Fire Arrow 2.0.4
Fire Arrow 2.0.4 has been released.
- (bugfix)
LegitimateInterestdidn't properly validate access toOrganizationeven if it was set asPatient.managingOrganization - (improvement) Don't ship default configuration anymore
- (chore) Updated dependencies
When patient clients tried to access their managingOrganization resource, they could receive an error if access was validated through LegitimateInterest. This bug has been fixed.
Until now Fire Arrow shipped a default config.json in the pre-built Docker container. The config.json file mainly served as self-documenting asset to give implementers a starting point for their own configuration but experience has shown that it can be detrimental if it's assumed that it is a working, "out of the box" configuration. The additional support of injecting the entire configuration through an environment variable now also means that the embedded configuration may contain optional settings that are not desired in a production setting. (such as enable_graphql_playground, which by default is false but is set to true in the embedded configuration, making it a requirement to explicitly turn it off again in derived containers)
Starting from version 2.0.4, Fire Arrow doesn't ship an embedded configuration anymore and will abort with an error message if no configuration exists.