View Javadoc
1   /*
2    * Copyright 2017 the original author or authors.
3    *
4    *  Licensed under the Apache License, Version 2.0 (the "License");
5    *  you may not use this file except in compliance with the License.
6    *  You may obtain a copy of the License at
7    *
8    *         http://www.apache.org/licenses/LICENSE-2.0
9    *
10   *  Unless required by applicable law or agreed to in writing, software
11   *  distributed under the License is distributed on an "AS IS" BASIS,
12   *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   *  See the License for the specific language governing permissions and
14   *  limitations under the License.
15   */
16  package org.openehealth.ipf.commons.audit.model;
17  
18  import lombok.EqualsAndHashCode;
19  import lombok.Getter;
20  import lombok.NonNull;
21  import lombok.Setter;
22  import org.openehealth.ipf.commons.audit.codes.EventActionCode;
23  import org.openehealth.ipf.commons.audit.codes.EventOutcomeIndicator;
24  import org.openehealth.ipf.commons.audit.types.EventId;
25  import org.openehealth.ipf.commons.audit.types.EventType;
26  import org.openehealth.ipf.commons.audit.types.PurposeOfUse;
27  
28  import java.io.Serializable;
29  import java.time.Instant;
30  import java.util.ArrayList;
31  import java.util.List;
32  
33  import static java.util.Objects.requireNonNull;
34  
35  /**
36   * @author Christian Ohr
37   * @since 3.5
38   */
39  @EqualsAndHashCode
40  public class EventIdentificationType implements Serializable, Validateable {
41  
42      @Getter @Setter @NonNull
43      private EventId eventID;
44  
45      /**
46       * The EventDateTime is the date and time that the event being reported took place. Some events have a significant duration.
47       * In these cases, a date and time shall be chosen by a method that is consistent and appropriate for the event being reported.
48       * The EventDateTime shall include the time zone information.
49       * Creators of audit messages may support leap-seconds, but are not required to. Recipients of audit messages shall be able
50       * to process messages with leap-second information.
51       */
52      @Getter @Setter @NonNull
53      private Instant eventDateTime;
54  
55      @Getter @Setter @NonNull
56      private EventOutcomeIndicator eventOutcomeIndicator;
57  
58      @Getter @Setter
59      private String eventOutcomeDescription;
60  
61      @Getter @Setter
62      private EventActionCode eventActionCode;
63  
64      private List<PurposeOfUse> purposesOfUse;
65      private List<EventType> eventTypeCodes;
66  
67      public EventIdentificationType(EventId eventID,
68                                     Instant eventDateTime,
69                                     EventOutcomeIndicator eventOutcomeIndicator) {
70          this.eventID = requireNonNull(eventID, "eventID must be not null");
71          this.eventDateTime = requireNonNull(eventDateTime, "eventDateTime must be not null");
72          this.eventOutcomeIndicator = requireNonNull(eventOutcomeIndicator, "eventOutcomeIndicator must be not null");
73      }
74  
75      /**
76       * @return Identifier for the category of event
77       */
78      public List<EventType> getEventTypeCode() {
79          if (eventTypeCodes == null) {
80              eventTypeCodes = new ArrayList<>();
81          }
82          return this.eventTypeCodes;
83      }
84  
85      /**
86       * <p>
87       * The Purpose of Use value indicates the expected ultimate use of the data, rather than a likely near term use
88       * such as "send to X". As explained in the IHE Access Control White Paper, there are Access Control decisions
89       * that are based on the ultimate use of the data. For example a Patient may have provided a BPPC Consent/Authorization
90       * for treatment purposes, but explicitly disallowed any use for research regardless of de-identification methods used.
91       * </p>
92       * <p>
93       * The Purpose Of Use is also included in the Audit Event message to enable some forms of
94       * reporting of Accounting of Disclosures and Breach Notification. One specific PurposeOfUse would be a
95       * BreakGlass/Emergency-Mode-Access.
96       * </p>
97       * <p>
98       * The PurposeOfUse value will come from a Value Set. This Value Set should be derived from the
99       * codes found in ISO 14265, or XSPA (Cross-Enterprise Security and Privacy Authorization).
100      * Implementations should expect that the Value Set used may be using locally defined values
101      * </p>
102      *
103      * @return Purposes of Use for this event
104      */
105     public List<PurposeOfUse> getPurposesOfUse() {
106         if (purposesOfUse == null) {
107             purposesOfUse = new ArrayList<>();
108         }
109         return this.purposesOfUse;
110     }
111 
112     @Override
113     public void validate() {
114         // no special rules
115     }
116 }