Wiki Spaces

Documentation
Projects
Resources

Get Help from Others

Q&A: Ask OpenMRS
Discussion: OpenMRS Talk
Real-Time: IRC Chat | Slack

Documentation

Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

KenyaUI provides a simple security model which is based around App Framework apps. Apps have an required privilege so this model associates page controllers with apps so that access to the controller can be All accessible URLs are associated with apps. Access to that URL is then determined by access to an the associated app(s).

A set of annotations are provided which can be applied to UI Framework page controllers to make the different types of associations between apps and pages.:

AnnotationDescriptionExamples
nonePage has no associated app but cannot be accessed by unauthenticated users
public class ProfilePageController {...}
@PublicPage
Page has no associated app but and can be accessed by unauthenticated users
@PublicPage
public class LoginPageController {...} 
@AppPage
Page has a single associated app specified by the annotation and can be accessed by users who have access to that app
@AppPage("kenyaemr.registration")
public class RegistrationHomePageController {...} 
@SharedPage

Page is shared by multiple apps and the appId request parameter specifies the current app. Page can be accessed by users who have access to the current app. Annotation can optionally specify a list of allowed apps.

@SharedPage
public class EnterFormPageController {...}
@SharedPage({"kenyaemr.clinician","kenyaemr.chart"})
public class RegimenEditorPageController {...}

Another set of annotations can be applied to fragment actions to associate them with apps:

AnnotationDescriptionExamples
noneAction has no associated app but cannot be accessed by unauthenticated users
public class ProfileFragmentController {
public Object getStatus() {...}
}
@PublicAction
Action has no associated app and can be accessed by unauthenticated users
public class LoginFragmentController {
@PublicAction
public Object authenticate() {...}
} 
@AppAction
Action has a single associated app specified by the annotation and can be accessed by users who have access to that app
public class RegistrationFragmentController {
@AppAction("kenyaemr.registration")
public Object register() {...}
}
@SharedAction

Action is shared by multiple apps and the appId request parameter specifies the current app. Action can be accessed by users who have access to the current app. Annotation can optionally specify a list of allowed apps.

public class FormFragmentController {
@SharedAction
public Object getFormHtml() {...}
}

The following rules apply when processing the annotations:

  • A page controller class or fragment action method can only have one of the above annotations.
  • If an request doesn't have the required privileges, an APIAuthenticationException will be thrown.

...