Wiki Spaces

Documentation
Projects
Resources

Get Help from Others

Q&A: Ask OpenMRS
Discussion: OpenMRS Talk
Real-Time: IRC Chat | Slack

Documentation

Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Role

Inherit Privileges
from Role(s)

Privilege(s)

Medical Student

 


View Patient

Data Assistant

 


View Patient
Edit Patient

Data Manager

Data Assistant

Add Patient

...

  • Get Concepts
  • Get Concept Proposals
  • Get Users
  • Get Encounters
  • Get Encounter Types
  • Get Locations
  • Get Observations
  • Get Patients
  • Get Patient Identifiers
  • Get Patient Cohorts
  • Get Orders
  • Get Forms
  • Get Identifier Types
  • Get Concept Classes
  • Get Concept Datatypes
  • Get Privileges
  • Get Roles
  • Get Field Types
  • Get Order Types
  • Get Relationship Types
  • Get Concept Sources
  • Get Concept Map Types
  • Get Concept Reference Terms
  • Get Programs
  • Get Patient Programs
  • Get Global Properties
  • Get Person Attribute Types
  • Get People
  • Get Relationships
  • Get Database Changes
  • Get Problems
  • Get Allergies
  • Get HL7 Source
  • Get HL7 Inbound Queue
  • Get HL7 Inbound Archive
  • Get HL7 Inbound Exception
  • Get Visit Types
  • Get Visits
  • Get Visit Attribute Types
  • Get Location Attribute Types
  • Get Providers
  • Get Encounter Roles

    Note

    To view All the available Priviledges, Go to System Administration - Advanced Administration - Manage Priviledges under "Users"


    How to use priviledges and roles and avoid pitfalls



  • when creating new roles .always take advantage of inheriting common priviledges from already existing roles. 
     this makes the use of roles/priviledges very clear  , easily understandable and flexible whenever  a change is to be made regarding a certain role as illustrated below

    Role

    Inherit Privileges
    from Role(s)

    Privilege(s)

    Medical Student

    View Patient

    Data Assistant

    View Patient
    Edit Patient

    Data Manager

    Data Assistant

    Add Patient


  • However much the "add priviledge" option exits under priviledge management on the admin page,  the implementer is unlikely to be able to add a working new priviledge

    .Since the priviledge must be understood and used by the system, its only a system devoloper who can define a new priviledge and add it to the list


  • Limit the priviledges assigned to the "Anonymus" Role , as this will give acces to anyone who can acces the system without authentication and inreases the  ability for  a hacker to acces the system data ,etc

  • Limit the priviledges assigned to the "Authenticated", as this will grant priviledges to any one who has just loggen in , and it will also compromise patient data  confidentiality.
  • Limit the Number of users granted the "System Developer" as it grants all the priviledges and roles to the user to acces any part of the system.
  • Some in built Roles/Priviledges can not be deleted, but can be edited  
    example of the roles that cant be deleted are Anonymus, Authenticated, System developer and Provider
     note  All Role /Privildges that have a Locked Checkbox cant be deleted
     

    Tips to note when using the openmrs Reference Application

  • in the Reference Application , API level privileges are assigned to all roles automatically , and  access is limited  by assigning UI level privileges 

    hence on the home page of the Reference Application, the apps displayed depends on the priviledges assigned to a given user.

     Image Modified

  • To be able to to register a patient, the logged in user needs to have an associated provider account, meaning no patient registration will be possible if there is no user that has a provider account and yes this includes super user. Go to System Administration - Manage Accounts - Add New Account to add a new user and provider. Remember to create both a user account (with appropriate privileges) and a provider account. or in case u created a new user account with out an associated provider account, Go to System Administration - Advanced Administration - Manage Providers-Add provider   , select the user without a provider account , and create a provider account for them


    Trouble shooting.

  • whenever u get the error "java.lang.IllegalStateException: Can't handle users with multiple provider accounts"..
    the  cause of that, is creating duplicated provider account with the same user.   Go to System Administration - Advanced Administration - Manage Providers and delete a duplicated provider account 

Resources

Privilege Helper Module