Versions Compared

Old Version 18

changes.mady.by.user Dimitri R

Saved on

compared with

New Version 19

changes.mady.by.user Dimitri R

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Background

This module provides a mechanism for filtering persistent data on a configurable and customisable basis. In a nutshell it enforces metadata-based access to users and/or roles.

For instance, out of the box, the module supports location-based and privilege-based access control to patient records and their clinical data. The initial implementation for those two use cases is restricted to the patients and their visits, encounters and observations.

Architectural Overview

The data model has been kept simple deliberately such that only two concepts matter: 1) which entity is being restricted by the filtering and 2) on what basis does this filtering restriction operate?

...

Code Block
languagejs
titleLocation-based access to visits
{
  "name": "datafilter_locationBasedVisitFilter",
  "targetClass": "org.openmrs.Visit",
  "condition": "patient_id IN (SELECT DISTINCT pa.person_id FROM person_attribute pa WHERE pa.person_attribute_type_id = :attributeTypeId AND pa.value IN (:basisIds) AND pa.voided = 0)",
  "parameters": [
    {
  ...
}

This reads "selects only patients that have a specific person attribute whose value is either of the bases", where those bases are the locations that the user has access to.

Another question remains: how does Data Filter know which person attribute type is used to link patients to their location?

TBC.

There are a couple of end-to-end tests in place showing the module's mechanics, see for instance PatientFilterTest .

Roadmap

We envision adding filtering of other patient clinical data like orders, encounter diagnoses, appointments, ...etc.

We also envision a scenario where another module can leverage this module's functionality to limit access by some other criteria e.g. role-based access.

With that said, we hope to strip the location-based and program-based functionality out of this module leaving it as a very thin lightweight and reusable module purely for data filtering. The location-based access filtering should be moved to the existing Location based access module for instance.

Developer Guide

User Guide

Download

Installation

NOTE

To guarantee proper functionality of OpenMRS, it's highly recommended to install the module by stopping OpenMRS, drop the .omod file in the module repository and start OpenMRS again, this also applies to uninstall it, you need to stop OpenMRS, remove the .omod from the local module repository and start OpenMRS.

Configuration

...

    "name": "attributeTypeId",
      "type": "integer"
    },
    {
      "name": "basisIds",
      "type": "string"
    }
  ]
}