Location Based Access Control for Patients
This week I was involved to complete the Location Based Access Control implementation for the patients. As the first step, We planned to initiate this task and see what is going on the system!!
According to our plan, Patients should be created with a access location information during their registration. The access location information will be saved as an person attribute for now through the registrations. The workflow can be thouhght in two ways,
- There is an custom fragment to select the access locations for the patients, So the system patient registration dashboard can be customized with our access locations fragment.
- If the system doesn't configured with the custom fragment, then the logged in user session location will be taken for the access location for the patients who registered by that user. — The big problem
How to access the session location from API layer?
I need to find a better solution to fetch the session location information from the API Layer level. The session implementation was coded for the web layer and there are no way to directly access from the API layer.
We need to call a back-end API (appui/session) to fetch the session location information form the system. So I spend a huge amount of time to provide a better solution for this.
After some discussion with my mentor and community members, I was decided to make some changes in the App-UI module to store the session location information in the UserContext. Then we can simply get the session location information from the API layer through the UserContext.
We can get the current session location of the authenticated user through this following REST call…talk.openmrs.org
After this task, I planned to add the user registration to this workflow.
See you in the next blog!!!