Log files that get very long or have multiple allow grants it can be tough to identify the access grant enabled with the corresponding disable.
2024-10-10T03:41:17.094931 INFO: [PHI Access Log] [Foo] PHI Access Enabled for 'Bar': reason
2024-10-10T03:41:17.194931 INFO: [PHI Access Log] [Foo] PHI Access Enabled for 'Bar2': reason
.....
2024-10-10T03:41:18.094931 INFO: [PHI Access Log] [Foo] PHI access disabled for 'Bar2': reason
2024-10-10T03:41:18.101662 INFO: [PHI Access Log] [Foo] PHI access disabled for 'Bar'
Proposal: Generate a UUID with each grant that we can use for the log.
2024-10-10T03:41:17.094931 INFO: [PHI Access Log] [Foo] [13cf87b3-c17d-4c09-a84b-6868bf149973] PHI Access Enabled for 'Bar': reason
2024-10-10T03:41:17.194931 INFO: [PHI Access Log] [Foo] [0ba49a67-4e3e-4b4d-85b5-0263bae7a73c] PHI Access Enabled for 'Bar2': reason
.....
2024-10-10T03:41:18.094931 INFO: [PHI Access Log] [Foo] [0ba49a67-4e3e-4b4d-85b5-0263bae7a73c] PHI access disabled for 'Bar2'
2024-10-10T03:41:18.101662 INFO: [PHI Access Log] [Foo] [13cf87b3-c17d-4c09-a84b-6868bf149973] PHI access disabled for 'Bar'
This would update the phi context pushed onto the stack:
{
phi_access_allowed: true,
user_id: user_id,
reason: reason,
id: SecureRandom.uuid
}
Log files that get very long or have multiple allow grants it can be tough to identify the access grant enabled with the corresponding disable.
Proposal: Generate a UUID with each grant that we can use for the log.
This would update the phi context pushed onto the stack: