Module Privileges and Roles

Background

Modules can add new privileges and roles to the system specific to the module's features.  For example, a reporting module might add privileges for the administrator to control which users can create new reports, edit or manage existing reports, or view reports.

Configuration (config.xml)

Within your modules config.xml file, you can add new privileges to the system.

<privilege>
  <name>Run Integrity Check</name>
  <description>Ability to run integrity check repairs</description>
</privilege>

@Authorized Annotation

The @Authorized annotation can be used as a concise way to require privileges for specific methods. (Would like to point people to example(s) here)

@Transactional(readOnly = true)
@Authorized( { PrivilegeConstants.VIEW_PERSONS })
public Set<Person> getSimilarPeople(String nameSearch, Integer birthyear, String gender) throws APIException;

Proxy Privileges

Proxy Privilege is the Alternative way which a normal OpenMRS user can gain the privileges of Other required Ones by the use of underneath coding.
(May be in OpenMRS modules)

Lets take a simple example.
eg: Normal Users haven't got the privilege to "View All Users" in the System, So need to use Proxy privileges to overcome the issue.

"View Users" is the required privilege in here, But the User hasn't got it by Default.

Context.addProxyPrivilege("View Users");
model.put("allusers", Context.getUserService().getAllUsers()); // << The privilege required line
Context.removeProxyPrivilege("View Users");

Checking for Privileges

You can check for privileges within your code:

Context.hasPrivilege()

See Also

• LocalHeader (webapp/WEB-INF/admin/concepts/localHeader.jsp)
• Controlling User Access (Roles and Privileges)
• Privilege Helper Module