A large humanitarian organisation is involved in a couple of OpenMRS implementations and one of the aspects they are very interested in is improving security in OpenMRS especially when it comes to restricting who can access patient records and data associated to them. Therefore, they are looking at starting with implementing location based access to such data.
@mksd is collaborating with this organisation, they reached out and asked me to help with guiding these efforts outside of my day job and we’re already in the initial stages of working on it.
They are aware of the location based access module that was developed as part of GSoC last summer, thanks to @suthagar23! Given that what they intend to be implementing addresses what could be deemed as a security issue, they feel that they need to take another approach that’s not AOP based and will address its current limitations e.g filtering out data before returning it from service methods via AOP throws off the paging mechanism built into them, I’m also not sure if getCountOfXXX() methods in services are taken care of to stay consistent with their counterparts that return the actual lists of matches.
I just wanted to reach out to the community and make you aware of these efforts, I think it’s key to keep the community involved and try to implement this in a collaborative and transparent way with input from everyone interested.
Currently, I’m spiking on use of hibernate filters and possibly along with an interceptor to see if we can use them to implement location based access, so please feel free to share your ideas, we would love to hear them.
I’m really excited about this because it’s going to help keep me even more involved in the development process of OpenMRS.