From 2b2f9aa86eae2c4848651e1131dfc4eb25f4c887 Mon Sep 17 00:00:00 2001 From: George J Padayatti Date: Fri, 13 Oct 2023 11:34:41 +0530 Subject: [PATCH] Upd: Config endpoints Signed-off-by: George J Padayatti --- openapi/v2023.8.2/bundled.yaml | 491 +++++++++--------- openapi/v2023.8.2/definitions/Agreement.yaml | 82 --- .../v2023.8.2/definitions/AgreementData.yaml | 6 +- .../definitions/AgreementFilter.yaml | 2 +- .../definitions/AgreementLifecycle.yaml | 2 +- .../definitions/AgreementPurpose.yaml | 2 +- .../v2023.8.2/definitions/AuditTracker.yaml | 2 +- .../v2023.8.2/definitions/ConsentRecord.yaml | 8 +- .../definitions/ConsentRecordFilter.yaml | 4 +- .../v2023.8.2/definitions/DataAgreement.yaml | 126 +++++ openapi/v2023.8.2/definitions/Policy.yaml | 2 +- openapi/v2023.8.2/definitions/Revision.yaml | 2 +- openapi/v2023.8.2/definitions/Signature.yaml | 9 +- openapi/v2023.8.2/index.yaml | 22 +- .../v2023.8.2/paths/auditAgreementList.yaml | 2 +- openapi/v2023.8.2/paths/auditReadRecord.yaml | 2 +- .../paths/configCreateAgreement.yaml | 23 +- .../v2023.8.2/paths/configCreatePolicy.yaml | 2 +- .../paths/configDeleteAgreement.yaml | 4 +- .../v2023.8.2/paths/configDeletePolicy.yaml | 4 +- .../v2023.8.2/paths/configListAgreement.yaml | 35 +- .../paths/configListAgreementFilter.yaml | 4 +- openapi/v2023.8.2/paths/configListPolicy.yaml | 2 +- .../paths/configListPolicyRevisions.yaml | 2 +- .../v2023.8.2/paths/configReadAgreement.yaml | 15 +- openapi/v2023.8.2/paths/configReadPolicy.yaml | 2 +- .../paths/configUpdateAgreement.yaml | 23 +- .../v2023.8.2/paths/configUpdatePolicy.yaml | 6 +- .../paths/serviceAgreementDataRead.yaml | 4 +- .../paths/serviceAgreementPurposeRead.yaml | 4 +- .../v2023.8.2/paths/serviceAgreementRead.yaml | 8 +- .../paths/serviceDeleteAllRecords.yaml | 2 +- .../v2023.8.2/paths/servicePolicyRead.yaml | 4 +- .../serviceReadIndividualRecordRead.yaml | 2 +- 34 files changed, 469 insertions(+), 441 deletions(-) delete mode 100644 openapi/v2023.8.2/definitions/Agreement.yaml create mode 100644 openapi/v2023.8.2/definitions/DataAgreement.yaml diff --git a/openapi/v2023.8.2/bundled.yaml b/openapi/v2023.8.2/bundled.yaml index e20f61b..5816383 100644 --- a/openapi/v2023.8.2/bundled.yaml +++ b/openapi/v2023.8.2/bundled.yaml @@ -22,16 +22,23 @@ components: hasNext: type: boolean description: Indicates if there's a next page - Agreement: + DataAgreement: type: object - title: Agreement - description: An agreement contains the specification of a single purpose that can be consented to. An Agreement is universal and can be consented to by *many* individuals through a ConsentRecord + title: DataAgreement + description: | + An agreement contains the specification of a single purpose that can be consented to. An DataAgreement is universal and can be consented to by *many* individuals through a DataAgreementRecord" x-not-in-database: false required: - - id - - version + - purpose + - purposeDescription + - controllerUrl + - controllerName + - policy - lawfulBasis - - dpia + - methodOfUse + - active + - forgettable + - lifecycle properties: id: type: string @@ -43,59 +50,86 @@ components: format: '' example: '' description: The version of this specification to which a receipt conforms - controller: - $ref: '#/components/schemas/Controller' - x-fk-model: Controller - description: Data controller (may be omitted if no data involved) + controllerId: + type: string + description: ID of the controller + controllerUrl: + type: string + description: URL of data controller (may be omitted if no data involved) + controllerName: + type: string + description: Name of data controller (may be omitted if no data involved) policy: $ref: '#/components/schemas/Policy' - x-fk-model: Policy - description: Reference to the policy under which this Agreement shall be governed + description: | + Policy under which this DataAgreement shall be governed. When creating a data agreement, the latest policy can be used to fill the default value, and organisation admin can decide to change it in data agreement level purpose: - $ref: '#/components/schemas/AgreementPurpose' - x-fk-model: AgreementPurpose - description: Purpose of data processing or purpose of consent. Displayed to the user. + type: string + description: Name of purpose + purposeDescription: + type: string + description: Description of purpose lawfulBasis: type: string format: '' example: '' description: Lawful basis of the agreement - consent / legal_obligation / contract / vital_interest / public_task / legitimate_interest - dataUse: + enum: + - consent + - legal_obligation + - contract + - vital_interest + - public_task + - legitimate_interest + methodOfUse: type: string format: '' example: '' description: null/data_source/data_using_service - dpia: + enum: + - null + - data_source + - data_using_service + dpiaDate: type: string format: '' example: '' - description: Data Protection Impact Assessment + description: The date on which the DPIA report is generated after a DPIA + dpiaSummaryUrl: + type: string + description: 'The URl providing the DPIA result reports, summary etc that can be verified by any interested parties' signature: $ref: '#/components/schemas/Signature' x-fk-model: Signature - description: 'Signature of authorizing party of Agreement. Note: Signatures may be chained in case of multiple signatures.' + description: | + Signature of authorizing party of DataAgreement. Note: Signatures may be chained in case of multiple signatures. active: type: boolean format: '' example: '' - description: Agreement is active and new ConsentRecords can be created. + description: DataAgreement is active and new DataAgreementRecords can be created. forgettable: type: boolean format: '' example: '' - description: 'Consent Record may be deleted when consent is withdrawn, as its existence is not necessary for auditability.' - compatibleWithVersion: - $ref: '#/components/schemas/Agreement' - x-fk-model: Agreement - description: 'WIP: This field indicates that Consent Records may be transferred from this compatible previous version of the same Agreement.' + description: 'DataAgreementRecord may be deleted when consent is withdrawn, as its existence is not necessary for auditability.' + compatibleWithVersionId: + type: string + format: '' + x-fk-model: DataAgreement + description: | + WIP: This field indicates that Data Agreement Records may be transferred from this compatible previous revision of the same DataAgreement. lifecycle: - $ref: '#/components/schemas/AgreementLifecycle' - x-fk-model: AgreementLifecycle - description: 'WIP: Current Lifecycle state of the Agreement. Lifecycle states are used to manage internal workflows and should not be assigned semantic meanings for active Consent Records.' + type: string + description: | + WIP: Current Lifecycle state of the DataAgreement. Lifecycle states are used to manage internal workflows and should not be assigned semantic meanings for active Data Agreement Records. + enum: + - draft + - complete AgreementData: type: object title: AgreementData - description: Agreement data contains specifications of exactly what is collected. + description: DataAgreement data contains specifications of exactly what is collected. x-not-in-database: false required: - id @@ -109,8 +143,8 @@ components: example: '' description: '' agreement: - $ref: '#/components/schemas/Agreement' - x-fk-model: Agreement + $ref: '#/components/schemas/DataAgreement' + x-fk-model: DataAgreement description: '' name: type: string @@ -130,7 +164,7 @@ components: AgreementFilter: type: object title: AgreementFilter - description: Query filter for API endpoint listing Agreement objects + description: Query filter for API endpoint listing DataAgreement objects x-not-in-database: true required: - name @@ -143,7 +177,7 @@ components: AgreementLifecycle: type: object title: AgreementLifecycle - description: 'TBD: Models the valid lifecycle states of an Agreement' + description: 'TBD: Models the valid lifecycle states of an DataAgreement' x-not-in-database: false required: - id @@ -188,7 +222,7 @@ components: type: string format: '' example: '' - description: 'In order to sign an Agreement, this relation needs to have a cryptopgraphic hash of the JSON serialized data to be included in the Signature payload of the Agreement. Hashes are collected as the hex representation of the SHA-1 sum of all UTF8 encoded string versions of the JSON representation of data. SHA1(jsonSerializedData)' + description: 'In order to sign an DataAgreement, this relation needs to have a cryptopgraphic hash of the JSON serialized data to be included in the Signature payload of the DataAgreement. Hashes are collected as the hex representation of the SHA-1 sum of all UTF8 encoded string versions of the JSON representation of data. SHA1(jsonSerializedData)' AuditEventType: type: object title: AuditEventType @@ -240,7 +274,7 @@ components: type: string format: '' example: '' - description: A URL receiving a callback with the Agreement object + Revision + AuditEventType + description: A URL receiving a callback with the DataAgreement object + Revision + AuditEventType callbackConsentRecord: type: string format: '' @@ -264,7 +298,7 @@ components: ConsentRecord: type: object title: ConsentRecord - description: 'A Consent Record expresses consent (as defined in this building block''s specification) to a single Agreement. There must be a UNIQUE constraint on (agreementRevision, individual)' + description: 'A Consent Record expresses consent (as defined in this building block''s specification) to a single DataAgreement. There must be a UNIQUE constraint on (agreementRevision, individual)' x-not-in-database: false required: - id @@ -277,9 +311,9 @@ components: example: '' description: 'Objects may be passed back by some API endpoints without an id (PK), denoting that they are a "draft", i.e. a ConsentRecord that is not yet stored in the database and only exist in transit. Draft ConsentRecords do not have a Revision, but if paired up with a Signature, a valid Revision should be generated.' agreement: - $ref: '#/components/schemas/Agreement' - x-fk-model: Agreement - description: The Agreement to which consent has been given + $ref: '#/components/schemas/DataAgreement' + x-fk-model: DataAgreement + description: The DataAgreement to which consent has been given agreementRevision: $ref: '#/components/schemas/Revision' x-fk-model: Revision @@ -321,8 +355,8 @@ components: example: '' description: '' agreement: - $ref: '#/components/schemas/Agreement' - x-fk-model: Agreement + $ref: '#/components/schemas/DataAgreement' + x-fk-model: DataAgreement description: '' agreementRevision: $ref: '#/components/schemas/Revision' @@ -414,7 +448,7 @@ components: Policy: type: object title: Policy - description: A policy governs data and Agreement in the realm of an organisation that is refered to as "data controller" (GDPR) and owner of referencing Agreements. + description: A policy governs data and DataAgreement in the realm of an organisation that is refered to as "data controller" (GDPR) and owner of referencing Agreements. x-not-in-database: false required: - name @@ -469,7 +503,7 @@ components: type: object title: Revision description: |- - A *generic* revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing. + A *generic* revision model captures the serialized contents of any schema's single row. This is then subject to 1) cryptographic signature and 2) auditing. Aside from "successor" column, a revision should be considered locked. x-not-in-database: false @@ -545,10 +579,10 @@ components: Signature: type: object title: Signature - description: 'A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object.' + description: | + A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object. x-not-in-database: false required: - - id - payload - signature - verificationMethod @@ -622,6 +656,9 @@ components: format: '' example: '' description: 'Name of the schema model that objectReference points to. Values: "signature" or "revision"' + enum: + - revision + - signature objectReference: type: string format: '' @@ -785,7 +822,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/Agreement' + $ref: '#/components/schemas/DataAgreement' description: '' '400': description: bad input parameter @@ -833,7 +870,7 @@ paths: schema: items: oneOf: - - $ref: '#/components/schemas/Agreement' + - $ref: '#/components/schemas/DataAgreement' type: array description: '' '400': @@ -857,63 +894,36 @@ paths: application/json: schema: properties: - agreement: - $ref: '#/components/schemas/Agreement' - description: An object of type Agreement + dataAgreement: + $ref: '#/components/schemas/DataAgreement' + description: An object of type DataAgreement required: - - agreement + - dataAgreement type: object responses: '200': content: application/json: schema: - items: - oneOf: - - $ref: '#/components/schemas/Agreement' - - $ref: '#/components/schemas/Revision' - type: array + type: object + properties: + dataAgreement: + $ref: '#/components/schemas/DataAgreement' + revision: + $ref: '#/components/schemas/Revision' description: '' '400': description: bad input parameter security: - BearerAuth: [] - summary: CREATE - Create a new data agreement and returned together with revision + summary: CREATE - Create data agreement tags: - config - x-specification-crudl-model: Agreement + x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-001 '/config/data-agreement/{dataAgreementId}': - delete: - description: DELETE - Delete a data agreement - operationId: configDeleteAgreement - parameters: - - description: Unique ID of an object - in: path - name: dataAgreementId - required: true - schema: - type: string - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Revision' - description: '' - '400': - description: bad input parameter - security: - - BearerAuth: [] - summary: DELETE - Delete a data agreement - tags: - - config - x-specification-crudl-model: Agreement - x-specification-pii-or-sensitive: 'False' - x-specification-scenario: '' - x-specification-usecase: UC-C-PIC-A-004 get: description: READ - Fetch the latest version of a data agreement operationId: configReadAgreement @@ -929,20 +939,21 @@ paths: content: application/json: schema: - items: - oneOf: - - $ref: '#/components/schemas/Agreement' - - $ref: '#/components/schemas/Revision' - type: array + type: object + properties: + dataAgreement: + $ref: '#/components/schemas/DataAgreement' + revision: + $ref: '#/components/schemas/Revision' description: '' '400': description: bad input parameter security: - BearerAuth: [] - summary: READ - Fetch the latest version of a data agreement + summary: READ - Read data agreement tags: - config - x-specification-crudl-model: Agreement + x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-003 @@ -961,151 +972,71 @@ paths: application/json: schema: properties: - agreement: - $ref: '#/components/schemas/Agreement' - description: An object of type Agreement + dataAgreement: + $ref: '#/components/schemas/DataAgreement' + description: An object of type DataAgreement required: - - agreement + - dataAgreement type: object responses: '200': content: application/json: schema: - items: - oneOf: - - $ref: '#/components/schemas/Agreement' - - $ref: '#/components/schemas/Revision' - type: array + type: object + properties: + dataAgreement: + $ref: '#/components/schemas/DataAgreement' + revision: + $ref: '#/components/schemas/Revision' description: '' '400': description: bad input parameter security: - BearerAuth: [] - summary: UPDATE - Update an existing data agreement and returned together with revision + summary: UPDATE - Update data agreement tags: - config - x-specification-crudl-model: Agreement + x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-002 - /config/data-agreements: - get: - description: LIST - Fetch all data agreements - operationId: configListAgreement - parameters: - - description: Requested index for start of resources to be provided in response requested by client - in: query - name: offset - required: false - schema: - type: integer - - description: Requested number of resources to be provided in response requested by client - in: query - name: limit - required: false - schema: - type: integer - responses: - '200': - content: - application/json: - schema: - items: - oneOf: - - $ref: '#/components/schemas/Agreement' - type: array - description: '' - '400': - description: bad input parameter - security: - - BearerAuth: [] - summary: LIST - Fetch all data agreements - tags: - - config - x-specification-crudl-model: Agreement - x-specification-pii-or-sensitive: 'False' - x-specification-scenario: '' - x-specification-usecase: UC-C-PIC-A-003 - post: - description: LIST - Fetch all data agreements matching the data agreement filter - operationId: configListAgreementFilter + delete: + description: DELETE - Delete a data agreement + operationId: configDeleteAgreement parameters: - - description: Requested index for start of resources to be provided in response requested by client - in: query - name: offset - required: false - schema: - type: integer - - description: Requested number of resources to be provided in response requested by client - in: query - name: limit - required: false + - description: Unique ID of an object + in: path + name: dataAgreementId + required: true schema: - type: integer - requestBody: - content: - application/json: - schema: - properties: - agreementFilter: - $ref: '#/components/schemas/AgreementFilter' - description: An object of type AgreementFilter - required: - - agreementFilter - type: object + type: string responses: '200': content: application/json: schema: - items: - oneOf: - - $ref: '#/components/schemas/Agreement' - type: array + $ref: '#/components/schemas/Revision' description: '' '400': description: bad input parameter security: - BearerAuth: [] - summary: LIST - Fetch all data agreements matching the data agreement filter + summary: DELETE - Delete data agreement tags: - config - x-specification-crudl-model: Agreement + x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' - x-specification-usecase: UC-C-PIC-A-003 - /config/policies: + x-specification-usecase: UC-C-PIC-A-004 + /config/data-agreements: get: - description: LIST - Fetch all policies - operationId: configListPolicy + description: LIST - Fetch all data agreements + operationId: configListAgreement parameters: - - description: An object with id revisionId - in: query - name: revisionId - required: false - schema: - type: string - - description: Requested index for start of resources to be provided in response requested by client - in: query - name: offset - required: false - schema: - type: integer - - name: limit - in: query - description: Number of items returned per page. Requested number of resources to be provided in response requested by client - required: false - schema: - type: integer - default: 10 - - name: page - in: query - description: Page number - required: false - schema: - type: integer - default: 1 + - $ref: '#/paths/~1config~1policies/get/parameters/1' + - $ref: '#/paths/~1config~1policies/get/parameters/2' + - $ref: '#/paths/~1config~1policies/get/parameters/3' responses: '200': content: @@ -1113,24 +1044,24 @@ paths: schema: type: object properties: - policies: + dataAgreements: items: - $ref: '#/components/schemas/Policy' + $ref: '#/components/schemas/DataAgreement' type: array pagination: $ref: '#/components/schemas/Pagination' - description: A list of Policy objects readable for the current session's credentials. + description: '' '400': description: bad input parameter security: - BearerAuth: [] - summary: LIST - Fetch all policies + summary: LIST - List all data agreements tags: - config - x-specification-crudl-model: Policy + x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' - x-specification-usecase: 'UC-C-PIC-A-001, UC-C-PIC-A-002' + x-specification-usecase: UC-C-PIC-A-003 /config/policy: post: description: CREATE - Create a new policy and returned together with revision @@ -1163,7 +1094,7 @@ paths: description: bad input parameter security: - BearerAuth: [] - summary: CREATE - Create a new policy and returned together with revision + summary: CREATE - Create policy tags: - config x-specification-crudl-model: Policy @@ -1171,34 +1102,6 @@ paths: x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-001 '/config/policy/{policyId}': - delete: - description: 'DELETE - Deletes an existing policy, returning the updated version and a new revision. Deleting a policy is not possible if it''s associated with active Agreement.' - operationId: configDeletePolicy - parameters: - - description: Unique ID of an object - in: path - name: policyId - required: true - schema: - type: string - responses: - '200': - content: - application/json: - schema: - $ref: '#/components/schemas/Revision' - description: '' - '400': - description: bad input parameter - security: - - BearerAuth: [] - summary: DELETE - Deletes an existing policy - tags: - - config - x-specification-crudl-model: Policy - x-specification-pii-or-sensitive: 'False' - x-specification-scenario: '' - x-specification-usecase: UC-C-PIC-A-004 get: description: 'READ - Fetch a policy + latest revision. If a policy filter is supplied and contains a `revisionId`, then this specific revision is returned.' operationId: configReadPolicy @@ -1231,7 +1134,7 @@ paths: description: bad input parameter security: - BearerAuth: [] - summary: READ - Fetch a policy + latest revision + summary: READ - Read policy tags: - config x-specification-crudl-model: Policy @@ -1239,7 +1142,7 @@ paths: x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-003 put: - description: 'UPDATE - Update an existing policy, returning the updated version and a new revision. Updating a Policy does not affect existing references in Agreement, the new revision should be specified for Agreement.' + description: 'UPDATE - Update an existing policy, returning the updated version and a new revision. Updating a Policy does not affect existing references in DataAgreement, the new revision should be specified for DataAgreement.' operationId: configUpdatePolicy parameters: - description: Unique ID of an object @@ -1275,13 +1178,97 @@ paths: description: bad input parameter security: - BearerAuth: [] - summary: 'UPDATE - Update an existing policy, returning the updated version and a new revision.' + summary: UPDATE - Update policy tags: - config x-specification-crudl-model: Policy x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-002 + delete: + description: 'DELETE - Deletes an existing policy, returning the updated version and a new revision. Deleting a policy is not possible if it''s associated with active DataAgreement.' + operationId: configDeletePolicy + parameters: + - description: Unique ID of an object + in: path + name: policyId + required: true + schema: + type: string + responses: + '200': + content: + application/json: + schema: + $ref: '#/components/schemas/Revision' + description: '' + '400': + description: bad input parameter + security: + - BearerAuth: [] + summary: DELETE - Deletes policy + tags: + - config + x-specification-crudl-model: Policy + x-specification-pii-or-sensitive: 'False' + x-specification-scenario: '' + x-specification-usecase: UC-C-PIC-A-004 + /config/policies: + get: + description: LIST - Fetch all policies + operationId: configListPolicy + parameters: + - description: An object with id revisionId + in: query + name: revisionId + required: false + schema: + type: string + - description: Requested index for start of resources to be provided in response requested by client + in: query + name: offset + required: false + schema: + type: integer + - name: limit + in: query + description: Number of items returned per page. Requested number of resources to be provided in response requested by client + required: false + schema: + type: integer + default: 10 + - name: page + in: query + description: Page number + required: false + schema: + type: integer + default: 1 + responses: + '200': + content: + application/json: + schema: + type: object + properties: + policies: + items: + $ref: '#/components/schemas/Policy' + type: array + pagination: + $ref: '#/components/schemas/Pagination' + description: A list of Policy objects readable for the current session's credentials. + '400': + description: bad input parameter + security: + - BearerAuth: [] + summary: LIST - List all policies + tags: + - config + x-specification-crudl-model: Policy + x-specification-pii-or-sensitive: 'False' + x-specification-scenario: '' + x-specification-usecase: 'UC-C-PIC-A-001, UC-C-PIC-A-002' '/config/policy/{policyId}/revisions': get: description: LIST - Returns all the revisions for the policy @@ -1316,7 +1303,7 @@ paths: description: bad input parameter security: - BearerAuth: [] - summary: LIST - Returns all the revisions for the policy + summary: LIST - List all policy revisions tags: - config x-specification-crudl-model: Revision @@ -1843,7 +1830,7 @@ paths: - BearerAuth: [] '/service/data-agreement/{dataAgreementId}': get: - description: READ - Fetches the latest version of an Agreement + description: READ - Fetches the latest version of an DataAgreement operationId: serviceAgreementRead parameters: - description: Unique ID of an object @@ -1859,7 +1846,7 @@ paths: schema: items: oneOf: - - $ref: '#/components/schemas/Agreement' + - $ref: '#/components/schemas/DataAgreement' - $ref: '#/components/schemas/Revision' type: array description: '' @@ -1867,16 +1854,16 @@ paths: description: bad input parameter security: - BearerAuth: [] - summary: READ - Fetches the latest version of an Agreement + summary: READ - Fetches the latest version of an DataAgreement tags: - service - x-specification-crudl-model: Agreement + x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-003 '/service/data-agreement/{dataAgreementId}/data-attributes': get: - description: READ - Fetch all latest versions of AgreementData associated with an Agreement and the presented revisionId of that Agreement + description: READ - Fetch all latest versions of AgreementData associated with an DataAgreement and the presented revisionId of that DataAgreement operationId: serviceAgreementDataRead parameters: - description: Unique ID of an object @@ -1905,7 +1892,7 @@ paths: description: bad input parameter security: - BearerAuth: [] - summary: READ - Fetch all latest versions of AgreementData associated with an Agreement and the presented revisionId of that Agreement + summary: READ - Fetch all latest versions of AgreementData associated with an DataAgreement and the presented revisionId of that DataAgreement tags: - service x-specification-crudl-model: AgreementData @@ -1948,7 +1935,7 @@ paths: x-specification-usecase: '' /service/individual/data-agreement-records: delete: - description: 'DELETE - Cascading delete operation for Right To Be Forgotten, deletes all data agreement records that shall not be retained and have a "forgettable" Agreement. May also delete an unsigned data agreement record, for instance in cases where the user exits the signing process. Individual ID supplied as HTTP header.' + description: 'DELETE - Cascading delete operation for Right To Be Forgotten, deletes all data agreement records that shall not be retained and have a "forgettable" DataAgreement. May also delete an unsigned data agreement record, for instance in cases where the user exits the signing process. Individual ID supplied as HTTP header.' operationId: serviceDeleteAllRecords parameters: [] responses: @@ -2166,7 +2153,7 @@ paths: x-specification-usecase: UC-Post-Partum-001-Registration_PostPartum_and_InfantCare '/service/individual/record/data-agreement/{dataAgreementId}': get: - description: READ - Fetch the current record for data agreement. There should be one unambiguous ConsentRecord for an Individual and an Agreement. The individualId is supplied as HTTP header. + description: READ - Fetch the current record for data agreement. There should be one unambiguous ConsentRecord for an Individual and an DataAgreement. The individualId is supplied as HTTP header. operationId: serviceReadIndividualRecordRead parameters: - description: Unique ID of an object @@ -2417,7 +2404,7 @@ paths: x-specification-usecase: '' '/service/policy/{policyId}': get: - description: READ - Fetch the latest version of a Policy and the presented revisionId of an associated Agreement + description: READ - Fetch the latest version of a Policy and the presented revisionId of an associated DataAgreement operationId: servicePolicyRead parameters: - description: Unique ID of an object @@ -2447,7 +2434,7 @@ paths: description: bad input parameter security: - BearerAuth: [] - summary: READ - Fetch the latest version of a Policy and the presented revisionId of an associated Agreement + summary: READ - Fetch the latest version of a Policy and the presented revisionId of an associated DataAgreement tags: - service x-specification-crudl-model: Policy diff --git a/openapi/v2023.8.2/definitions/Agreement.yaml b/openapi/v2023.8.2/definitions/Agreement.yaml deleted file mode 100644 index 26cd6be..0000000 --- a/openapi/v2023.8.2/definitions/Agreement.yaml +++ /dev/null @@ -1,82 +0,0 @@ -type: object -title: Agreement -description: "An agreement contains the specification of a single purpose that can be consented to. An Agreement is universal and can be consented to by *many* individuals through a ConsentRecord" -x-not-in-database: false - -required: - - id - - version - - lawfulBasis - - dpia -properties: - id: - type: string - format: "" - example: "" - description: "" - - version: - type: string - format: "" - example: "" - description: "The version of this specification to which a receipt conforms" - - controller: - $ref: "./Controller.yaml" - x-fk-model: "Controller" - description: "Data controller (may be omitted if no data involved)" - - policy: - $ref: "./Policy.yaml" - x-fk-model: "Policy" - description: "Reference to the policy under which this Agreement shall be governed" - - purpose: - $ref: "./AgreementPurpose.yaml" - x-fk-model: "AgreementPurpose" - description: "Purpose of data processing or purpose of consent. Displayed to the user." - - lawfulBasis: - type: string - format: "" - example: "" - description: "Lawful basis of the agreement - consent / legal_obligation / contract / vital_interest / public_task / legitimate_interest" - - dataUse: - type: string - format: "" - example: "" - description: "null/data_source/data_using_service" - - dpia: - type: string - format: "" - example: "" - description: "Data Protection Impact Assessment" - - signature: - $ref: "./Signature.yaml" - x-fk-model: "Signature" - description: "Signature of authorizing party of Agreement. Note: Signatures may be chained in case of multiple signatures." - - active: - type: boolean - format: "" - example: "" - description: "Agreement is active and new ConsentRecords can be created." - - forgettable: - type: boolean - format: "" - example: "" - description: "Consent Record may be deleted when consent is withdrawn, as its existence is not necessary for auditability." - - compatibleWithVersion: - $ref: "./Agreement.yaml" - x-fk-model: "Agreement" - description: "WIP: This field indicates that Consent Records may be transferred from this compatible previous version of the same Agreement." - - lifecycle: - $ref: "./AgreementLifecycle.yaml" - x-fk-model: "AgreementLifecycle" - description: "WIP: Current Lifecycle state of the Agreement. Lifecycle states are used to manage internal workflows and should not be assigned semantic meanings for active Consent Records." diff --git a/openapi/v2023.8.2/definitions/AgreementData.yaml b/openapi/v2023.8.2/definitions/AgreementData.yaml index f371941..2389c36 100644 --- a/openapi/v2023.8.2/definitions/AgreementData.yaml +++ b/openapi/v2023.8.2/definitions/AgreementData.yaml @@ -1,6 +1,6 @@ type: object title: AgreementData -description: "Agreement data contains specifications of exactly what is collected." +description: "DataAgreement data contains specifications of exactly what is collected." x-not-in-database: false required: @@ -16,8 +16,8 @@ properties: description: "" agreement: - $ref: "./Agreement.yaml" - x-fk-model: "Agreement" + $ref: "./DataAgreement.yaml" + x-fk-model: "DataAgreement" description: "" name: diff --git a/openapi/v2023.8.2/definitions/AgreementFilter.yaml b/openapi/v2023.8.2/definitions/AgreementFilter.yaml index 511b558..1d395f6 100644 --- a/openapi/v2023.8.2/definitions/AgreementFilter.yaml +++ b/openapi/v2023.8.2/definitions/AgreementFilter.yaml @@ -1,6 +1,6 @@ type: object title: AgreementFilter -description: "Query filter for API endpoint listing Agreement objects" +description: "Query filter for API endpoint listing DataAgreement objects" x-not-in-database: true required: diff --git a/openapi/v2023.8.2/definitions/AgreementLifecycle.yaml b/openapi/v2023.8.2/definitions/AgreementLifecycle.yaml index 5d36b0c..2dfe4bf 100644 --- a/openapi/v2023.8.2/definitions/AgreementLifecycle.yaml +++ b/openapi/v2023.8.2/definitions/AgreementLifecycle.yaml @@ -1,6 +1,6 @@ type: object title: AgreementLifecycle -description: "TBD: Models the valid lifecycle states of an Agreement" +description: "TBD: Models the valid lifecycle states of an DataAgreement" x-not-in-database: false required: diff --git a/openapi/v2023.8.2/definitions/AgreementPurpose.yaml b/openapi/v2023.8.2/definitions/AgreementPurpose.yaml index 8360d54..ae5a59d 100644 --- a/openapi/v2023.8.2/definitions/AgreementPurpose.yaml +++ b/openapi/v2023.8.2/definitions/AgreementPurpose.yaml @@ -30,4 +30,4 @@ properties: type: string format: "" example: "" - description: "In order to sign an Agreement, this relation needs to have a cryptopgraphic hash of the JSON serialized data to be included in the Signature payload of the Agreement. Hashes are collected as the hex representation of the SHA-1 sum of all UTF8 encoded string versions of the JSON representation of data. SHA1(jsonSerializedData)" + description: "In order to sign an DataAgreement, this relation needs to have a cryptopgraphic hash of the JSON serialized data to be included in the Signature payload of the DataAgreement. Hashes are collected as the hex representation of the SHA-1 sum of all UTF8 encoded string versions of the JSON representation of data. SHA1(jsonSerializedData)" diff --git a/openapi/v2023.8.2/definitions/AuditTracker.yaml b/openapi/v2023.8.2/definitions/AuditTracker.yaml index b32f87a..0f533f1 100644 --- a/openapi/v2023.8.2/definitions/AuditTracker.yaml +++ b/openapi/v2023.8.2/definitions/AuditTracker.yaml @@ -33,7 +33,7 @@ properties: type: string format: "" example: "" - description: "A URL receiving a callback with the Agreement object + Revision + AuditEventType" + description: "A URL receiving a callback with the DataAgreement object + Revision + AuditEventType" callbackConsentRecord: type: string diff --git a/openapi/v2023.8.2/definitions/ConsentRecord.yaml b/openapi/v2023.8.2/definitions/ConsentRecord.yaml index e3a1e9e..97fa092 100644 --- a/openapi/v2023.8.2/definitions/ConsentRecord.yaml +++ b/openapi/v2023.8.2/definitions/ConsentRecord.yaml @@ -1,6 +1,6 @@ type: object title: ConsentRecord -description: "A Consent Record expresses consent (as defined in this building block's specification) to a single Agreement. There must be a UNIQUE constraint on (agreementRevision, individual)" +description: "A Consent Record expresses consent (as defined in this building block's specification) to a single DataAgreement. There must be a UNIQUE constraint on (agreementRevision, individual)" x-not-in-database: false required: @@ -15,9 +15,9 @@ properties: description: 'Objects may be passed back by some API endpoints without an id (PK), denoting that they are a "draft", i.e. a ConsentRecord that is not yet stored in the database and only exist in transit. Draft ConsentRecords do not have a Revision, but if paired up with a Signature, a valid Revision should be generated.' agreement: - $ref: "./Agreement.yaml" - x-fk-model: "Agreement" - description: "The Agreement to which consent has been given" + $ref: "./DataAgreement.yaml" + x-fk-model: "DataAgreement" + description: "The DataAgreement to which consent has been given" agreementRevision: $ref: "./Revision.yaml" diff --git a/openapi/v2023.8.2/definitions/ConsentRecordFilter.yaml b/openapi/v2023.8.2/definitions/ConsentRecordFilter.yaml index 3fbefbe..faef0fd 100644 --- a/openapi/v2023.8.2/definitions/ConsentRecordFilter.yaml +++ b/openapi/v2023.8.2/definitions/ConsentRecordFilter.yaml @@ -13,8 +13,8 @@ properties: description: "" agreement: - $ref: "./Agreement.yaml" - x-fk-model: "Agreement" + $ref: "./DataAgreement.yaml" + x-fk-model: "DataAgreement" description: "" agreementRevision: diff --git a/openapi/v2023.8.2/definitions/DataAgreement.yaml b/openapi/v2023.8.2/definitions/DataAgreement.yaml new file mode 100644 index 0000000..d4f5a66 --- /dev/null +++ b/openapi/v2023.8.2/definitions/DataAgreement.yaml @@ -0,0 +1,126 @@ +type: object +title: DataAgreement +description: > + An agreement contains the specification of a single purpose that can be consented to. + An DataAgreement is universal and can be consented to by *many* individuals through a DataAgreementRecord" +x-not-in-database: false +required: + - purpose + - purposeDescription + - controllerUrl + - controllerName + - policy + - lawfulBasis + - methodOfUse + - active + - forgettable + - lifecycle +properties: + id: + type: string + format: "" + example: "" + description: "" + + version: + type: string + format: "" + example: "" + description: "The version of this specification to which a receipt conforms" + + controllerId: + type: string + description: ID of the controller + + controllerUrl: + type: string + description: URL of data controller (may be omitted if no data involved) + + controllerName: + type: string + description: Name of data controller (may be omitted if no data involved) + + policy: + $ref: "./Policy.yaml" + description: > + Policy under which this DataAgreement shall be governed. + When creating a data agreement, the latest policy can be used to fill the default value, + and organisation admin can decide to change it in data agreement level + + purpose: + type: string + description: Name of purpose + + purposeDescription: + type: string + description: Description of purpose + + lawfulBasis: + type: string + format: "" + example: "" + description: "Lawful basis of the agreement - consent / legal_obligation / contract / vital_interest / public_task / legitimate_interest" + enum: + - consent + - legal_obligation + - contract + - vital_interest + - public_task + - legitimate_interest + + methodOfUse: + type: string + format: "" + example: "" + description: "null/data_source/data_using_service" + enum: + - null + - data_source + - data_using_service + + dpiaDate: + type: string + format: "" + example: "" + description: The date on which the DPIA report is generated after a DPIA + + dpiaSummaryUrl: + type: string + description: The URl providing the DPIA result reports, summary etc that can be verified by any interested parties + + signature: + $ref: "./Signature.yaml" + x-fk-model: "Signature" + description: > + Signature of authorizing party of DataAgreement. + Note: Signatures may be chained in case of multiple signatures. + + active: + type: boolean + format: "" + example: "" + description: "DataAgreement is active and new DataAgreementRecords can be created." + + forgettable: + type: boolean + format: "" + example: "" + description: "DataAgreementRecord may be deleted when consent is withdrawn, as its existence is not necessary for auditability." + + compatibleWithVersionId: + type: string + format: "" + x-fk-model: "DataAgreement" + description: > + WIP: This field indicates that Data Agreement Records may be transferred from this + compatible previous revision of the same DataAgreement. + + lifecycle: + type: string + description: > + WIP: Current Lifecycle state of the DataAgreement. + Lifecycle states are used to manage internal workflows and + should not be assigned semantic meanings for active Data Agreement Records. + enum: + - draft + - complete diff --git a/openapi/v2023.8.2/definitions/Policy.yaml b/openapi/v2023.8.2/definitions/Policy.yaml index 68e471d..8c12b6c 100644 --- a/openapi/v2023.8.2/definitions/Policy.yaml +++ b/openapi/v2023.8.2/definitions/Policy.yaml @@ -1,6 +1,6 @@ type: object title: Policy -description: 'A policy governs data and Agreement in the realm of an organisation that is refered to as "data controller" (GDPR) and owner of referencing Agreements.' +description: 'A policy governs data and DataAgreement in the realm of an organisation that is refered to as "data controller" (GDPR) and owner of referencing Agreements.' x-not-in-database: false required: diff --git a/openapi/v2023.8.2/definitions/Revision.yaml b/openapi/v2023.8.2/definitions/Revision.yaml index 6adf0b8..eb5b198 100644 --- a/openapi/v2023.8.2/definitions/Revision.yaml +++ b/openapi/v2023.8.2/definitions/Revision.yaml @@ -1,6 +1,6 @@ type: object title: Revision -description: "A *generic* revision model captures the serialized contents of any shema's single row. This is then subject to 1) cryptographic signature and 2) auditing.\n\nAside from \"successor\" column, a revision should be considered locked." +description: "A *generic* revision model captures the serialized contents of any schema's single row. This is then subject to 1) cryptographic signature and 2) auditing.\n\nAside from \"successor\" column, a revision should be considered locked." x-not-in-database: false required: diff --git a/openapi/v2023.8.2/definitions/Signature.yaml b/openapi/v2023.8.2/definitions/Signature.yaml index fa0304c..b29256e 100644 --- a/openapi/v2023.8.2/definitions/Signature.yaml +++ b/openapi/v2023.8.2/definitions/Signature.yaml @@ -1,10 +1,12 @@ type: object title: Signature -description: "A generic signature contains a cryptographic hash of some value, together with a signature created by some private key in another system. Required signing methods: Revision object or another Signature object." +description: > + A generic signature contains a cryptographic hash of some value, + together with a signature created by some private key in another system. + Required signing methods: Revision object or another Signature object. x-not-in-database: false required: - - id - payload - signature - verificationMethod @@ -90,6 +92,9 @@ properties: format: "" example: "" description: 'Name of the schema model that objectReference points to. Values: "signature" or "revision"' + enum: + - revision + - signature objectReference: type: string diff --git a/openapi/v2023.8.2/index.yaml b/openapi/v2023.8.2/index.yaml index 5bcf565..beefbf2 100644 --- a/openapi/v2023.8.2/index.yaml +++ b/openapi/v2023.8.2/index.yaml @@ -2,8 +2,8 @@ components: schemas: Pagination: $ref: "./definitions/Pagination.yaml" - Agreement: - $ref: ./definitions/Agreement.yaml + DataAgreement: + $ref: ./definitions/DataAgreement.yaml AgreementData: $ref: ./definitions/AgreementData.yaml AgreementFilter: @@ -78,30 +78,28 @@ paths: post: $ref: ./paths/configCreateAgreement.yaml /config/data-agreement/{dataAgreementId}: - delete: - $ref: ./paths/configDeleteAgreement.yaml get: $ref: ./paths/configReadAgreement.yaml put: $ref: ./paths/configUpdateAgreement.yaml + delete: + $ref: ./paths/configDeleteAgreement.yaml /config/data-agreements: get: $ref: ./paths/configListAgreement.yaml - post: - $ref: ./paths/configListAgreementFilter.yaml - /config/policies: - get: - $ref: ./paths/configListPolicy.yaml /config/policy: post: $ref: ./paths/configCreatePolicy.yaml /config/policy/{policyId}: - delete: - $ref: ./paths/configDeletePolicy.yaml get: - $ref: ./paths/configReadPolicy.yaml + $ref: ./paths/configReadPolicy.yaml put: $ref: ./paths/configUpdatePolicy.yaml + delete: + $ref: ./paths/configDeletePolicy.yaml + /config/policies: + get: + $ref: ./paths/configListPolicy.yaml /config/policy/{policyId}/revisions: get: $ref: ./paths/configListPolicyRevisions.yaml diff --git a/openapi/v2023.8.2/paths/auditAgreementList.yaml b/openapi/v2023.8.2/paths/auditAgreementList.yaml index 1d2d14e..4cbdff4 100644 --- a/openapi/v2023.8.2/paths/auditAgreementList.yaml +++ b/openapi/v2023.8.2/paths/auditAgreementList.yaml @@ -35,7 +35,7 @@ responses: schema: items: oneOf: - - $ref: ../definitions/Agreement.yaml + - $ref: ../definitions/DataAgreement.yaml type: array description: "" "400": diff --git a/openapi/v2023.8.2/paths/auditReadRecord.yaml b/openapi/v2023.8.2/paths/auditReadRecord.yaml index f602900..e4a096a 100644 --- a/openapi/v2023.8.2/paths/auditReadRecord.yaml +++ b/openapi/v2023.8.2/paths/auditReadRecord.yaml @@ -12,7 +12,7 @@ responses: content: application/json: schema: - $ref: ../definitions/Agreement.yaml + $ref: ../definitions/DataAgreement.yaml description: '' '400': description: bad input parameter diff --git a/openapi/v2023.8.2/paths/configCreateAgreement.yaml b/openapi/v2023.8.2/paths/configCreateAgreement.yaml index e454e05..9b63097 100644 --- a/openapi/v2023.8.2/paths/configCreateAgreement.yaml +++ b/openapi/v2023.8.2/paths/configCreateAgreement.yaml @@ -6,31 +6,32 @@ requestBody: application/json: schema: properties: - agreement: - $ref: ../definitions/Agreement.yaml - description: An object of type Agreement + dataAgreement: + $ref: ../definitions/DataAgreement.yaml + description: An object of type DataAgreement required: - - agreement + - dataAgreement type: object responses: "200": content: application/json: schema: - items: - oneOf: - - $ref: ../definitions/Agreement.yaml - - $ref: ../definitions/Revision.yaml - type: array + type: object + properties: + dataAgreement: + $ref: ../definitions/DataAgreement.yaml + revision: + $ref: ../definitions/Revision.yaml description: "" "400": description: bad input parameter security: - BearerAuth: [] -summary: CREATE - Create a new data agreement and returned together with revision +summary: CREATE - Create data agreement tags: - config -x-specification-crudl-model: Agreement +x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: "False" x-specification-scenario: "" x-specification-usecase: UC-C-PIC-A-001 diff --git a/openapi/v2023.8.2/paths/configCreatePolicy.yaml b/openapi/v2023.8.2/paths/configCreatePolicy.yaml index fd6ca29..bca552f 100644 --- a/openapi/v2023.8.2/paths/configCreatePolicy.yaml +++ b/openapi/v2023.8.2/paths/configCreatePolicy.yaml @@ -29,7 +29,7 @@ responses: description: bad input parameter security: - BearerAuth: [] -summary: CREATE - Create a new policy and returned together with revision +summary: CREATE - Create policy tags: - config x-specification-crudl-model: Policy diff --git a/openapi/v2023.8.2/paths/configDeleteAgreement.yaml b/openapi/v2023.8.2/paths/configDeleteAgreement.yaml index 91bbe93..97cc725 100644 --- a/openapi/v2023.8.2/paths/configDeleteAgreement.yaml +++ b/openapi/v2023.8.2/paths/configDeleteAgreement.yaml @@ -18,10 +18,10 @@ responses: description: bad input parameter security: - BearerAuth: [] -summary: DELETE - Delete a data agreement +summary: DELETE - Delete data agreement tags: - config -x-specification-crudl-model: Agreement +x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-004 diff --git a/openapi/v2023.8.2/paths/configDeletePolicy.yaml b/openapi/v2023.8.2/paths/configDeletePolicy.yaml index cd02fcb..f0bcad0 100644 --- a/openapi/v2023.8.2/paths/configDeletePolicy.yaml +++ b/openapi/v2023.8.2/paths/configDeletePolicy.yaml @@ -1,6 +1,6 @@ description: DELETE - Deletes an existing policy, returning the updated version and a new revision. Deleting a policy is not possible if it's associated with active - Agreement. + DataAgreement. operationId: configDeletePolicy parameters: - description: Unique ID of an object @@ -20,7 +20,7 @@ responses: description: bad input parameter security: - BearerAuth: [] -summary: DELETE - Deletes an existing policy +summary: DELETE - Deletes policy tags: - config x-specification-crudl-model: Policy diff --git a/openapi/v2023.8.2/paths/configListAgreement.yaml b/openapi/v2023.8.2/paths/configListAgreement.yaml index 1e32983..a117209 100644 --- a/openapi/v2023.8.2/paths/configListAgreement.yaml +++ b/openapi/v2023.8.2/paths/configListAgreement.yaml @@ -1,40 +1,31 @@ description: LIST - Fetch all data agreements operationId: configListAgreement parameters: - - description: - Requested index for start of resources to be provided in response requested - by client - in: query - name: offset - required: false - schema: - type: integer - - description: - Requested number of resources to be provided in response requested - by client - in: query - name: limit - required: false - schema: - type: integer + - $ref: "../parameters/offset.yaml" + - $ref: "../parameters/limit.yaml" + - $ref: "../parameters/page.yaml" responses: "200": content: application/json: schema: - items: - oneOf: - - $ref: ../definitions/Agreement.yaml - type: array + type: object + properties: + dataAgreements: + items: + $ref: ../definitions/DataAgreement.yaml + type: array + pagination: + $ref: "../definitions/Pagination.yaml" description: "" "400": description: bad input parameter security: - BearerAuth: [] -summary: LIST - Fetch all data agreements +summary: LIST - List all data agreements tags: - config -x-specification-crudl-model: Agreement +x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: "False" x-specification-scenario: "" x-specification-usecase: UC-C-PIC-A-003 diff --git a/openapi/v2023.8.2/paths/configListAgreementFilter.yaml b/openapi/v2023.8.2/paths/configListAgreementFilter.yaml index 663cfd2..e6a9645 100644 --- a/openapi/v2023.8.2/paths/configListAgreementFilter.yaml +++ b/openapi/v2023.8.2/paths/configListAgreementFilter.yaml @@ -33,7 +33,7 @@ responses: schema: items: oneOf: - - $ref: ../definitions/Agreement.yaml + - $ref: ../definitions/DataAgreement.yaml type: array description: '' '400': @@ -43,7 +43,7 @@ security: summary: LIST - Fetch all data agreements matching the data agreement filter tags: - config -x-specification-crudl-model: Agreement +x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-003 diff --git a/openapi/v2023.8.2/paths/configListPolicy.yaml b/openapi/v2023.8.2/paths/configListPolicy.yaml index 4b76a17..8e8c466 100644 --- a/openapi/v2023.8.2/paths/configListPolicy.yaml +++ b/openapi/v2023.8.2/paths/configListPolicy.yaml @@ -28,7 +28,7 @@ responses: description: bad input parameter security: - BearerAuth: [] -summary: LIST - Fetch all policies +summary: LIST - List all policies tags: - config x-specification-crudl-model: Policy diff --git a/openapi/v2023.8.2/paths/configListPolicyRevisions.yaml b/openapi/v2023.8.2/paths/configListPolicyRevisions.yaml index d13dfdb..c68b49f 100644 --- a/openapi/v2023.8.2/paths/configListPolicyRevisions.yaml +++ b/openapi/v2023.8.2/paths/configListPolicyRevisions.yaml @@ -30,7 +30,7 @@ responses: description: bad input parameter security: - BearerAuth: [] -summary: LIST - Returns all the revisions for the policy +summary: LIST - List all policy revisions tags: - config x-specification-crudl-model: Revision diff --git a/openapi/v2023.8.2/paths/configReadAgreement.yaml b/openapi/v2023.8.2/paths/configReadAgreement.yaml index e3881f7..e6d579c 100644 --- a/openapi/v2023.8.2/paths/configReadAgreement.yaml +++ b/openapi/v2023.8.2/paths/configReadAgreement.yaml @@ -12,20 +12,21 @@ responses: content: application/json: schema: - items: - oneOf: - - $ref: ../definitions/Agreement.yaml - - $ref: ../definitions/Revision.yaml - type: array + type: object + properties: + dataAgreement: + $ref: ../definitions/DataAgreement.yaml + revision: + $ref: ../definitions/Revision.yaml description: '' '400': description: bad input parameter security: - BearerAuth: [] -summary: READ - Fetch the latest version of a data agreement +summary: READ - Read data agreement tags: - config -x-specification-crudl-model: Agreement +x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-003 diff --git a/openapi/v2023.8.2/paths/configReadPolicy.yaml b/openapi/v2023.8.2/paths/configReadPolicy.yaml index a0597e2..e75d98a 100644 --- a/openapi/v2023.8.2/paths/configReadPolicy.yaml +++ b/openapi/v2023.8.2/paths/configReadPolicy.yaml @@ -30,7 +30,7 @@ responses: description: bad input parameter security: - BearerAuth: [] -summary: READ - Fetch a policy + latest revision +summary: READ - Read policy tags: - config x-specification-crudl-model: Policy diff --git a/openapi/v2023.8.2/paths/configUpdateAgreement.yaml b/openapi/v2023.8.2/paths/configUpdateAgreement.yaml index 9b6daca..2ed74af 100644 --- a/openapi/v2023.8.2/paths/configUpdateAgreement.yaml +++ b/openapi/v2023.8.2/paths/configUpdateAgreement.yaml @@ -12,31 +12,32 @@ requestBody: application/json: schema: properties: - agreement: - $ref: ../definitions/Agreement.yaml - description: An object of type Agreement + dataAgreement: + $ref: ../definitions/DataAgreement.yaml + description: An object of type DataAgreement required: - - agreement + - dataAgreement type: object responses: '200': content: application/json: schema: - items: - oneOf: - - $ref: ../definitions/Agreement.yaml - - $ref: ../definitions/Revision.yaml - type: array + type: object + properties: + dataAgreement: + $ref: ../definitions/DataAgreement.yaml + revision: + $ref: ../definitions/Revision.yaml description: '' '400': description: bad input parameter security: - BearerAuth: [] -summary: UPDATE - Update an existing data agreement and returned together with revision +summary: UPDATE - Update data agreement tags: - config -x-specification-crudl-model: Agreement +x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-002 diff --git a/openapi/v2023.8.2/paths/configUpdatePolicy.yaml b/openapi/v2023.8.2/paths/configUpdatePolicy.yaml index a7e12fc..cbbc6c6 100644 --- a/openapi/v2023.8.2/paths/configUpdatePolicy.yaml +++ b/openapi/v2023.8.2/paths/configUpdatePolicy.yaml @@ -1,6 +1,6 @@ description: UPDATE - Update an existing policy, returning the updated version - and a new revision. Updating a Policy does not affect existing references in Agreement, - the new revision should be specified for Agreement. + and a new revision. Updating a Policy does not affect existing references in DataAgreement, + the new revision should be specified for DataAgreement. operationId: configUpdatePolicy parameters: - description: Unique ID of an object @@ -36,7 +36,7 @@ responses: description: bad input parameter security: - BearerAuth: [] -summary: UPDATE - Update an existing policy, returning the updated version and a new revision. +summary: UPDATE - Update policy tags: - config x-specification-crudl-model: Policy diff --git a/openapi/v2023.8.2/paths/serviceAgreementDataRead.yaml b/openapi/v2023.8.2/paths/serviceAgreementDataRead.yaml index 62db995..4373e22 100644 --- a/openapi/v2023.8.2/paths/serviceAgreementDataRead.yaml +++ b/openapi/v2023.8.2/paths/serviceAgreementDataRead.yaml @@ -1,5 +1,5 @@ description: READ - Fetch all latest versions of AgreementData associated - with an Agreement and the presented revisionId of that Agreement + with an DataAgreement and the presented revisionId of that DataAgreement operationId: serviceAgreementDataRead parameters: - description: Unique ID of an object @@ -29,7 +29,7 @@ responses: security: - BearerAuth: [] summary: READ - Fetch all latest versions of AgreementData associated with - an Agreement and the presented revisionId of that Agreement + an DataAgreement and the presented revisionId of that DataAgreement tags: - service x-specification-crudl-model: AgreementData diff --git a/openapi/v2023.8.2/paths/serviceAgreementPurposeRead.yaml b/openapi/v2023.8.2/paths/serviceAgreementPurposeRead.yaml index 8801d3e..61d6b83 100644 --- a/openapi/v2023.8.2/paths/serviceAgreementPurposeRead.yaml +++ b/openapi/v2023.8.2/paths/serviceAgreementPurposeRead.yaml @@ -1,5 +1,5 @@ description: READ - fetches the latest version of an AgreementPurpose and the presented - revisionId of that Agreement + revisionId of that DataAgreement operationId: serviceAgreementPurposeRead parameters: - description: Unique ID of an object @@ -30,7 +30,7 @@ responses: security: - BearerAuth: [] summary: READ - fetches the latest version of an AgreementPurpose and the presented - revisionId of that Agreement + revisionId of that DataAgreement tags: - service x-specification-crudl-model: AgreementPurpose diff --git a/openapi/v2023.8.2/paths/serviceAgreementRead.yaml b/openapi/v2023.8.2/paths/serviceAgreementRead.yaml index e38ad98..6da8d36 100644 --- a/openapi/v2023.8.2/paths/serviceAgreementRead.yaml +++ b/openapi/v2023.8.2/paths/serviceAgreementRead.yaml @@ -1,4 +1,4 @@ -description: READ - Fetches the latest version of an Agreement +description: READ - Fetches the latest version of an DataAgreement operationId: serviceAgreementRead parameters: - description: Unique ID of an object @@ -14,7 +14,7 @@ responses: schema: items: oneOf: - - $ref: ../definitions/Agreement.yaml + - $ref: ../definitions/DataAgreement.yaml - $ref: ../definitions/Revision.yaml type: array description: '' @@ -22,10 +22,10 @@ responses: description: bad input parameter security: - BearerAuth: [] -summary: READ - Fetches the latest version of an Agreement +summary: READ - Fetches the latest version of an DataAgreement tags: - service -x-specification-crudl-model: Agreement +x-specification-crudl-model: DataAgreement x-specification-pii-or-sensitive: 'False' x-specification-scenario: '' x-specification-usecase: UC-C-PIC-A-003 diff --git a/openapi/v2023.8.2/paths/serviceDeleteAllRecords.yaml b/openapi/v2023.8.2/paths/serviceDeleteAllRecords.yaml index 74a54a5..ebe4ae0 100644 --- a/openapi/v2023.8.2/paths/serviceDeleteAllRecords.yaml +++ b/openapi/v2023.8.2/paths/serviceDeleteAllRecords.yaml @@ -1,5 +1,5 @@ description: DELETE - Cascading delete operation for Right To Be Forgotten, deletes - all data agreement records that shall not be retained and have a "forgettable" Agreement. + all data agreement records that shall not be retained and have a "forgettable" DataAgreement. May also delete an unsigned data agreement record, for instance in cases where the user exits the signing process. Individual ID supplied as HTTP header. operationId: serviceDeleteAllRecords diff --git a/openapi/v2023.8.2/paths/servicePolicyRead.yaml b/openapi/v2023.8.2/paths/servicePolicyRead.yaml index be25f3b..79b837b 100644 --- a/openapi/v2023.8.2/paths/servicePolicyRead.yaml +++ b/openapi/v2023.8.2/paths/servicePolicyRead.yaml @@ -1,5 +1,5 @@ description: READ - Fetch the latest version of a Policy and the presented revisionId - of an associated Agreement + of an associated DataAgreement operationId: servicePolicyRead parameters: - description: Unique ID of an object @@ -30,7 +30,7 @@ responses: security: - BearerAuth: [] summary: READ - Fetch the latest version of a Policy and the presented revisionId - of an associated Agreement + of an associated DataAgreement tags: - service x-specification-crudl-model: Policy diff --git a/openapi/v2023.8.2/paths/serviceReadIndividualRecordRead.yaml b/openapi/v2023.8.2/paths/serviceReadIndividualRecordRead.yaml index 9e2f45d..bc7effc 100644 --- a/openapi/v2023.8.2/paths/serviceReadIndividualRecordRead.yaml +++ b/openapi/v2023.8.2/paths/serviceReadIndividualRecordRead.yaml @@ -1,6 +1,6 @@ description: READ - Fetch the current record for data agreement. There should be one unambiguous ConsentRecord for an Individual - and an Agreement. The individualId is supplied as HTTP header. + and an DataAgreement. The individualId is supplied as HTTP header. operationId: serviceReadIndividualRecordRead parameters: - description: Unique ID of an object