Privilege Naming for HTML Forms

The UgandaEMR team is looking to be able to add privileges to each of the forms used within the distribution as part of the move to provider based entry.

One of the questions that we have is with the naming convention for privileges, I have seen some prefixes such as App: and Task: as well as other long privilege names

We are thinking of using “Form: Form Name” with the Form prefix to show that this is a form based privilege.

Any thoughts, gotchas, and comments on this approach? Would this be adopted for Reference Application too (Vitals for example)?

cc @ruhanga @mozzy

@ssmusoke How about we use “Task” since it aligns with what forms do. when a user is entering a form is carrying out a task. Why the separation to have a category Form. I think Task is still valid for this.

1 Like

My suggestion here is based on Forms used to collect data, which may be part of a Task (which may include one or more forms) and additional processing

I am hoping some of the older OpenMRS devs who have been around longer for the Reference Application can share some insight into the choice of prefix naming to help drive the discussion forward.

What action is the privilege intended to control? Form entry? Editing using the form? Making changes to the form itself (administration)? Would it prevent viewing (i.e., read-only access) of previously entered forms? Would it prevent the form from showing in lists of forms?

I’m assuming it is meant for general use of the form (i.e., form entry), so ideally lists of forms a user sees would only include forms for which they have a privelege and if they should find some backdoor method of accessing the form (a direct URL), rendering the form for entry would first check for the privilege and throw an unauthorized error.

How would forms without such a privilege be handled? How would the server know which forms have an associated privilege and which didn’t?

The aim is to control Form Entry and Editing of entered data by an end user for provider based entry.

The privilege would be added in the ShowIf statement for the form, to also prevent it being loaded if not available in Ref App, is an enhancement.

It would also be used to control access to some dashboard widgets (displaying the form’s data) as configured on clinician facing dashboards.

This is the beginning of a rudimentary security control leveraging existing infrastructure, with the user only being able to access data provided the distribution - no backend access or Cohort builder.