Currently, OpenMRS has access control based on the user privileges. So the user needs to have the required privilege to access some of the OpenMRS service.
Anyway, OpenMRS doesn’t have any proper location control for their services. Even anyone from any location can access the metadata in the OpenMRS. Actually, still, they haven’t concerned about the location management inside the OpenMRS. But we should prepare the OpenMRS to support the access control based on the locations. It will add more value to the metadata security also.
OpenMRS has the privilege based access control implementations. Like that one, we need to implement a Location based Access control system. It will manage the access to the services based on the locations.
Some implementations want to register the users and patients (the persons also) in certain selected locations. Then access them based on the location that someone has logged in. That way, if someone is logged in a certain location, they should see only those encounters, observations, and patients registered in that location.
Anyway, the user who has multiple locations access (like Admin in our privilege based access control system) should be able to see patients in all locations. We can allocate multiple locations access to the System Developer or System administrator.
- Find the related project objectives and outcome as a new module.
- Find some ideas to integrate the AOP techniques inside the project **