Need help with Privileges for Editing a Patient

I’m trying to create a role called “Edits Patient” which will allow a user to edit a patient’s demographic information. I have a test user that only inherits the Edits Patient role, and the only thing on the home screen is Find Patient Record, and when I click on it I get this error in the browser:

The page isn’t redirecting properly

Firefox has detected that the server is redirecting the request for this address in a way that will never complete.

    This problem can sometimes be caused by disabling or refusing to accept cookies.

The “Edits Patient” role has the following privileges:

  • App: coreapps.findPatient
  • Edit Patient Identifiers
  • Edit Patients
  • Provider Management Dashboard - Edit Patients

What else do I need to add? If doing something this simple is proving to be this difficult, is there something basic I’m missing or has the roles and privileges been implemented very poorly by OpenMRS?

I have already read, and it lists dozens and dozens of privileges required to just view a patient, which seems absurd to me and certainly that’s incorrect?? I’m very hesitant to trust that information.

You need to also add the “Get Users” and “Get Patients” privileges. Did you by any chance happen to look at this?

1 Like

I just stumbled on that module a few minutes ago, and am having some issues installing it. If I can get it to work it’ll be a HUGE help. In the meantime, I’ll add those 2 privileges you list.

Specifically, the issue I’m having installing the module, is that after supposedly successfully installing it, there is no “Privilege Helper Module” section on the admin page openmrs/admin/index.htm, despite what the documentation says:

On the OpenMRS Administration screen, under “Privilege Helper Module”, select the “Log privilege checks” link.

I’m still unable to get the Privilege Helper Module to show up in the Administration section. I’ve logged out and back in, I’ve restarted openMRS as well as Tomcat, and I still don’t see anything in the administration page.

I added Get Users and Get Patients to the list of privileges and now I can successfully search for a user but when I select a user to view, I get

Your user account does not have privileges required to view this page

I’m guessing I need something along the lines of View Patient now…

I have just released version 1.0.2 of the module. Can you try it out?

Yes, I can finally see the Privilege Helper in Admin, and it’s working, thank you!!

I’m about to rant, not at you, but just in general because I’m so frustrated.

This module needs to be in core, or mentioned in the Manage Privileges UI or something because it is literally impossible to manage privileges without this module. I spent nearly an entire DAY trying to allow a person to edit a user and do nothing else. I gave them all permissions, then began taking some away until I could learn what privileges mattered, but the UX is so bad that it was impossible. First it took a long time for me to figure out that the user had to sign out and back in before privilege changes took effect. Then I ran into errors in the Manage Privileges UI about every 5 times I’d make changes that would say something like “Privilege required: foo” where foo was the very first privilege in the list that I had selected. And sometimes the changes I made wouldn’t take effect at all, I’d have to refresh the page every time to ensure that the checkboxes were actually unchecked, and if not, remove them all again. It was a mind-numbingly bad experience, especially for something that is so crucial to the security of a system that absolutely must be secure.

We are please sorry about the frustrating experience that you have gone through, and we appreciate the feedback that you have given us. It is such feedback that helps us to continuously improve the system.

  • I have added a link of this module to the privilege wiki pages that you read.
  • Do you think you can create tickets for the user interface pages that have not worked well?
  • From your experience, is there anything you can add to the wiki for helping others?
  • Is there anything else that we could do to improve the user experience in setting this up?