balteravishay/ReaderAccess.cs

## ReaderAccess.cs
namespace PMVProxy.API.Middleware
{
    using Hl7.Fhir.Model;
    ...

    internal class OwnerAccess : IAccessByRole
    {
        ...

        public async System.Threading.Tasks.Task Access<TResource>(TResource resource,
            string userFhirId, IFhirService fhirService) where TResource : Resource
        {
            var resourceId = $"{resource.TypeName}/{resource.Id}";
            if (await fhirService.ExistsAsync<Consent>(new string[] {
                $"data={resourceId}" , $"actor={userFhirId}", "status=active"}))
            {
                _logger.LogInformation($"user {userFhirId} has consent over resource {resource.Id}");
                return;
            }
            else
            {
                _logger.LogWarning($"user {userFhirId} does not have consent to read {resource.Id}");
                throw new AuthorizationException("you do not have consent for this document");
            }
        }
    }
}
	namespace PMVProxy.API.Middleware
	{
	using Hl7.Fhir.Model;
	...

	internal class OwnerAccess : IAccessByRole
	{
	...

	public async System.Threading.Tasks.Task Access<TResource>(TResource resource,
	string userFhirId, IFhirService fhirService) where TResource : Resource
	{
	var resourceId = $"{resource.TypeName}/{resource.Id}";
	if (await fhirService.ExistsAsync<Consent>(new string[] {
	$"data={resourceId}" , $"actor={userFhirId}", "status=active"}))
	{
	_logger.LogInformation($"user {userFhirId} has consent over resource {resource.Id}");
	return;
	}
	else
	{
	_logger.LogWarning($"user {userFhirId} does not have consent to read {resource.Id}");
	throw new AuthorizationException("you do not have consent for this document");
	}
	}
	}
	}