Anonymous global read access to a resource

If no FHIR security labels are present on a resource, all users with read and/or write access will be able to read and/or write to the resource.

But when resources are assigned to at least one community, for example to limit those with write permission, only members of the communities where matching FHIR security labels have been explicitly applied will have read access to to those resources.  This may not be what you intended – for instance, you may have wanted to give a community the ability to maintain the resources to control change, but for all users to retain read access to the resources. In order to preserve read access for all users, a special security label is available in Snapper called *.read. It is always available and is not tied to a community.

The screenshot below shows a CodeSystem that has been assigned to a community (with security label “wonderland”) with read/write access, as well as read access for all users through the use of the *.read security label. The CodeSystem would then be uploaded to Ontoserver to apply the security settings.