Privilege Checking For Access Control In OpenMRS

As mentioned in Access Control In OpenMRS, OpenMRS usesRole Based Access Control (RBAC) for access control. An important part for this access control is checking if the user has the required privilege(s). In OpenMRS, talking to the database is done through services. The following diagram describes the privilege checking procedure:

NOTE: This is just a general overview, some methods do further privilege checking.

The numeric value on each edge label represents the step in the procedure.

Step 1: The user uses the Web-INF of OpenMRS.
Step 2: Through the Web-INF, the invokes some service layer method.
Step 3: The Service it wrapped with the AuthorizationAdvice class, and the method before() is called.
Step 4: The before() method, calls the method hasPrivilege() in the Context class.
Step 5: The hasPrivilege() method (in the Context class), delegates to the method hasPrivilege() in the UserContext class.
Step 6: The hasPrivilege() method (in the UserContext class) calls the method hasPrivilege() in the User class.
Step 7: The hasPrivilege() method (in the User class) calls the method hasPrivilege() in the Role class, for all the roles the user has.
-         : The hasPrivilege() method (in the Role class), loops through all the privileges it has, and checks if it has the required privilege.
Step 8: The hasPrivilege() method (in the UserContext class) call the method hasPrivilege() in the Role class. This is done for the Anonymous and Authenticated roles. Authenticated role is checked only if the user is authenticated (logged in).
-         : The hasPrivilege() method (in the Role class), loops through all the privileges it has, and checks if it has the required privilege.

Step 8 is called only if the privilege has not been fulfilled by steps 6 and 7.
Steps 4 to 8 are repeated for every privilege being checked.

If the user has the privileges then they are allowed access, otherwise the access is denied.