Wiki Spaces


Get Help from Others

Q&A: Ask OpenMRS
Discussion: OpenMRS Talk
Real-Time: IRC Chat | Slack


Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Added a link to the demonstration module.


This is a stub page that needs to be filled in

Table of Contents


Users are given permissions through Roles. Each Role has a set of Privileges assigned to it. Those atomic privileges are used in the code to restrict access to different parts of the API. TODO: link to @privilege annotation page TODO. Link to security wiki page)

To check whether the current user has permissions, use Context.hasPrivilege().


A User object represents a Person who can log into the system.

Properties on a User:

  • userId: the database's integer used to identify the object.
  • person: the Person associated with the user.
  • systemId: a unique identifier assigned to each user.
  • username: the username for the user.
  • email: the email address for the user.
  • roles: a list of roles attributed to the user.
  • userProperties: the properties of the user.

Code Block

// Creates user with given password.
public User createUser(User user, String password);

// Gets user by given userId.
public User getUser(Integer userId);

// Gets user by given uuid.
public User getUserByUuid(String uuid);

// Gets user by given username.
public User getUserByUsername(String username);

// Verifies that the username and system id are unique.
public boolean hasDuplicateUsername(User user);

// Updates a given user in the database.
public User saveUser(User user);

// Deactivates a user account so that it can no longer log in.
public User retireUser(User user, String reason);

// Save the given privilege in the database.
public Privilege savePrivilege(Privilege privilege);

// Gets role for given role name.
public Role getRole(String r);

// Gets privilege for given name.
public Privilege getPrivilege(String p);

// Gets list of users by first and last name.
public List<User> getUsersByName(String givenName, String familyName, boolean includeRetired);


Code Block
User user = Context.getUserService().getUser(Integer.valueOf(userId));

The User class source code can be seen here.

The UserService class source code can be seen here.

A module demonstrating how to use this class can be seen here.


Roles are hierarchical. A role inherits privileges from its parent. A user can have multiple roles, and a role can have multiple privileges.

Properties on a Role:

  • role: the role assigned to the user.
  • privileges: the privileges for this role.
  • inheritedRoles: the roles that extend or inherit this role.
  • childRoles: roles that are children of this role.

The Role class source code can be seen here.


Privilege is a property of a Role.

Properties on a Privilege:

  • privilege: the name of the privilege.

The Privilege class source code can be seen here.

User Property

A set of key value pairs. Used to store user specific data. Something like:

String User
Code Block
User user2 = Context.getUserService().getUser(Integer.valueOf(userId));
user2.getUserProperty(String) - //get the value defined by the given string/key, returns Map<String,a String>String
Useruser2.getUserProperties() - //get all properties for that user in a key-value pairs
User, returns a Map<String, String>
user2.setUserProperty(String key, String value) - //overwrites given user property key with the given value, and adds it to the user's properties


Here is a class diagram for User and related classes.

Image Added

Future updates to this visualization can be made on here, or using the XML file here.