User and Access Management through Bahmni

(Mohit Dhamdhere) #1


We would like to enhance user management and access control for Bahmni as currently entire OpenMRS console is exposed to admin and we do not have granular privileges to restrict access to either Bahmni or OpenMRS components

Is there any development happening on OpenMRS towards enhancing the user management? @abhinavpc @dirkg @megkmcguire @vmalini @snehabagri @angshuonline @burke @mksd @binduak @dkayiwa

(Sneha Bagri) #2


We are trying to build RBAC which not only prevent the user from accessing resources from a UI perspective but also from an API. For example if we want to restrict the user to access programs and forms, we could design a data model like below:

On the other hand if the access is to be restricted to only UI components like dashboard or display controls, then the privilege can be stored and checked for as below:

@abhinavpc @dirkg @megkmcguire @vmalini @snehabagri @angshuonline @burke @mksd @binduak @dkayiwa

(Dimitri R) #3

Hi @snehabagri jumping fast on this. Before you guys move further in that direction I would strongly suggest that you go through this thread and that you follow up with @wyclif and I:

Looks like there is a strong possibility for collaboration and alignment of requirements here. I would be happy to organise a call this week to discuss both your specs and ours and take it from there.

(Angshuman Sarkar) #4

I suggest that please do due diligence in choosing the right tech. In my opinion, there is minimal overlap with location based access control, but could be wrong. Seems all are direct privilege based restrictions. If we want to reuse, then let’s huddle and figure out the right design (and not just intercept based filtration). See also my questions in the thread.