Skip to main content

Forbidden

Rejects every request unconditionally. Use this validator as default validation rule to ensure that no data unintentionally becomes public.

If this validator is used as default validator, no other rule needs to make use of it.

Implement a deny all, allow by exception pattern in config.json
{
    // ...
    "rbac": {
        "default_access": "Forbidden",
        "validation_rules": [
            // ...
        ]
    }
}
Prevent reading DiagnosticReport resources in the database by Patient clients.
{
    "client_role": "Patient",
    "entity_name": "DiagnosticReport",
    "operation": "read",
    "validator": "Forbidden",
}