
+        $ref: ./paths/configReadPolicy.yaml
     put:
       $ref: ./paths/configUpdatePolicy.yaml
+    delete:
+      $ref: ./paths/configDeletePolicy.yaml
+  /config/policies:
+    get:
+      $ref: ./paths/configListPolicy.yaml
   /config/policy/{policyId}/revisions:
     get:
       $ref: ./paths/configListPolicyRevisions.yaml

openapi/v2023.8.2/paths/auditAgreementList.yaml

@@ -35,7 +35,7 @@ responses:
         schema:
           items:
             oneOf:
-              - $ref: ../definitions/Agreement.yaml
+              - $ref: ../definitions/DataAgreement.yaml
           type: array
     description: ""
   "400":