I studied the OpenMRS DHIS report module and OpenMRS DHIS integration module and I found that those modules use the followings as privileges:
DHIS Report Module:
- View Dhisreport
- Manage Dhisreport
DHIS Integration module:
- Run Reports - Base privilege for running the reports
- Manage Results - View/Send/Delete Results
- View Server - Viewing Servers
- Manage Server - Add/Edit/Remove Server
- Manage DHIS Locations - Add/Edit/Remove DHIS Location Mappings
- Manage Data Elements - Map/Edit Data Element Mappings
- Manage Options - Map/Edit Option Mappings
- Manage Report Templates - Manage Editing Report Templates
- Map Cohorts - Map DHIS elements to cohorts
Seems like the privileges are created for every operation in that module.
If we use that approach, we can create privileges at an atomic level like this:
Proposed Privileges for DHIS Connector module:
- View Connection - Viewing DHIS2 Connection
- Manage Connection - Edit DHIS2 Connection
- View Location Mappings - View location-orgunit mappings
- Manage Location Mappings - Edit/Delete location-orgunit mappings
- View Automation - View scheduled mappings
- Run Automation - Run scheduled mappings
- Manage Automation - Add/Edit/Delete scheduled mappings
- Run Reports - Base privilege for running the reports
- Run failed data - Base privilege for pushing the failed data
- Manage Mappings - Create/Edit Mappings
- Import and Export - Import and export mappings and DHIS2 API
We can use either this way or the one i proposed earlier.
cc: @jayasanka @akshika47