From 91fd738af5248f5860db3c01066498aaf004bc78 Mon Sep 17 00:00:00 2001
From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de>
Date: Tue, 6 Jun 2023 15:22:07 +0200
Subject: [PATCH 01/13] rename medic to dic, increase version to 1.0.0, add
 versions to valuesets

---
 pom.xml                                       | 26 +++++++++----------
 .../fhir/ValueSet/dsf-allow-list.xml          |  1 +
 ...wnloadAllowListFromTtpExampleStarter.java} | 22 ++++++++--------
 ...UpdateAllowList3DicTtpExampleStarter.java} |  2 +-
 .../ActivityDefinitionProfileTest.java        | 24 ++++++++---------
 .../dev/dsf/fhir/profile/TaskProfileTest.java |  4 +--
 6 files changed, 40 insertions(+), 39 deletions(-)
 rename src/test/java/dev/dsf/bpe/start/{DownloadAllowListFromTtpViaMedic1ExampleStarter.java => DownloadAllowListFromTtpExampleStarter.java} (87%)
 rename src/test/java/dev/dsf/bpe/start/{UpdateAllowList3MedicTtpExampleStarter.java => UpdateAllowList3DicTtpExampleStarter.java} (97%)

diff --git a/pom.xml b/pom.xml
index 6c813d8..6b57b9e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -14,7 +14,7 @@
 		<compileSource>17</compileSource>
 		<compileTarget>17</compileTarget>
 
-		<dsf.version>1.0.0-M1</dsf.version>
+		<dsf.version>1.0.0-SNAPSHOT</dsf.version>
 		<dsf.location>../dsf</dsf.location>
 	</properties>
 
@@ -272,7 +272,7 @@
 								</configuration>
 							</execution>
 							<execution>
-								<id>copy-process-plugin-to-docker-test-setup-3medic-ttp/medic1</id>
+								<id>copy-process-plugin-to-docker-test-setup-3dic-ttp/dic1</id>
 								<phase>package</phase>
 								<goals>
 									<goal>copy</goal>
@@ -285,11 +285,11 @@
 											<version>${project.version}</version>
 										</artifactItem>
 									</artifactItems>
-									<outputDirectory>${dsf.location}/dsf-docker-test-setup-3medic-ttp/medic1/bpe/process</outputDirectory>
+									<outputDirectory>${dsf.location}/dsf-docker-test-setup-3dic-ttp/dic1/bpe/process</outputDirectory>
 								</configuration>
 							</execution>
 							<execution>
-								<id>copy-process-plugin-to-docker-test-setup-3medic-ttp/medic2</id>
+								<id>copy-process-plugin-to-docker-test-setup-3dic-ttp/dic2</id>
 								<phase>package</phase>
 								<goals>
 									<goal>copy</goal>
@@ -302,11 +302,11 @@
 											<version>${project.version}</version>
 										</artifactItem>
 									</artifactItems>
-									<outputDirectory>${dsf.location}/dsf-docker-test-setup-3medic-ttp/medic2/bpe/process</outputDirectory>
+									<outputDirectory>${dsf.location}/dsf-docker-test-setup-3dic-ttp/dic2/bpe/process</outputDirectory>
 								</configuration>
 							</execution>
 							<execution>
-								<id>copy-process-plugin-to-docker-test-setup-3medic-ttp/medic3</id>
+								<id>copy-process-plugin-to-docker-test-setup-3dic-ttp/dic3</id>
 								<phase>package</phase>
 								<goals>
 									<goal>copy</goal>
@@ -319,11 +319,11 @@
 											<version>${project.version}</version>
 										</artifactItem>
 									</artifactItems>
-									<outputDirectory>${dsf.location}/dsf-docker-test-setup-3medic-ttp/medic3/bpe/process</outputDirectory>
+									<outputDirectory>${dsf.location}/dsf-docker-test-setup-3dic-ttp/dic3/bpe/process</outputDirectory>
 								</configuration>
 							</execution>
 							<execution>
-								<id>copy-process-plugin-to-docker-test-setup-3medic-ttp/ttp</id>
+								<id>copy-process-plugin-to-docker-test-setup-3dic-ttp/ttp</id>
 								<phase>package</phase>
 								<goals>
 									<goal>copy</goal>
@@ -336,7 +336,7 @@
 											<version>${project.version}</version>
 										</artifactItem>
 									</artifactItems>
-									<outputDirectory>${dsf.location}/dsf-docker-test-setup-3medic-ttp/ttp/bpe/process</outputDirectory>
+									<outputDirectory>${dsf.location}/dsf-docker-test-setup-3dic-ttp/ttp/bpe/process</outputDirectory>
 								</configuration>
 							</execution>
 						</executions>
@@ -354,28 +354,28 @@
 									<followSymlinks>false</followSymlinks>
 								</fileset>
 								<fileset>
-									<directory>${dsf.location}/dsf-docker-test-setup-3medic-ttp/medic1/bpe/process</directory>
+									<directory>${dsf.location}/dsf-docker-test-setup-3dic-ttp/dic1/bpe/process</directory>
 									<includes>
 										<include>${project.artifactId}-${project.version}.jar</include>
 									</includes>
 									<followSymlinks>false</followSymlinks>
 								</fileset>
 								<fileset>
-									<directory>${dsf.location}/dsf-docker-test-setup-3medic-ttp/medic2/bpe/process</directory>
+									<directory>${dsf.location}/dsf-docker-test-setup-3dic-ttp/dic2/bpe/process</directory>
 									<includes>
 										<include>${project.artifactId}-${project.version}.jar</include>
 									</includes>
 									<followSymlinks>false</followSymlinks>
 								</fileset>
 								<fileset>
-									<directory>${dsf.location}/dsf-docker-test-setup-3medic-ttp/medic3/bpe/process</directory>
+									<directory>${dsf.location}/dsf-docker-test-setup-3dic-ttp/dic3/bpe/process</directory>
 									<includes>
 										<include>${project.artifactId}-${project.version}.jar</include>
 									</includes>
 									<followSymlinks>false</followSymlinks>
 								</fileset>
 								<fileset>
-									<directory>${dsf.location}/dsf-docker-test-setup-3medic-ttp/ttp/bpe/process</directory>
+									<directory>${dsf.location}/dsf-docker-test-setup-3dic-ttp/ttp/bpe/process</directory>
 									<includes>
 										<include>${project.artifactId}-${project.version}.jar</include>
 									</includes>
diff --git a/src/main/resources/fhir/ValueSet/dsf-allow-list.xml b/src/main/resources/fhir/ValueSet/dsf-allow-list.xml
index 944b082..92de1be 100644
--- a/src/main/resources/fhir/ValueSet/dsf-allow-list.xml
+++ b/src/main/resources/fhir/ValueSet/dsf-allow-list.xml
@@ -21,6 +21,7 @@
 	<compose>
 		<include>
 			<system value="http://dsf.dev/fhir/CodeSystem/allow-list" />
+			<version value="#{version}" />
 		</include>
 	</compose>
 </ValueSet> 
\ No newline at end of file
diff --git a/src/test/java/dev/dsf/bpe/start/DownloadAllowListFromTtpViaMedic1ExampleStarter.java b/src/test/java/dev/dsf/bpe/start/DownloadAllowListFromTtpExampleStarter.java
similarity index 87%
rename from src/test/java/dev/dsf/bpe/start/DownloadAllowListFromTtpViaMedic1ExampleStarter.java
rename to src/test/java/dev/dsf/bpe/start/DownloadAllowListFromTtpExampleStarter.java
index 19b7c4b..75f1a79 100644
--- a/src/test/java/dev/dsf/bpe/start/DownloadAllowListFromTtpViaMedic1ExampleStarter.java
+++ b/src/test/java/dev/dsf/bpe/start/DownloadAllowListFromTtpExampleStarter.java
@@ -19,18 +19,18 @@
 import dev.dsf.bpe.v1.constants.NamingSystems;
 import dev.dsf.fhir.client.FhirWebserviceClient;
 
-public class DownloadAllowListFromTtpViaMedic1ExampleStarter
+public class DownloadAllowListFromTtpExampleStarter
 {
-	private static final Logger logger = LoggerFactory.getLogger(DownloadAllowListFromTtpViaMedic1ExampleStarter.class);
+	private static final Logger logger = LoggerFactory.getLogger(DownloadAllowListFromTtpExampleStarter.class);
 
 	private static final String ALLOW_LIST_FHIR_BASE_URL = ConstantsExampleStarters.TTP_FHIR_BASE_URL;
-	private static final Map<String, String> MEDIC_IDENTIFIER_URL = Map.of(
-			ConstantsExampleStarters.NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_MEDIC_1,
-			ConstantsExampleStarters.MEDIC_1_FHIR_BASE_URL,
-			ConstantsExampleStarters.NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_MEDIC_2,
-			ConstantsExampleStarters.MEDIC_2_FHIR_BASE_URL,
-			ConstantsExampleStarters.NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_MEDIC_3,
-			ConstantsExampleStarters.MEDIC_3_FHIR_BASE_URL);
+	private static final Map<String, String> DIC_IDENTIFIER_URL = Map.of(
+			ConstantsExampleStarters.NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_DIC_1,
+			ConstantsExampleStarters.DIC_1_FHIR_BASE_URL,
+			ConstantsExampleStarters.NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_DIC_2,
+			ConstantsExampleStarters.DIC_2_FHIR_BASE_URL,
+			ConstantsExampleStarters.NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_DIC_3,
+			ConstantsExampleStarters.DIC_3_FHIR_BASE_URL);
 
 	// Environment variable "DSF_CLIENT_CERTIFICATE_PATH" or args[0]: the path to the client-certificate
 	// dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12
@@ -39,10 +39,10 @@ public class DownloadAllowListFromTtpViaMedic1ExampleStarter
 	public static void main(String[] args) throws Exception
 	{
 		ExampleStarter starter = ExampleStarter.forServer(args,
-				MEDIC_IDENTIFIER_URL.entrySet().iterator().next().getValue());
+				DIC_IDENTIFIER_URL.entrySet().iterator().next().getValue());
 		IdType allowList = allowList(starter);
 
-		MEDIC_IDENTIFIER_URL.forEach((identifier, url) -> start(args, allowList, identifier, url));
+		DIC_IDENTIFIER_URL.forEach((identifier, url) -> start(args, allowList, identifier, url));
 	}
 
 	private static void start(String[] args, IdType allowList, String identifier, String url)
diff --git a/src/test/java/dev/dsf/bpe/start/UpdateAllowList3MedicTtpExampleStarter.java b/src/test/java/dev/dsf/bpe/start/UpdateAllowList3DicTtpExampleStarter.java
similarity index 97%
rename from src/test/java/dev/dsf/bpe/start/UpdateAllowList3MedicTtpExampleStarter.java
rename to src/test/java/dev/dsf/bpe/start/UpdateAllowList3DicTtpExampleStarter.java
index c0c75a9..641d7ce 100644
--- a/src/test/java/dev/dsf/bpe/start/UpdateAllowList3MedicTtpExampleStarter.java
+++ b/src/test/java/dev/dsf/bpe/start/UpdateAllowList3DicTtpExampleStarter.java
@@ -12,7 +12,7 @@
 import dev.dsf.bpe.v1.constants.CodeSystems;
 import dev.dsf.bpe.v1.constants.NamingSystems;
 
-public class UpdateAllowList3MedicTtpExampleStarter
+public class UpdateAllowList3DicTtpExampleStarter
 {
 	// Environment variable "DSF_CLIENT_CERTIFICATE_PATH" or args[0]: the path to the client-certificate
 	// dsf/dsf-tools/dsf-tools-test-data-generator/cert/Webbrowser_Test_User/Webbrowser_Test_User_certificate.p12
diff --git a/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java b/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
index 15d2c88..20bc081 100644
--- a/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
+++ b/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
@@ -28,18 +28,18 @@ public class ActivityDefinitionProfileTest
 	@ClassRule
 	public static final ValidationSupportRule validationRule = new ValidationSupportRule(
 			AllowListProcessPluginDefinition.VERSION, AllowListProcessPluginDefinition.RELEASE_DATE,
-			Arrays.asList("dsf-activity-definition-0.5.0.xml", "dsf-extension-process-authorization-0.5.0.xml",
-					"dsf-extension-process-authorization-consortium-role-0.5.0.xml",
-					"dsf-extension-process-authorization-organization-0.5.0.xml",
-					"dsf-coding-process-authorization-local-all-0.5.0.xml",
-					"dsf-coding-process-authorization-local-consortium-role-0.5.0.xml",
-					"dsf-coding-process-authorization-local-organization-0.5.0.xml",
-					"dsf-coding-process-authorization-remote-all-0.5.0.xml",
-					"dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml",
-					"dsf-coding-process-authorization-remote-organization-0.5.0.xml"),
-			Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-process-authorization-0.5.0.xml"),
-			Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-process-authorization-recipient-0.5.0.xml",
-					"dsf-process-authorization-requester-0.5.0.xml"));
+			Arrays.asList("dsf-activity-definition-1.0.0.xml", "dsf-extension-process-authorization-1.0.0.xml",
+					"dsf-extension-process-authorization-consortium-role-1.0.0.xml",
+					"dsf-extension-process-authorization-organization-1.0.0.xml",
+					"dsf-coding-process-authorization-local-all-1.0.0.xml",
+					"dsf-coding-process-authorization-local-consortium-role-1.0.0.xml",
+					"dsf-coding-process-authorization-local-organization-1.0.0.xml",
+					"dsf-coding-process-authorization-remote-all-1.0.0.xml",
+					"dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml",
+					"dsf-coding-process-authorization-remote-organization-1.0.0.xml"),
+			Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-process-authorization-1.0.0.xml"),
+			Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-process-authorization-recipient-1.0.0.xml",
+					"dsf-process-authorization-requester-1.0.0.xml"));
 
 	private final ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(),
 			validationRule.getValidationSupport());
diff --git a/src/test/java/dev/dsf/fhir/profile/TaskProfileTest.java b/src/test/java/dev/dsf/fhir/profile/TaskProfileTest.java
index 19dab93..6afb10d 100644
--- a/src/test/java/dev/dsf/fhir/profile/TaskProfileTest.java
+++ b/src/test/java/dev/dsf/fhir/profile/TaskProfileTest.java
@@ -39,8 +39,8 @@ public class TaskProfileTest
 			def.getReleaseDate(),
 			Arrays.asList("dsf-task-base-1.0.0.xml", "dsf-task-update-allow-list.xml",
 					"dsf-task-download-allow-list.xml"),
-			Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-bpmn-message-1.0.0.xml", "dsf-allow-list.xml"),
-			Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-bpmn-message-1.0.0.xml", "dsf-allow-list.xml"));
+			Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-bpmn-message-1.0.0.xml", "dsf-allow-list.xml"),
+			Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-bpmn-message-1.0.0.xml", "dsf-allow-list.xml"));
 
 	private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(),
 			validationRule.getValidationSupport());

From 36cee478a18a26c5e472c76c717a34785da01055 Mon Sep 17 00:00:00 2001
From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de>
Date: Mon, 12 Jun 2023 10:24:15 +0200
Subject: [PATCH 02/13] adds missing start Task resources with draft status

---
 .../bpe/AllowListProcessPluginDefinition.java |  8 ++-
 .../Task/dsf-task-download-allow-list.xml     | 49 +++++++++++++++++++
 .../fhir/Task/dsf-task-update-allow-list.xml  | 38 ++++++++++++++
 ...eAllowListProcessPluginDefinitionTest.java |  4 +-
 .../UpdateAllowList3DicTtpExampleStarter.java |  2 -
 5 files changed, 95 insertions(+), 6 deletions(-)
 create mode 100644 src/main/resources/fhir/Task/dsf-task-download-allow-list.xml
 create mode 100644 src/main/resources/fhir/Task/dsf-task-update-allow-list.xml

diff --git a/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java b/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
index 35f539f..41347be 100644
--- a/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
+++ b/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
@@ -54,9 +54,13 @@ public Map<String, List<String>> getFhirResourcesByProcessId()
 		var sDown = "fhir/StructureDefinition/dsf-task-download-allow-list.xml";
 		var sUp = "fhir/StructureDefinition/dsf-task-update-allow-list.xml";
 
+		var tDown = "fhir/Task/dsf-task-download-allow-list.xml";
+		var tUp = "fhir/Task/dsf-task-update-allow-list.xml";
+
 		var v = "fhir/ValueSet/dsf-allow-list.xml";
 
-		return Map.of(ConstantsAllowList.PROCESS_NAME_FULL_DOWNLOAD_ALLOW_LIST, Arrays.asList(c, aDown, sDown, v),
-				ConstantsAllowList.PROCESS_NAME_FULL_UPDATE_ALLOW_LIST, Arrays.asList(c, aUp, sUp, v));
+		return Map.of(ConstantsAllowList.PROCESS_NAME_FULL_DOWNLOAD_ALLOW_LIST,
+				Arrays.asList(c, aDown, sDown, tDown, v), ConstantsAllowList.PROCESS_NAME_FULL_UPDATE_ALLOW_LIST,
+				Arrays.asList(c, aUp, sUp, tUp, v));
 	}
 }
diff --git a/src/main/resources/fhir/Task/dsf-task-download-allow-list.xml b/src/main/resources/fhir/Task/dsf-task-download-allow-list.xml
new file mode 100644
index 0000000..63fcdc0
--- /dev/null
+++ b/src/main/resources/fhir/Task/dsf-task-download-allow-list.xml
@@ -0,0 +1,49 @@
+<Task xmlns="http://hl7.org/fhir">
+  <meta>
+    <profile value="http://dsf.dev/fhir/StructureDefinition/task-download-allow-list|#{version}" />
+  </meta>
+  <identifier>
+    <system value="http://dsf.dev/sid/task-identifier"/>
+    <value value="http://dsf.dev/bpe/Process/downloadAllowList/#{version}/task-download-allow-list"/>
+  </identifier>
+  <instantiatesCanonical value="http://dsf.dev/bpe/Process/downloadAllowList|#{version}" />
+  <status value="draft" />
+  <intent value="order" />
+  <authoredOn value="#{date}" />
+  <requester>
+    <type value="Organization" />
+    <identifier>
+      <system value="http://dsf.dev/sid/organization-identifier" />
+      <value value="#{organization}" />
+    </identifier>
+  </requester>
+  <restriction>
+    <recipient>
+      <type value="Organization" />
+      <identifier>
+        <system value="http://dsf.dev/sid/organization-identifier" />
+        <value value="#{organization}" />
+      </identifier>
+    </recipient>
+  </restriction>
+  <input>
+    <type>
+      <coding>
+        <system value="http://dsf.dev/fhir/CodeSystem/bpmn-message" />
+        <code value="message-name" />
+      </coding>
+    </type>
+    <valueString value="downloadAllowListMessage" />
+  </input>
+  <input>
+    <type>
+      <coding>
+        <system value="http://dsf.dev/fhir/CodeSystem/allow-list" />
+        <code value="allow_list" />
+      </coding>
+    </type>
+    <valueReference>
+      <reference value="https://foo.bar/fhir/Bundle/example-id" />
+    </valueReference>
+  </input>
+</Task>
\ No newline at end of file
diff --git a/src/main/resources/fhir/Task/dsf-task-update-allow-list.xml b/src/main/resources/fhir/Task/dsf-task-update-allow-list.xml
new file mode 100644
index 0000000..959ba73
--- /dev/null
+++ b/src/main/resources/fhir/Task/dsf-task-update-allow-list.xml
@@ -0,0 +1,38 @@
+<Task xmlns="http://hl7.org/fhir">
+	<meta>
+		<profile value="http://dsf.dev/fhir/StructureDefinition/task-update-allow-list|#{version}"/>
+	</meta>
+	<identifier>
+		<system value="http://dsf.dev/sid/task-identifier"/>
+		<value value="http://dsf.dev/bpe/Process/updateAllowList/#{version}/task-update-allow-list"/>
+	</identifier>
+	<instantiatesCanonical value="http://dsf.dev/bpe/Process/updateAllowList|#{version}"/>
+	<status value="draft" />
+	<intent value="order" />
+	<authoredOn value="#{date}" />
+	<requester>
+		<type value="Organization" />
+		<identifier>
+			<system value="http://dsf.dev/sid/organization-identifier" />
+			<value value="#{organization}" />
+		</identifier>
+	</requester>
+	<restriction>
+		<recipient>
+			<type value="Organization" />
+			<identifier>
+				<system value="http://dsf.dev/sid/organization-identifier" />
+				<value value="#{organization}" />
+			</identifier>
+		</recipient>
+	</restriction>
+	<input>
+		<type>
+			<coding>
+				<system value="http://dsf.dev/fhir/CodeSystem/bpmn-message" />
+				<code value="message-name" />
+			</coding>
+		</type>
+		<valueString value="updateAllowListMessage" />
+	</input>
+</Task>
\ No newline at end of file
diff --git a/src/test/java/dev/dsf/bpe/UpdateAllowListProcessPluginDefinitionTest.java b/src/test/java/dev/dsf/bpe/UpdateAllowListProcessPluginDefinitionTest.java
index c5a1870..43e5228 100644
--- a/src/test/java/dev/dsf/bpe/UpdateAllowListProcessPluginDefinitionTest.java
+++ b/src/test/java/dev/dsf/bpe/UpdateAllowListProcessPluginDefinitionTest.java
@@ -20,11 +20,11 @@ public void testResourceLoading()
 
 		var download = resourcesByProcessId.get(ConstantsAllowList.PROCESS_NAME_FULL_DOWNLOAD_ALLOW_LIST);
 		assertNotNull(download);
-		assertEquals(4, download.stream().filter(this::exists).count());
+		assertEquals(5, download.stream().filter(this::exists).count());
 
 		var update = resourcesByProcessId.get(ConstantsAllowList.PROCESS_NAME_FULL_UPDATE_ALLOW_LIST);
 		assertNotNull(update);
-		assertEquals(4, update.stream().filter(this::exists).count());
+		assertEquals(5, update.stream().filter(this::exists).count());
 	}
 
 	private boolean exists(String file)
diff --git a/src/test/java/dev/dsf/bpe/start/UpdateAllowList3DicTtpExampleStarter.java b/src/test/java/dev/dsf/bpe/start/UpdateAllowList3DicTtpExampleStarter.java
index 641d7ce..833839d 100644
--- a/src/test/java/dev/dsf/bpe/start/UpdateAllowList3DicTtpExampleStarter.java
+++ b/src/test/java/dev/dsf/bpe/start/UpdateAllowList3DicTtpExampleStarter.java
@@ -6,7 +6,6 @@
 import org.hl7.fhir.r4.model.StringType;
 import org.hl7.fhir.r4.model.Task;
 
-import ca.uhn.fhir.context.FhirContext;
 import dev.dsf.bpe.AllowListProcessPluginDefinition;
 import dev.dsf.bpe.ConstantsAllowList;
 import dev.dsf.bpe.v1.constants.CodeSystems;
@@ -20,7 +19,6 @@ public class UpdateAllowList3DicTtpExampleStarter
 	// password
 	public static void main(String[] args) throws Exception
 	{
-		System.out.println(FhirContext.forR4().newXmlParser().encodeResourceToString(task()));
 		ExampleStarter.forServer(args, ConstantsExampleStarters.TTP_FHIR_BASE_URL).startWith(task());
 	}
 

From c3402a33510addeff6e93e6919ad52ff82290733 Mon Sep 17 00:00:00 2001
From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de>
Date: Mon, 19 Jun 2023 12:33:02 +0200
Subject: [PATCH 03/13] rename files to be consitant with ping-pong process

---
 .../java/dev/dsf/bpe/AllowListProcessPluginDefinition.java  | 6 +++---
 .../{downloadAllowList.bpmn => download-allow-list.bpmn}    | 0
 .../bpe/{updateAllowList.bpmn => update-allow-list.bpmn}    | 0
 ...sf-downloadAllowList.xml => dsf-download-allow-list.xml} | 0
 .../{dsf-updateAllowList.xml => dsf-update-allow-list.xml}  | 0
 .../dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java | 4 ++--
 6 files changed, 5 insertions(+), 5 deletions(-)
 rename src/main/resources/bpe/{downloadAllowList.bpmn => download-allow-list.bpmn} (100%)
 rename src/main/resources/bpe/{updateAllowList.bpmn => update-allow-list.bpmn} (100%)
 rename src/main/resources/fhir/ActivityDefinition/{dsf-downloadAllowList.xml => dsf-download-allow-list.xml} (100%)
 rename src/main/resources/fhir/ActivityDefinition/{dsf-updateAllowList.xml => dsf-update-allow-list.xml} (100%)

diff --git a/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java b/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
index 41347be..9f30657 100644
--- a/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
+++ b/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
@@ -34,7 +34,7 @@ public LocalDate getReleaseDate()
 	@Override
 	public List<String> getProcessModels()
 	{
-		return List.of("bpe/updateAllowList.bpmn", "bpe/downloadAllowList.bpmn");
+		return List.of("bpe/update-allow-list.bpmn", "bpe/download-allow-list.bpmn");
 	}
 
 	@Override
@@ -48,8 +48,8 @@ public Map<String, List<String>> getFhirResourcesByProcessId()
 	{
 		var c = "fhir/CodeSystem/dsf-allow-list.xml";
 
-		var aDown = "fhir/ActivityDefinition/dsf-downloadAllowList.xml";
-		var aUp = "fhir/ActivityDefinition/dsf-updateAllowList.xml";
+		var aDown = "fhir/ActivityDefinition/dsf-download-allow-list.xml";
+		var aUp = "fhir/ActivityDefinition/dsf-update-allow-list.xml";
 
 		var sDown = "fhir/StructureDefinition/dsf-task-download-allow-list.xml";
 		var sUp = "fhir/StructureDefinition/dsf-task-update-allow-list.xml";
diff --git a/src/main/resources/bpe/downloadAllowList.bpmn b/src/main/resources/bpe/download-allow-list.bpmn
similarity index 100%
rename from src/main/resources/bpe/downloadAllowList.bpmn
rename to src/main/resources/bpe/download-allow-list.bpmn
diff --git a/src/main/resources/bpe/updateAllowList.bpmn b/src/main/resources/bpe/update-allow-list.bpmn
similarity index 100%
rename from src/main/resources/bpe/updateAllowList.bpmn
rename to src/main/resources/bpe/update-allow-list.bpmn
diff --git a/src/main/resources/fhir/ActivityDefinition/dsf-downloadAllowList.xml b/src/main/resources/fhir/ActivityDefinition/dsf-download-allow-list.xml
similarity index 100%
rename from src/main/resources/fhir/ActivityDefinition/dsf-downloadAllowList.xml
rename to src/main/resources/fhir/ActivityDefinition/dsf-download-allow-list.xml
diff --git a/src/main/resources/fhir/ActivityDefinition/dsf-updateAllowList.xml b/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml
similarity index 100%
rename from src/main/resources/fhir/ActivityDefinition/dsf-updateAllowList.xml
rename to src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml
diff --git a/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java b/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
index 20bc081..2660415 100644
--- a/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
+++ b/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
@@ -50,7 +50,7 @@ public class ActivityDefinitionProfileTest
 	public void testDownloadAllowListValid() throws Exception
 	{
 		ActivityDefinition ad = validationRule.readActivityDefinition(
-				Paths.get("src/main/resources/fhir/ActivityDefinition/dsf-downloadAllowList.xml"));
+				Paths.get("src/main/resources/fhir/ActivityDefinition/dsf-download-allow-list.xml"));
 
 		ValidationResult result = resourceValidator.validate(ad);
 		ValidationSupportRule.logValidationMessages(logger, result);
@@ -65,7 +65,7 @@ public void testDownloadAllowListValid() throws Exception
 	public void testUpdateAllowListValid() throws Exception
 	{
 		ActivityDefinition ad = validationRule.readActivityDefinition(
-				Paths.get("src/main/resources/fhir/ActivityDefinition/dsf-updateAllowList.xml"));
+				Paths.get("src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml"));
 
 		ValidationResult result = resourceValidator.validate(ad);
 		ValidationSupportRule.logValidationMessages(logger, result);

From efc2c6759422ee4560c198be09872917ffa8dc80 Mon Sep 17 00:00:00 2001
From: Hauke Hund <hauke.hund@hs-heilbronn.de>
Date: Mon, 26 Jun 2023 16:40:35 +0200
Subject: [PATCH 04/13] added practitioner configs

---
 .../dsf-download-allow-list.xml               | 12 +++++++++++
 .../dsf-update-allow-list.xml                 | 20 +++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/src/main/resources/fhir/ActivityDefinition/dsf-download-allow-list.xml b/src/main/resources/fhir/ActivityDefinition/dsf-download-allow-list.xml
index 57b2966..7c9a086 100644
--- a/src/main/resources/fhir/ActivityDefinition/dsf-download-allow-list.xml
+++ b/src/main/resources/fhir/ActivityDefinition/dsf-download-allow-list.xml
@@ -18,6 +18,18 @@
 				<code value="LOCAL_ALL" />
 			</valueCoding>
 		</extension>
+		<extension url="requester">
+			<valueCoding>
+				<extension url="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner">
+					<valueCoding>
+						<system value="http://dsf.dev/fhir/CodeSystem/practitioner-role" />
+						<code value="DSF_ADMIN" />
+					</valueCoding>
+				</extension>
+				<system value="http://dsf.dev/fhir/CodeSystem/process-authorization" />
+				<code value="LOCAL_ALL_PRACTITIONER" />
+			</valueCoding>
+		</extension>
 		<extension url="recipient">
 			<valueCoding>
 				<system value="http://dsf.dev/fhir/CodeSystem/process-authorization" />
diff --git a/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml b/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml
index 458c7bd..ce21600 100644
--- a/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml
+++ b/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml
@@ -24,6 +24,26 @@
 				<code value="LOCAL_ORGANIZATION" />
 			</valueCoding>
 		</extension>
+		<extension url="requester">
+			<valueCoding>
+				<extension url="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner">
+					<extension url="organization">
+						<valueIdentifier>
+							<system value="http://dsf.dev/sid/organization-identifier" />
+							<value value="${dev.dsf.bpe.allow.list.organization:hs-heilbronn.de}" />
+						</valueIdentifier>
+					</extension>
+					<extension url="practitioner-role">
+						<valueCoding>
+							<system value="http://dsf.dev/fhir/CodeSystem/practitioner-role" />
+							<code value="DSF_ADMIN" />
+						</valueCoding>
+					</extension>
+				</extension>
+				<system value="http://dsf.dev/fhir/CodeSystem/process-authorization" />
+				<code value="LOCAL_ORGANIZATION_PRACTITIONER" />
+			</valueCoding>
+		</extension>
 		<extension url="recipient">
 			<valueCoding>
 				<extension url="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization">

From 72a310fea1f843e9342fa6f257b7e7305f4e5e76 Mon Sep 17 00:00:00 2001
From: Hauke Hund <hauke.hund@hs-heilbronn.de>
Date: Mon, 26 Jun 2023 16:43:04 +0200
Subject: [PATCH 05/13] resulting bundle ouput parameter now as absolute
 reference

---
 src/main/java/dev/dsf/bpe/service/UpdateAllowList.java | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/main/java/dev/dsf/bpe/service/UpdateAllowList.java b/src/main/java/dev/dsf/bpe/service/UpdateAllowList.java
index 697eec8..291247f 100644
--- a/src/main/java/dev/dsf/bpe/service/UpdateAllowList.java
+++ b/src/main/java/dev/dsf/bpe/service/UpdateAllowList.java
@@ -85,7 +85,9 @@ public void doExecute(DelegateExecution execution, Variables variables) throws E
 						+ ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST_VALUE_ALLOW_LIST)));
 
 		Task task = variables.getStartTask();
-		task.addOutput().setValue(new Reference(new IdType("Bundle", result.getIdPart(), result.getVersionIdPart())))
+		task.addOutput()
+				.setValue(new Reference(new IdType(api.getEndpointProvider().getLocalEndpointAddress(), "Bundle",
+						result.getIdPart(), result.getVersionIdPart())))
 				.getType().addCoding().setSystem(ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST)
 				.setCode(ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST_VALUE_ALLOW_LIST);
 	}

From 7daa3f9a71b809fd7d5475615a5e9f1357821253 Mon Sep 17 00:00:00 2001
From: Hauke Hund <hauke.hund@hs-heilbronn.de>
Date: Mon, 26 Jun 2023 16:44:37 +0200
Subject: [PATCH 06/13] modifications to reflect changes in dsf

---
 .../ActivityDefinitionProfileTest.java        | 26 +++++++++++++------
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java b/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
index 2660415..38db826 100644
--- a/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
+++ b/src/test/java/dev/dsf/fhir/profile/ActivityDefinitionProfileTest.java
@@ -29,17 +29,25 @@ public class ActivityDefinitionProfileTest
 	public static final ValidationSupportRule validationRule = new ValidationSupportRule(
 			AllowListProcessPluginDefinition.VERSION, AllowListProcessPluginDefinition.RELEASE_DATE,
 			Arrays.asList("dsf-activity-definition-1.0.0.xml", "dsf-extension-process-authorization-1.0.0.xml",
-					"dsf-extension-process-authorization-consortium-role-1.0.0.xml",
 					"dsf-extension-process-authorization-organization-1.0.0.xml",
+					"dsf-extension-process-authorization-organization-practitioner-1.0.0.xml",
+					"dsf-extension-process-authorization-parent-organization-role-1.0.0.xml",
+					"dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml",
+					"dsf-extension-process-authorization-practitioner-1.0.0.xml",
 					"dsf-coding-process-authorization-local-all-1.0.0.xml",
-					"dsf-coding-process-authorization-local-consortium-role-1.0.0.xml",
+					"dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml",
 					"dsf-coding-process-authorization-local-organization-1.0.0.xml",
+					"dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml",
+					"dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml",
+					"dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml",
 					"dsf-coding-process-authorization-remote-all-1.0.0.xml",
-					"dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml",
+					"dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml",
 					"dsf-coding-process-authorization-remote-organization-1.0.0.xml"),
-			Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-process-authorization-1.0.0.xml"),
-			Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-process-authorization-recipient-1.0.0.xml",
-					"dsf-process-authorization-requester-1.0.0.xml"));
+			Arrays.asList("dsf-organization-role-1.0.0.xml", "dsf-practitioner-role-1.0.0.xml",
+					"dsf-process-authorization-1.0.0.xml", "dsf-read-access-tag-1.0.0.xml"),
+			Arrays.asList("dsf-organization-role-1.0.0.xml", "dsf-practitioner-role-1.0.0.xml",
+					"dsf-process-authorization-recipient-1.0.0.xml", "dsf-process-authorization-requester-1.0.0.xml",
+					"dsf-read-access-tag-1.0.0.xml"));
 
 	private final ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(),
 			validationRule.getValidationSupport());
@@ -58,7 +66,8 @@ public void testDownloadAllowListValid() throws Exception
 		assertEquals(0, result.getMessages().stream().filter(m -> ResultSeverityEnum.ERROR.equals(m.getSeverity())
 				|| ResultSeverityEnum.FATAL.equals(m.getSeverity())).count());
 
-		assertTrue(processAuthorizationHelper.isValid(ad, taskProfile -> true, orgIdentifier -> true, role -> true));
+		assertTrue(processAuthorizationHelper.isValid(ad, taskProfile -> true, practitionerRole -> true,
+				orgIdentifier -> true, organizationRole -> true));
 	}
 
 	@Test
@@ -73,6 +82,7 @@ public void testUpdateAllowListValid() throws Exception
 		assertEquals(0, result.getMessages().stream().filter(m -> ResultSeverityEnum.ERROR.equals(m.getSeverity())
 				|| ResultSeverityEnum.FATAL.equals(m.getSeverity())).count());
 
-		assertTrue(processAuthorizationHelper.isValid(ad, taskProfile -> true, orgIdentifier -> true, role -> true));
+		assertTrue(processAuthorizationHelper.isValid(ad, taskProfile -> true, practitionerRole -> true,
+				orgIdentifier -> true, organizationRole -> true));
 	}
 }

From 33b0fc03ac1099afe27ae2c159eb5fd4f9068385 Mon Sep 17 00:00:00 2001
From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de>
Date: Thu, 29 Jun 2023 09:30:58 +0200
Subject: [PATCH 07/13] update dependencies

---
 pom.xml | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/pom.xml b/pom.xml
index 6b57b9e..a63de9f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -14,7 +14,7 @@
 		<compileSource>17</compileSource>
 		<compileTarget>17</compileTarget>
 
-		<dsf.version>1.0.0-SNAPSHOT</dsf.version>
+		<dsf.version>1.0.0</dsf.version>
 		<dsf.location>../dsf</dsf.location>
 	</properties>
 
@@ -87,7 +87,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-surefire-plugin</artifactId>
-				<version>3.0.0</version>
+				<version>3.1.2</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
@@ -109,21 +109,22 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-shade-plugin</artifactId>
-				<version>3.4.1</version>
+				<version>3.5.0</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-dependency-plugin</artifactId>
-				<version>3.5.0</version>
+				<version>3.6.0</version>
 			</plugin>
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-clean-plugin</artifactId>
-				<version>3.2.0</version>
+				<version>3.3.1</version>
 			</plugin>
 			<plugin>
 				<groupId>org.codehaus.mojo</groupId>
 				<artifactId>buildnumber-maven-plugin</artifactId>
+				<!-- 3.1.0 not working, no git commit hash as buildnumber -->
 				<version>1.4</version>
 				<executions>
 					<execution>
@@ -141,7 +142,7 @@
 			<plugin>
 				<groupId>net.revelc.code.formatter</groupId>
 				<artifactId>formatter-maven-plugin</artifactId>
-				<version>2.22.0</version>
+				<version>2.23.0</version>
 				<configuration>
 					<configFile>eclipse-formatter-config.xml</configFile>
 				</configuration>
@@ -149,7 +150,7 @@
 			<plugin>
 				<groupId>net.revelc.code</groupId>
 				<artifactId>impsort-maven-plugin</artifactId>
-				<version>1.8.0</version>
+				<version>1.9.0</version>
 				<configuration>
 					<compliance>17</compliance>
 					<groups>java.,javax.,org.,com.</groups>

From cd0c5f7f261d321ac2878eca01ff6ece72efdd86 Mon Sep 17 00:00:00 2001
From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de>
Date: Thu, 29 Jun 2023 13:39:11 +0200
Subject: [PATCH 08/13] add check for resource type and request method for
 bundle entries

---
 .../java/dev/dsf/bpe/ConstantsAllowList.java  |   3 +
 .../dev/dsf/bpe/service/CheckAllowList.java   | 108 ++++++++++++++++++
 .../dsf/bpe/service/DownloadAllowList.java    |  48 +++-----
 .../dev/dsf/bpe/service/InsertAllowList.java  |  44 +++++++
 .../bpe/spring/config/AllowListConfig.java    |  16 +++
 .../resources/bpe/download-allow-list.bpmn    |  38 ++++--
 6 files changed, 217 insertions(+), 40 deletions(-)
 create mode 100644 src/main/java/dev/dsf/bpe/service/CheckAllowList.java
 create mode 100644 src/main/java/dev/dsf/bpe/service/InsertAllowList.java

diff --git a/src/main/java/dev/dsf/bpe/ConstantsAllowList.java b/src/main/java/dev/dsf/bpe/ConstantsAllowList.java
index 88973ed..2097b8d 100644
--- a/src/main/java/dev/dsf/bpe/ConstantsAllowList.java
+++ b/src/main/java/dev/dsf/bpe/ConstantsAllowList.java
@@ -20,4 +20,7 @@ public interface ConstantsAllowList
 	String PROFILE_DSF_TASK_UPDATE_ALLOW_LIST = "http://dsf.dev/fhir/StructureDefinition/task-update-allow-list";
 	String PROFILE_DSF_TASK_UPDATE_ALLOW_LIST_PROCESS_URI = PROCESS_DSF_URI_BASE + PROCESS_NAME_UPDATE_ALLOW_LIST;
 	String PROFILE_DSF_TASK_UPDATE_ALLOW_LIST_MESSAGE_NAME = "updateAllowListMessage";
+
+	String BPMN_EXECUTION_VARIABLE_BUNDLE = "bundle";
+	String BPMN_EXECUTION_VARIABLE_BUNDLE_URL = "bundleUrl";
 }
diff --git a/src/main/java/dev/dsf/bpe/service/CheckAllowList.java b/src/main/java/dev/dsf/bpe/service/CheckAllowList.java
new file mode 100644
index 0000000..c28dd05
--- /dev/null
+++ b/src/main/java/dev/dsf/bpe/service/CheckAllowList.java
@@ -0,0 +1,108 @@
+package dev.dsf.bpe.service;
+
+import java.util.EnumSet;
+import java.util.function.Predicate;
+
+import org.camunda.bpm.engine.delegate.DelegateExecution;
+import org.hl7.fhir.r4.model.Bundle;
+import org.hl7.fhir.r4.model.Bundle.BundleEntryComponent;
+import org.hl7.fhir.r4.model.Bundle.HTTPVerb;
+import org.hl7.fhir.r4.model.Endpoint;
+import org.hl7.fhir.r4.model.Organization;
+import org.hl7.fhir.r4.model.OrganizationAffiliation;
+import org.hl7.fhir.r4.model.Resource;
+import org.hl7.fhir.r4.model.StringType;
+import org.hl7.fhir.r4.model.Task;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import dev.dsf.bpe.ConstantsAllowList;
+import dev.dsf.bpe.v1.ProcessPluginApi;
+import dev.dsf.bpe.v1.activity.AbstractServiceDelegate;
+import dev.dsf.bpe.v1.constants.CodeSystems;
+import dev.dsf.bpe.v1.variables.Variables;
+
+public class CheckAllowList extends AbstractServiceDelegate
+{
+	private static final Logger logger = LoggerFactory.getLogger(CheckAllowList.class);
+
+	public CheckAllowList(ProcessPluginApi api)
+	{
+		super(api);
+	}
+
+	@Override
+	protected void doExecute(DelegateExecution execution, Variables variables)
+	{
+		Bundle bundle = variables.getResource(ConstantsAllowList.BPMN_EXECUTION_VARIABLE_BUNDLE);
+		String bundleUrl = variables.getString(ConstantsAllowList.BPMN_EXECUTION_VARIABLE_BUNDLE_URL);
+
+		if (!EnumSet.of(Bundle.BundleType.TRANSACTION, Bundle.BundleType.BATCH).contains(bundle.getType()))
+		{
+			logger.error("Bundle type TRANSACTION or BATCH expected, but got '{}' in Bundle with id '{}'",
+					bundle.getType(), bundleUrl);
+			throw new RuntimeException("Bundle type TRANSACTION or BATCH expected, but got '" + bundle.getType()
+					+ "' in Bundle with id '" + bundleUrl + "'");
+		}
+
+		Task task = variables.getStartTask();
+
+		if (bundle.getEntry().stream().anyMatch(entryNotAllowedWithError(task, bundleUrl)))
+		{
+			variables.updateTask(task);
+
+			logger.error("Expected Bundle with id '{}' containing only resource types Organization, "
+					+ "OrganizationAffiliation or Endpoint and request methods PUT or DELETE, but found different "
+					+ "types or methods.", bundleUrl);
+			throw new RuntimeException("Expected Bundle with id '" + bundleUrl + "'containing only resource "
+					+ "types Organization, OrganizationAffiliation or Endpoint and "
+					+ "request methods PUT or DELETE, but found different types or methods.");
+		}
+	}
+
+	private Predicate<BundleEntryComponent> entryNotAllowedWithError(Task task, String bundleUrl)
+	{
+		return entry ->
+		{
+			boolean resourceNotAllowed = resourceNotAllowedWithError(entry, task, bundleUrl);
+			boolean requestNotAllowed = requestNotAllowedWithError(entry, task, bundleUrl);
+
+			// Split into two method calls and not inline to ensure that both methods
+			// are executed so that all given error messages can be written to Task.output
+			return resourceNotAllowed || requestNotAllowed;
+		};
+	}
+
+	private boolean resourceNotAllowedWithError(BundleEntryComponent entry, Task task, String bundleUrl)
+	{
+		Resource resource = entry.getResource();
+		boolean resourceAllowed = (resource instanceof Organization || resource instanceof OrganizationAffiliation
+				|| resource instanceof Endpoint);
+
+		if (!resourceAllowed)
+			addError(task, "Resource of type '" + resource.getResourceType().name()
+					+ "' not allowed in Bundle with id '" + bundleUrl + "'");
+
+		return !resourceAllowed;
+	}
+
+	private boolean requestNotAllowedWithError(BundleEntryComponent entry, Task task, String bundleUrl)
+	{
+		boolean requestAllowed = false;
+
+		if (entry.hasRequest())
+			requestAllowed = EnumSet.of(HTTPVerb.PUT, HTTPVerb.DELETE).contains(entry.getRequest().getMethod());
+
+		if (!requestAllowed)
+			addError(task, "Request with Method '" + entry.getRequest().getMethod()
+					+ "' not allowed in Bundle with id '" + bundleUrl + "'");
+
+		return !requestAllowed;
+	}
+
+	private void addError(Task task, String message)
+	{
+		logger.warn(message);
+		task.addOutput(api.getTaskHelper().createOutput(new StringType(message), CodeSystems.BpmnMessage.error()));
+	}
+}
diff --git a/src/main/java/dev/dsf/bpe/service/DownloadAllowList.java b/src/main/java/dev/dsf/bpe/service/DownloadAllowList.java
index 9e108e9..2e42a66 100644
--- a/src/main/java/dev/dsf/bpe/service/DownloadAllowList.java
+++ b/src/main/java/dev/dsf/bpe/service/DownloadAllowList.java
@@ -1,11 +1,9 @@
 package dev.dsf.bpe.service;
 
-import java.util.EnumSet;
 import java.util.List;
 
 import org.camunda.bpm.engine.delegate.DelegateExecution;
 import org.hl7.fhir.r4.model.Bundle;
-import org.hl7.fhir.r4.model.Bundle.BundleType;
 import org.hl7.fhir.r4.model.IdType;
 import org.hl7.fhir.r4.model.Reference;
 import org.hl7.fhir.r4.model.Task;
@@ -29,47 +27,31 @@ public DownloadAllowList(ProcessPluginApi api)
 	}
 
 	@Override
-	protected void doExecute(DelegateExecution execution, Variables variables) throws Exception
+	protected void doExecute(DelegateExecution execution, Variables variables)
 	{
 		Task task = variables.getStartTask();
 		IdType bundleId = getBundleId(task);
 		FhirWebserviceClient requesterClient = api.getFhirWebserviceClientProvider()
 				.getWebserviceClient(bundleId.getBaseUrl());
 
-		Bundle bundle;
 		try
 		{
+			Bundle bundle;
+
 			if (bundleId.hasVersionIdPart())
 				bundle = requesterClient.read(Bundle.class, bundleId.getIdPart(), bundleId.getVersionIdPart());
 			else
 				bundle = requesterClient.read(Bundle.class, bundleId.getIdPart());
+
+			variables.setString(ConstantsAllowList.BPMN_EXECUTION_VARIABLE_BUNDLE_URL, bundleId.getValue());
+			variables.setResource(ConstantsAllowList.BPMN_EXECUTION_VARIABLE_BUNDLE, bundle);
 		}
 		catch (WebApplicationException e)
 		{
-			logger.error("Error while reading Bundle with id {} from organization {}: {}", bundleId.getValue(),
+			logger.error("Error while reading Bundle with id '{}' from organization {}: {}", bundleId.getValue(),
 					task.getRequester().getReference(), e.getMessage());
-			throw new RuntimeException("Error while reading Bundle with id " + bundleId.getValue()
-					+ " from organization " + task.getRequester().getReference() + ", " + e.getMessage(), e);
-		}
-
-		if (!EnumSet.of(BundleType.TRANSACTION, BundleType.BATCH).contains(bundle.getType()))
-		{
-			logger.error("Bundle type TRANSACTION or BATCH expected, but got {}", bundle.getType());
-			throw new RuntimeException("Bundle type TRANSACTION or BATCH expected, but got " + bundle.getType());
-		}
-
-		try
-		{
-			logger.debug("Posting bundle to local endpoint: {}",
-					api.getFhirContext().newXmlParser().encodeResourceToString(bundle));
-			api.getFhirWebserviceClientProvider().getLocalWebserviceClient().withMinimalReturn().postBundle(bundle);
-		}
-		catch (Exception e)
-		{
-			logger.error("Error while executing Bundle with id {} from organization {} locally: {}",
-					bundleId.getValue(), task.getRequester().getReference(), e.getMessage());
-			throw new RuntimeException("Error while executing Bundle with id " + bundleId.getValue()
-					+ " from organization " + task.getRequester().getReference() + " locally, " + e.getMessage(), e);
+			throw new RuntimeException("Error while reading Bundle with id '" + bundleId.getValue()
+					+ "' from organization " + task.getRequester().getReference() + ": " + e.getMessage(), e);
 		}
 	}
 
@@ -82,19 +64,19 @@ private IdType getBundleId(Task task)
 
 		if (bundleReferences.size() != 1)
 		{
-			logger.error("Task input parameter {} contains unexpected number of Bundle IDs, expected 1, got {}",
+			logger.error("Task input parameter '{}' contains unexpected number of Bundle IDs, expected 1, got {}",
 					ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST_VALUE_ALLOW_LIST, bundleReferences.size());
 			throw new RuntimeException(
-					"Task input parameter " + ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST_VALUE_ALLOW_LIST
-							+ " contains unexpected number of Bundle IDs, expected 1, got " + bundleReferences.size());
+					"Task input parameter '" + ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST_VALUE_ALLOW_LIST
+							+ "' contains unexpected number of Bundle IDs, expected 1, got " + bundleReferences.size());
 		}
 		else if (!bundleReferences.get(0).hasReference()
 				|| !bundleReferences.get(0).getReference().contains("/Bundle/"))
 		{
-			logger.error("Task input parameter {} has no Bundle reference",
+			logger.error("Task input parameter '{}' has no Bundle reference",
 					ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST_VALUE_ALLOW_LIST);
-			throw new RuntimeException("Task input parameter "
-					+ ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST_VALUE_ALLOW_LIST + " has no Bundle reference");
+			throw new RuntimeException("Task input parameter '"
+					+ ConstantsAllowList.CODESYSTEM_DSF_ALLOW_LIST_VALUE_ALLOW_LIST + "' has no Bundle reference");
 		}
 
 		return new IdType(bundleReferences.get(0).getReference());
diff --git a/src/main/java/dev/dsf/bpe/service/InsertAllowList.java b/src/main/java/dev/dsf/bpe/service/InsertAllowList.java
new file mode 100644
index 0000000..22a8d75
--- /dev/null
+++ b/src/main/java/dev/dsf/bpe/service/InsertAllowList.java
@@ -0,0 +1,44 @@
+package dev.dsf.bpe.service;
+
+import org.camunda.bpm.engine.delegate.DelegateExecution;
+import org.hl7.fhir.r4.model.Bundle;
+import org.hl7.fhir.r4.model.Task;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import dev.dsf.bpe.ConstantsAllowList;
+import dev.dsf.bpe.v1.ProcessPluginApi;
+import dev.dsf.bpe.v1.activity.AbstractServiceDelegate;
+import dev.dsf.bpe.v1.variables.Variables;
+
+public class InsertAllowList extends AbstractServiceDelegate
+{
+	private static final Logger logger = LoggerFactory.getLogger(InsertAllowList.class);
+
+	public InsertAllowList(ProcessPluginApi api)
+	{
+		super(api);
+	}
+
+	@Override
+	protected void doExecute(DelegateExecution execution, Variables variables)
+	{
+		Task task = variables.getStartTask();
+		Bundle bundle = variables.getResource(ConstantsAllowList.BPMN_EXECUTION_VARIABLE_BUNDLE);
+		String bundleUrl = variables.getString(ConstantsAllowList.BPMN_EXECUTION_VARIABLE_BUNDLE_URL);
+
+		try
+		{
+			logger.debug("Posting bundle to local endpoint: {}",
+					api.getFhirContext().newXmlParser().encodeResourceToString(bundle));
+			api.getFhirWebserviceClientProvider().getLocalWebserviceClient().withMinimalReturn().postBundle(bundle);
+		}
+		catch (Exception e)
+		{
+			logger.error("Error while executing Bundle with id '{}' from organization {} locally: {}", bundleUrl,
+					task.getRequester().getReference(), e.getMessage());
+			throw new RuntimeException("Error while executing Bundle with id '" + bundleUrl + "' from organization "
+					+ task.getRequester().getReference() + " locally, " + e.getMessage(), e);
+		}
+	}
+}
diff --git a/src/main/java/dev/dsf/bpe/spring/config/AllowListConfig.java b/src/main/java/dev/dsf/bpe/spring/config/AllowListConfig.java
index d4b3ab8..3e07730 100644
--- a/src/main/java/dev/dsf/bpe/spring/config/AllowListConfig.java
+++ b/src/main/java/dev/dsf/bpe/spring/config/AllowListConfig.java
@@ -6,7 +6,9 @@
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Scope;
 
+import dev.dsf.bpe.service.CheckAllowList;
 import dev.dsf.bpe.service.DownloadAllowList;
+import dev.dsf.bpe.service.InsertAllowList;
 import dev.dsf.bpe.service.UpdateAllowList;
 import dev.dsf.bpe.v1.ProcessPluginApi;
 
@@ -29,4 +31,18 @@ public DownloadAllowList downloadAllowList()
 	{
 		return new DownloadAllowList(api);
 	}
+
+	@Bean
+	@Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE)
+	public CheckAllowList checkAllowList()
+	{
+		return new CheckAllowList(api);
+	}
+
+	@Bean
+	@Scope(ConfigurableBeanFactory.SCOPE_PROTOTYPE)
+	public InsertAllowList insertAllowList()
+	{
+		return new InsertAllowList(api);
+	}
 }
diff --git a/src/main/resources/bpe/download-allow-list.bpmn b/src/main/resources/bpe/download-allow-list.bpmn
index da3cacf..34c3b91 100644
--- a/src/main/resources/bpe/download-allow-list.bpmn
+++ b/src/main/resources/bpe/download-allow-list.bpmn
@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<bpmn:definitions xmlns:bpmn="http://www.omg.org/spec/BPMN/20100524/MODEL" xmlns:bpmndi="http://www.omg.org/spec/BPMN/20100524/DI" xmlns:dc="http://www.omg.org/spec/DD/20100524/DC" xmlns:camunda="http://camunda.org/schema/1.0/bpmn" xmlns:di="http://www.omg.org/spec/DD/20100524/DI" id="Definitions_1yb5vw3" targetNamespace="http://bpmn.io/schema/bpmn" exporter="Camunda Modeler" exporterVersion="4.8.1">
+<bpmn:definitions xmlns:bpmn="http://www.omg.org/spec/BPMN/20100524/MODEL" xmlns:bpmndi="http://www.omg.org/spec/BPMN/20100524/DI" xmlns:dc="http://www.omg.org/spec/DD/20100524/DC" xmlns:camunda="http://camunda.org/schema/1.0/bpmn" xmlns:di="http://www.omg.org/spec/DD/20100524/DI" id="Definitions_1yb5vw3" targetNamespace="http://bpmn.io/schema/bpmn" exporter="Camunda Modeler" exporterVersion="5.0.0">
   <bpmn:process id="dsfdev_downloadAllowList" isExecutable="true" camunda:versionTag="#{version}">
     <bpmn:sequenceFlow id="SequenceFlow_0bbhq2r" sourceRef="StartEvent_1" targetRef="downloadAllowListTask" />
     <bpmn:endEvent id="EndEvent_0xd0x8k">
-      <bpmn:incoming>SequenceFlow_0oyvmcd</bpmn:incoming>
+      <bpmn:incoming>Flow_0g4jed4</bpmn:incoming>
     </bpmn:endEvent>
-    <bpmn:sequenceFlow id="SequenceFlow_0oyvmcd" sourceRef="downloadAllowListTask" targetRef="EndEvent_0xd0x8k" />
+    <bpmn:sequenceFlow id="SequenceFlow_0oyvmcd" sourceRef="downloadAllowListTask" targetRef="checkAllowListTask" />
     <bpmn:serviceTask id="downloadAllowListTask" name="downloadAllowList" camunda:class="dev.dsf.bpe.service.DownloadAllowList">
       <bpmn:incoming>SequenceFlow_0bbhq2r</bpmn:incoming>
       <bpmn:outgoing>SequenceFlow_0oyvmcd</bpmn:outgoing>
@@ -14,27 +14,51 @@
       <bpmn:outgoing>SequenceFlow_0bbhq2r</bpmn:outgoing>
       <bpmn:messageEventDefinition messageRef="Message_1nn2wdw" />
     </bpmn:startEvent>
+    <bpmn:sequenceFlow id="Flow_0kev1xq" sourceRef="checkAllowListTask" targetRef="insertAllowListTask" />
+    <bpmn:sequenceFlow id="Flow_0g4jed4" sourceRef="insertAllowListTask" targetRef="EndEvent_0xd0x8k" />
+    <bpmn:serviceTask id="checkAllowListTask" name="checkAllowList" camunda:class="dev.dsf.bpe.service.CheckAllowList">
+      <bpmn:incoming>SequenceFlow_0oyvmcd</bpmn:incoming>
+      <bpmn:outgoing>Flow_0kev1xq</bpmn:outgoing>
+    </bpmn:serviceTask>
+    <bpmn:serviceTask id="insertAllowListTask" name="insertAllowList" camunda:class="dev.dsf.bpe.service.InsertAllowList">
+      <bpmn:incoming>Flow_0kev1xq</bpmn:incoming>
+      <bpmn:outgoing>Flow_0g4jed4</bpmn:outgoing>
+    </bpmn:serviceTask>
   </bpmn:process>
   <bpmn:message id="Message_1nn2wdw" name="downloadAllowListMessage" />
   <bpmndi:BPMNDiagram id="BPMNDiagram_1">
     <bpmndi:BPMNPlane id="BPMNPlane_1" bpmnElement="dsfdev_downloadAllowList">
       <bpmndi:BPMNEdge id="SequenceFlow_0oyvmcd_di" bpmnElement="SequenceFlow_0oyvmcd">
         <di:waypoint x="365" y="121" />
-        <di:waypoint x="415" y="121" />
+        <di:waypoint x="430" y="121" />
       </bpmndi:BPMNEdge>
       <bpmndi:BPMNEdge id="SequenceFlow_0bbhq2r_di" bpmnElement="SequenceFlow_0bbhq2r">
         <di:waypoint x="215" y="121" />
         <di:waypoint x="265" y="121" />
       </bpmndi:BPMNEdge>
-      <bpmndi:BPMNShape id="EndEvent_0xd0x8k_di" bpmnElement="EndEvent_0xd0x8k">
-        <dc:Bounds x="415" y="103" width="36" height="36" />
-      </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="Flow_0kev1xq_di" bpmnElement="Flow_0kev1xq">
+        <di:waypoint x="530" y="121" />
+        <di:waypoint x="590" y="121" />
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNEdge id="Flow_0g4jed4_di" bpmnElement="Flow_0g4jed4">
+        <di:waypoint x="690" y="121" />
+        <di:waypoint x="742" y="121" />
+      </bpmndi:BPMNEdge>
       <bpmndi:BPMNShape id="ServiceTask_0um3ad2_di" bpmnElement="downloadAllowListTask">
         <dc:Bounds x="265" y="81" width="100" height="80" />
       </bpmndi:BPMNShape>
       <bpmndi:BPMNShape id="StartEvent_0x5gijn_di" bpmnElement="StartEvent_1">
         <dc:Bounds x="179" y="103" width="36" height="36" />
       </bpmndi:BPMNShape>
+      <bpmndi:BPMNShape id="EndEvent_0xd0x8k_di" bpmnElement="EndEvent_0xd0x8k">
+        <dc:Bounds x="742" y="103" width="36" height="36" />
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNShape id="Activity_1lr62lt_di" bpmnElement="checkAllowListTask">
+        <dc:Bounds x="430" y="81" width="100" height="80" />
+      </bpmndi:BPMNShape>
+      <bpmndi:BPMNShape id="Activity_0bpyxjl_di" bpmnElement="insertAllowListTask">
+        <dc:Bounds x="590" y="81" width="100" height="80" />
+      </bpmndi:BPMNShape>
     </bpmndi:BPMNPlane>
   </bpmndi:BPMNDiagram>
 </bpmn:definitions>

From 0de471807a693c70db0c7f058ca729ad9d82d303 Mon Sep 17 00:00:00 2001
From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de>
Date: Thu, 29 Jun 2023 13:42:29 +0200
Subject: [PATCH 09/13] add missing whitespace

---
 src/main/java/dev/dsf/bpe/service/CheckAllowList.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/dev/dsf/bpe/service/CheckAllowList.java b/src/main/java/dev/dsf/bpe/service/CheckAllowList.java
index c28dd05..b086006 100644
--- a/src/main/java/dev/dsf/bpe/service/CheckAllowList.java
+++ b/src/main/java/dev/dsf/bpe/service/CheckAllowList.java
@@ -54,7 +54,7 @@ protected void doExecute(DelegateExecution execution, Variables variables)
 			logger.error("Expected Bundle with id '{}' containing only resource types Organization, "
 					+ "OrganizationAffiliation or Endpoint and request methods PUT or DELETE, but found different "
 					+ "types or methods.", bundleUrl);
-			throw new RuntimeException("Expected Bundle with id '" + bundleUrl + "'containing only resource "
+			throw new RuntimeException("Expected Bundle with id '" + bundleUrl + " 'containing only resource "
 					+ "types Organization, OrganizationAffiliation or Endpoint and "
 					+ "request methods PUT or DELETE, but found different types or methods.");
 		}

From 2e0d3c4a13a6e3ec94ee4eb0cfa18f04577edf37 Mon Sep 17 00:00:00 2001
From: Hauke Hund <hauke.hund@hs-heilbronn.de>
Date: Mon, 21 Aug 2023 02:30:55 +0200
Subject: [PATCH 10/13] removed suffix 'Message' from update allow-list message

---
 .../java/dev/dsf/bpe/ConstantsAllowList.java  |  2 +-
 src/main/resources/bpe/update-allow-list.bpmn | 20 +++++++++----------
 .../dsf-update-allow-list.xml                 |  2 +-
 .../dsf-task-update-allow-list.xml            |  2 +-
 .../fhir/Task/dsf-task-update-allow-list.xml  |  2 +-
 5 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/main/java/dev/dsf/bpe/ConstantsAllowList.java b/src/main/java/dev/dsf/bpe/ConstantsAllowList.java
index 2097b8d..789c0ca 100644
--- a/src/main/java/dev/dsf/bpe/ConstantsAllowList.java
+++ b/src/main/java/dev/dsf/bpe/ConstantsAllowList.java
@@ -19,7 +19,7 @@ public interface ConstantsAllowList
 
 	String PROFILE_DSF_TASK_UPDATE_ALLOW_LIST = "http://dsf.dev/fhir/StructureDefinition/task-update-allow-list";
 	String PROFILE_DSF_TASK_UPDATE_ALLOW_LIST_PROCESS_URI = PROCESS_DSF_URI_BASE + PROCESS_NAME_UPDATE_ALLOW_LIST;
-	String PROFILE_DSF_TASK_UPDATE_ALLOW_LIST_MESSAGE_NAME = "updateAllowListMessage";
+	String PROFILE_DSF_TASK_UPDATE_ALLOW_LIST_MESSAGE_NAME = "updateAllowList";
 
 	String BPMN_EXECUTION_VARIABLE_BUNDLE = "bundle";
 	String BPMN_EXECUTION_VARIABLE_BUNDLE_URL = "bundleUrl";
diff --git a/src/main/resources/bpe/update-allow-list.bpmn b/src/main/resources/bpe/update-allow-list.bpmn
index 5ea7f29..a299c14 100644
--- a/src/main/resources/bpe/update-allow-list.bpmn
+++ b/src/main/resources/bpe/update-allow-list.bpmn
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<bpmn:definitions xmlns:bpmn="http://www.omg.org/spec/BPMN/20100524/MODEL" xmlns:bpmndi="http://www.omg.org/spec/BPMN/20100524/DI" xmlns:dc="http://www.omg.org/spec/DD/20100524/DC" xmlns:camunda="http://camunda.org/schema/1.0/bpmn" xmlns:di="http://www.omg.org/spec/DD/20100524/DI" id="Definitions_1yb5vw3" targetNamespace="http://bpmn.io/schema/bpmn" exporter="Camunda Modeler" exporterVersion="4.8.1">
+<bpmn:definitions xmlns:bpmn="http://www.omg.org/spec/BPMN/20100524/MODEL" xmlns:bpmndi="http://www.omg.org/spec/BPMN/20100524/DI" xmlns:dc="http://www.omg.org/spec/DD/20100524/DC" xmlns:camunda="http://camunda.org/schema/1.0/bpmn" xmlns:di="http://www.omg.org/spec/DD/20100524/DI" id="Definitions_1yb5vw3" targetNamespace="http://bpmn.io/schema/bpmn" exporter="Camunda Modeler" exporterVersion="5.11.0">
   <bpmn:process id="dsfdev_updateAllowList" isExecutable="true" camunda:versionTag="#{version}">
     <bpmn:sequenceFlow id="SequenceFlow_0bbhq2r" sourceRef="StartEvent_1" targetRef="updateAllowListTask" />
     <bpmn:endEvent id="EndEvent_0xd0x8k">
@@ -15,17 +15,9 @@
       <bpmn:messageEventDefinition messageRef="Message_1nn2wdw" />
     </bpmn:startEvent>
   </bpmn:process>
-  <bpmn:message id="Message_1nn2wdw" name="updateAllowListMessage" />
+  <bpmn:message id="Message_1nn2wdw" name="updateAllowList" />
   <bpmndi:BPMNDiagram id="BPMNDiagram_1">
     <bpmndi:BPMNPlane id="BPMNPlane_1" bpmnElement="dsfdev_updateAllowList">
-      <bpmndi:BPMNEdge id="SequenceFlow_0oyvmcd_di" bpmnElement="SequenceFlow_0oyvmcd">
-        <di:waypoint x="365" y="121" />
-        <di:waypoint x="415" y="121" />
-      </bpmndi:BPMNEdge>
-      <bpmndi:BPMNEdge id="SequenceFlow_0bbhq2r_di" bpmnElement="SequenceFlow_0bbhq2r">
-        <di:waypoint x="215" y="121" />
-        <di:waypoint x="265" y="121" />
-      </bpmndi:BPMNEdge>
       <bpmndi:BPMNShape id="EndEvent_0xd0x8k_di" bpmnElement="EndEvent_0xd0x8k">
         <dc:Bounds x="415" y="103" width="36" height="36" />
       </bpmndi:BPMNShape>
@@ -35,6 +27,14 @@
       <bpmndi:BPMNShape id="StartEvent_0x5gijn_di" bpmnElement="StartEvent_1">
         <dc:Bounds x="179" y="103" width="36" height="36" />
       </bpmndi:BPMNShape>
+      <bpmndi:BPMNEdge id="SequenceFlow_0bbhq2r_di" bpmnElement="SequenceFlow_0bbhq2r">
+        <di:waypoint x="215" y="121" />
+        <di:waypoint x="265" y="121" />
+      </bpmndi:BPMNEdge>
+      <bpmndi:BPMNEdge id="SequenceFlow_0oyvmcd_di" bpmnElement="SequenceFlow_0oyvmcd">
+        <di:waypoint x="365" y="121" />
+        <di:waypoint x="415" y="121" />
+      </bpmndi:BPMNEdge>
     </bpmndi:BPMNPlane>
   </bpmndi:BPMNDiagram>
 </bpmn:definitions>
diff --git a/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml b/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml
index ce21600..40c3971 100644
--- a/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml
+++ b/src/main/resources/fhir/ActivityDefinition/dsf-update-allow-list.xml
@@ -7,7 +7,7 @@
 	</meta>
 	<extension url="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization">
 		<extension url="message-name">
-			<valueString value="updateAllowListMessage" />
+			<valueString value="updateAllowList" />
 		</extension>
 		<extension url="task-profile">
 			<valueCanonical value="http://dsf.dev/fhir/StructureDefinition/task-update-allow-list|#{version}" />
diff --git a/src/main/resources/fhir/StructureDefinition/dsf-task-update-allow-list.xml b/src/main/resources/fhir/StructureDefinition/dsf-task-update-allow-list.xml
index 7aeba34..1ffaab1 100644
--- a/src/main/resources/fhir/StructureDefinition/dsf-task-update-allow-list.xml
+++ b/src/main/resources/fhir/StructureDefinition/dsf-task-update-allow-list.xml
@@ -41,7 +41,7 @@
     </element>
     <element id="Task.input:message-name.value[x]">
       <path value="Task.input.value[x]" />
-      <fixedString value="updateAllowListMessage" />
+      <fixedString value="updateAllowList" />
     </element>
     <element id="Task.input:correlation-key">
       <extension url="http://hl7.org/fhir/StructureDefinition/structuredefinition-explicit-type-name">
diff --git a/src/main/resources/fhir/Task/dsf-task-update-allow-list.xml b/src/main/resources/fhir/Task/dsf-task-update-allow-list.xml
index 959ba73..327995c 100644
--- a/src/main/resources/fhir/Task/dsf-task-update-allow-list.xml
+++ b/src/main/resources/fhir/Task/dsf-task-update-allow-list.xml
@@ -33,6 +33,6 @@
 				<code value="message-name" />
 			</coding>
 		</type>
-		<valueString value="updateAllowListMessage" />
+		<valueString value="updateAllowList" />
 	</input>
 </Task>
\ No newline at end of file

From c140e58a990477f9352b19b1e66ab1c96f386b6c Mon Sep 17 00:00:00 2001
From: Hauke Hund <hauke.hund@hs-heilbronn.de>
Date: Mon, 21 Aug 2023 02:31:13 +0200
Subject: [PATCH 11/13] improved exception and log message

---
 src/main/java/dev/dsf/bpe/service/DownloadAllowList.java | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/main/java/dev/dsf/bpe/service/DownloadAllowList.java b/src/main/java/dev/dsf/bpe/service/DownloadAllowList.java
index 2e42a66..13f5385 100644
--- a/src/main/java/dev/dsf/bpe/service/DownloadAllowList.java
+++ b/src/main/java/dev/dsf/bpe/service/DownloadAllowList.java
@@ -48,10 +48,11 @@ protected void doExecute(DelegateExecution execution, Variables variables)
 		}
 		catch (WebApplicationException e)
 		{
-			logger.error("Error while reading Bundle with id '{}' from organization {}: {}", bundleId.getValue(),
-					task.getRequester().getReference(), e.getMessage());
+			logger.error("Error while reading Bundle with id '{}' from organization {}: {} - {}", bundleId.getValue(),
+					task.getRequester().getIdentifier().getValue(), e.getResponse().getStatusInfo(), e.getMessage());
 			throw new RuntimeException("Error while reading Bundle with id '" + bundleId.getValue()
-					+ "' from organization " + task.getRequester().getReference() + ": " + e.getMessage(), e);
+					+ "' from organization " + task.getRequester().getIdentifier().getValue() + ": "
+					+ e.getResponse().getStatusInfo() + " - " + e.getMessage(), e);
 		}
 	}
 

From 9be438c18f9cf0090601e2f85ab98aaf5a94e43f Mon Sep 17 00:00:00 2001
From: Hauke Hund <hauke.hund@hs-heilbronn.de>
Date: Mon, 21 Aug 2023 02:33:41 +0200
Subject: [PATCH 12/13] reworked OrganizationAffiliation allow-list generation

Only first endpoint now selected for bundle (only one endpoint allowed
by dsf).
Endpoint identifier now part of the conditional update url in the
allow-list bundle.
---
 .../dev/dsf/bpe/service/UpdateAllowList.java    | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/main/java/dev/dsf/bpe/service/UpdateAllowList.java b/src/main/java/dev/dsf/bpe/service/UpdateAllowList.java
index 291247f..5bdadca 100644
--- a/src/main/java/dev/dsf/bpe/service/UpdateAllowList.java
+++ b/src/main/java/dev/dsf/bpe/service/UpdateAllowList.java
@@ -212,14 +212,18 @@ private BundleEntryComponent toOrganizationAffiliationEntry(OrganizationAffiliat
 		else
 			throw new IllegalStateException("OrganizationAffiliation with participating organization expected");
 
+		String endpointIdentifier;
 		if (affiliation.hasEndpoint())
 		{
-			List<Reference> endpoints = affiliation.getEndpoint().stream()
-					.map(e -> tempIdsByTypeAndId.get(e.getReference()))
-					.map(tempId -> new Reference().setType("Endpoint").setReference(tempId))
-					.collect(Collectors.toList());
-			affiliation.setEndpoint(endpoints);
+			String ref = affiliation.getEndpointFirstRep().getReference();
+			endpointIdentifier = identifierByTypeAndId.get(ref);
+			String endpointTempId = tempIdsByTypeAndId.get(ref);
+
+			affiliation.setEndpoint(
+					Collections.singletonList(new Reference().setType("Endpoint").setReference(endpointTempId)));
 		}
+		else
+			throw new IllegalStateException("OrganizationAffiliation with endpoint expected");
 
 		BundleEntryComponent entry = new BundleEntryComponent();
 		entry.setFullUrl(uuid);
@@ -228,7 +232,8 @@ private BundleEntryComponent toOrganizationAffiliationEntry(OrganizationAffiliat
 				.setUrl("OrganizationAffiliation?primary-organization:identifier="
 						+ NamingSystems.OrganizationIdentifier.SID + "|" + primaryOrganizatioIdentifier
 						+ "&participating-organization:identifier=" + NamingSystems.OrganizationIdentifier.SID + "|"
-						+ participatingOrganizationIdentifier);
+						+ participatingOrganizationIdentifier + "&endpoint:identifier="
+						+ NamingSystems.EndpointIdentifier.SID + "|" + endpointIdentifier);
 		return entry;
 	}
 }

From 8ac681f992ecb193b1d51ccef480541d0e5cdbfe Mon Sep 17 00:00:00 2001
From: Hauke Hund <hauke.hund@hs-heilbronn.de>
Date: Tue, 22 Aug 2023 14:17:02 +0200
Subject: [PATCH 13/13] 1.0.0.0 release

---
 pom.xml                                                       | 4 ++--
 .../java/dev/dsf/bpe/AllowListProcessPluginDefinition.java    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index a63de9f..c7d054d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,7 +6,7 @@
 
 	<groupId>dev.dsf</groupId>
 	<artifactId>dsf-process-allow-list</artifactId>
-	<version>1.0.0.0-SNAPSHOT</version>
+	<version>1.0.0.0</version>
 	<packaging>jar</packaging>
 
 	<properties>
@@ -14,7 +14,7 @@
 		<compileSource>17</compileSource>
 		<compileTarget>17</compileTarget>
 
-		<dsf.version>1.0.0</dsf.version>
+		<dsf.version>1.1.0</dsf.version>
 		<dsf.location>../dsf</dsf.location>
 	</properties>
 
diff --git a/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java b/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
index 9f30657..22830a1 100644
--- a/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
+++ b/src/main/java/dev/dsf/bpe/AllowListProcessPluginDefinition.java
@@ -11,7 +11,7 @@
 public class AllowListProcessPluginDefinition implements ProcessPluginDefinition
 {
 	public static final String VERSION = "1.0.0.0";
-	public static final LocalDate RELEASE_DATE = LocalDate.of(2023, 5, 20);
+	public static final LocalDate RELEASE_DATE = LocalDate.of(2023, 8, 22);
 
 	@Override
 	public String getName()