Have you implemented OpenMRS? Please participate in the Implementation Site Survey. If you already have, thank you!
Page tree
Skip to end of metadata
Go to start of metadata

You can help OpenMRS by adding/editing content on this page. If you find an error or having something to add, we encourage you to edit the page or at least add a comment to the page.

Background

Modules can add new privileges and roles to the system specific to the module's features.  For example, a reporting module might add privileges for the administrator to control which users can create new reports, edit or manage existing reports, or view reports.

Configuration (config.xml)

Within your modules config.xml file, you can add new privileges to the system.

<privilege>
  <name>Run Integrity Check</name>
  <description>Ability to run integrity check repairs</description>
</privilege>

@Authorized Annotation

The @Authorized annotation can be used as a concise way to require privileges for specific methods. (Would like to point people to example(s) here)

@Transactional(readOnly = true)
@Authorized( { PrivilegeConstants.VIEW_PERSONS })
public Set<Person> getSimilarPeople(String nameSearch, Integer birthyear, String gender) throws APIException;

Proxy Privileges

Proxy Privilege is the Alternative way which a normal OpenMRS user can gain the privileges of Other required Ones by the use of underneath coding.
(May be in OpenMRS modules)

Lets take a simple example.
eg: Normal Users haven't got the privilege to "View All Users" in the System, So need to use Proxy privileges to overcome the issue.

"View Users" is the required privilege in here, But the User hasn't got it by Default.

Context.addProxyPrivilege("View Users");
model.put("allusers", Context.getUserService().getAllUsers()); // << The privilege required line
Context.removeProxyPrivilege("View Users");

Checking for Privileges

You can check for privileges within your code:

Context.hasPrivilege()

See Also

  • LocalHeader (webapp/WEB-INF/admin/concepts/localHeader.jsp)

1 Comment