Bahmni has the ability to control the visibility of various applications within Bahmni (like access to Registration, Clinical modules, etc) using OpenMRS Privileges. In OpenMRS, a Role is a group of privileges.
To create a user that can login into Bahmni, one needs to create a user in OpenMRS. Bahmni re-uses the same session / credentials as of the underlying OpenMRS. Here are the steps needed to be performed for creating a login user for Bahmni:
These are the built-in roles that come with Bahmni. The table below mentions the list of roles, and the access that the role provides. Roles are additive in OpenMRS. Which means, you can give multiple roles to a user, and all privileges mentioned in each role, will be available to the user. For more details you can read OpenMRS Documentation on Users/Roles/Privileges.
|
The below table shows new roles created as part of 0.86 release update. Some of the roles must not be assigned to the user directly because it is only for internal use. Please refer notes column.
There are privileges changed for some of the clinical tabs. Please refer this table and it is taken care by these new roles. So, assign the applicable role(s) to the user and the user will have sufficient privileges to access the system.
Role | Description | Notes |
---|---|---|
SuperAdmin | Will give FULL access to Bahmni and OpenMRS | Remove this role for a user, if you wish to give access to only some modules. |
Bahmni-App | Will have FULL access to all Bahmni apps | Remove this role for a user, if you wish to give access to only some modules. |
Registration-App | Will have full access for Registration app | |
Programs-App | Will have full access for Programs app | This will have full access to Clinical-App |
Clinical-App | Will have full access to Clinical app | |
InPatient-App | Will have full access for InPatient app | |
Radiology-App | Will have full access for Radiology app | |
PatientDocuments-App | Will have full access for Patient Documents app | |
Admin-App | Will have full access for Admin app in EMR (including the Audit Log screen) | |
Reports-App | Will have full access for Reports app | |
OrderFulfillment-App | Will have full access for OrdersFulfillment app | |
Implementer-Interface-App | Will have full access to Implementer Interface app | |
Registration-App-Read-Only | Will have read-only access for Registration app | |
Clinical-App-Read-Only | Will have read-only access to Clinical app | |
Clinical-App-Observations | Will have full access for Observations tab in Clinical app | |
Clinical-App-Diagnosis | Will have full access for Diagnosis tab in Clinical app | |
Clinical-App-Disposition | Will have full access for Disposition tab in Clinical app | |
Clinical-App-Orders | Will have full access for Orders tab in Clinical app | |
Clinical-App-Treatment | Will have full access for Treatment tab in Clinical app | Treatment role represent for "Medication" tab in Bahmni |
Clinical-App-Bacteriology | Will have full access for Bacteriology tab in Clinical app | |
InPatient-App-Read-Only | Will have read-only access for InPatient app | |
Bahmni-App-User-Login | Will give ability to login to the application and used internally, should not be assigned to user directly. | This internal role is used by other roles, should not be assigned to user directly. |
Clinical-App-Save | Will have save privileges used by other Clinical roles and used internally, should not be assigned to user directly. | This internal role is used by other roles, should not be assigned to user directly. |
Clinical-App-Common | Will have common privileges used by other Clinical roles and used internally, should not be assigned to user directly. | This internal role is used by other roles, should not be assigned to user directly. |
bypass2FA | Role if assigned disables two factor authentication for that user and used internally, should not be assigned to user directly. | This is an internal role, should not be assigned to user directly. |
Privilege Level: Full | A role that has all API privileges | Provided by emr-api omod |
System Developer | Developers of the OpenMRS .. have additional access to change fundamental structure of the database model | Predefined by OpenMRS |
Anonymous | Privileges for non-authenticated users. | Predefined by OpenMRS |
Authenticated | Privileges gained once authentication has been established. | Predefined by OpenMRS |
Provider | All users with the 'Provider' role will appear as options in the default Infopath | Predefined by OpenMRS |
Every User has an associated Role. Every Role comprises of a SET of Privileges. You should preferably only assign Roles to Users. Roles are already setup with appropriate privileges when you install Bahmni, so that by reading the name of the role, you understand what Privileges have been assigned to the role. Don't modify privileges of a role, else people will get confused, or they might add a too powerful role to a user. |
|
Please see users and roles for appointment scheduling for details
Please see users and roles for operation theatre scheduling for details