Restricting access to a field
One may restrict access to a particular field based on the role of the user. This is a new feature and is only enabled for Yes/No fields. There is currently no web interface to changing this access: it must be done in sql.
Example: To restrict access to the "Disable database import" field on the patient registration page, here is the SQL used:
update admin.page_item set roles = "DELETE_ARCHIVE_PATIENT_RECORDS" where id=4358;
To find the list of roles, view records in the user_group_role table.
The code to enable this field access restriction for forms is in fields.jsp:
<c:choose>
<c:when test='${pageItem.roles=="DELETE_ARCHIVE_PATIENT_RECORDS"}'>
<logic:present role="DELETE_ARCHIVE_PATIENT_RECORDS">
<zeprs:yesno pageItem="${pageItem}"/>
</logic:present>
</c:when>
<c:otherwise>
<zeprs:yesno pageItem="${pageItem}"/>
</c:otherwise>
</c:choose>
The code for records is in encounter_form_fields.
Data in the roles field should be semi-colon delimited.
Note that the restriction is hard-coded to DELETE_ARCHIVE_PATIENT_RECORDS. It would be easy to loop through the roles in roles and test if the user has any of those roles.
- Printer-friendly version
- Login to post comments
PDF version
