Project: Location Based Access Control
Primary mentor: @dkayiwa
I have given some thought to the matter, as I’m interested in this project. And here is what I think. Your suggestions, and corrections are most welcomed.
By location, we’re actually referring to the session location of the currently logged in user. To my understanding user can belong to more than one location.
Filtering in the API backend
Say a user have access to both ‘Inpatient Ward’ and the ‘Outpatient Clinic’, and is not a ‘System Developer’, he/she should be able to retrieve only the resources (patient, encounter) that belongs in the same locations; ‘Inpatient Ward’ and the ‘Outpatient Clinic’.
We can include an additional ‘location’ query parameter for GET /encounter, /observation, and /patient. It is useful in case the logged in user is a ‘System Developer’, or in case that he/she belongs to more than one location, but want to filter out resources from a certain location.
Filtering in the UI : REFERENCE application
Say a user have access to both ‘Inpatient Ward" and the ‘Outpatient Clinic’. Even if he belongs to both locations, if in the reference applications’ session location (dropdown beside the username) is set to 'Inpatient Ward", only the resources that belongs to ‘Inpatient Ward’ should be shown in the UI.
Extra:
- When registering a new user/patient, we can default his/her location to the session location of the currently logged in user.
- In the ref-app logged in user (unless a System Developer) should see only the locations that he/she have access to.
Following is quoted from the Wiki page:
Some implementations want to register users and patients in certain locations. Then access them based on the location that some one has logged in. That way, if some one is logged in a certain location, they should see only those encounters, observations, and patients registered in that location. But the System Developer account should be able to see patients in all locations.
Objectives
- Assign users to locations on registration
- Assign patients to locations on registration
- During encounter, observation, and patient searches, return only those in the logged in location
- Ability to move patients from one location to another by an administrator
- Ability to assign locations to already existing patients
- Ability to assign locations to already existing users
- Login screen should not require users to select locations because on login, you know the location in which a user belongs.