Table of Contents
Roles
Roles are a set of Permissions grouped together under a name. Each Organization defines its own roles and the permissions they contain.
A User can only be associated with a single Role.
Permissions
| ID | Organization-Related | Description | Used In |
|---|---|---|---|
| list_organizations | No | Users with this permission can get a list of all organizations. |
|
| read_organization | Yes | Users with this permission can request information of a specific organization. |
|
| list_facilities | Yes | Users with this permission can get a list of all facilities within an organization. |
|
| read_facility | Yes | Users with this permission can request information of a specific facility of an organization. |
|
| list_rooms | Yes | Users with this permission can get a list of all the room of any facility for an organization. |
|
| read_room | Yes | Users with this permission can request information of a specific room of an organization. |
|
| list_roles | Yes | Users with this permission can get a list of all the roles within a specific organization. |
|
| read_role | Yes | Users with this permission can request information of a specific role in an organization. |
|
| list_users | Yes | Users with this permission can get a list of all the users within a specific organization. |
|
| list_users_from_all_organizations | No | Users with this permission can get a list of all the users from all the organizations. |
|
| read_user | Yes | Users with this permission can read information of users from the specified organization. |
|
| delete_user | Yes | Users with this permission can delete users from the specified organization. |
|
| modify_user | Yes | Users with this permission can modify information about users from the specified organization. |
|
| modify_own_user | No | Users with this permission can modify his/her own user. A user with this permission can't modify either his/her Facility nor Role. |
|
modify_user_nfc_tag | Yes | Users with this permission can modify users tag ids in the specified organization. A user can modify its own tag id even without having this permission: 'modify_own_user' is enough to do this (if the Facility allows this by having nfcSelfModificationEnabled = true). |
|
| list_patients_from_all_organizations | No | Users with this permission can get a list of all the patients from all the organizations. |
|
| list_patients_from_current_organization | No | Users with this permission can get a list of all the patients from the organizations where they belong. |
|
| list_patients_from_current_facility | No | Users with this permission can get a list of all the patients from the facility where they belong. |
|
| list_discharged_patients | Yes | Users with this permission will get discharged patients in the list returned by List Patient operation. |
|
| discharge_patients | Yes | Users with this permission can submit the special 'discharge patient' form. |
|
| final_discharge_patients | Yes | Users with this permission can submit the special 'discharge final patient' form. |
|
| send_messages | No | Users with this permission can make use of the communication API |
|
read_alerts_only_from_associated_patients | No | Users with this permission will only receive Alerts for the patients that he/she has currently assigned. Direct Alerts (sent to a specific user id) are still visible even without this permission. | |
read_alerts_from_entire_organization | No | Users with this permission will receive alerts from patients in the entire organization (as long as the alert is configured to be sent to the user's role). Without this permission, only alerts related to the same facility where the user belongs are returned. |
User Statuses
Each user has an associated Status in the System. User Statuses are defined at a system level: all organizations share the same set of possible statuses.
The current supported statuses are:
| Status | Description | Used In |
|---|---|---|
| ACTIVE | This status is required for a User in order to log in into the application. |
|
| PENDING | The default status for newly created users. |
|
| SUSPENDED | Users may be suspended to avoid them to log in into the system for a period of time. |
|
| INACTIVE | Users are never deleted from the database. Instead, their status is changed to INACTIVE. |
|
Even if the API doesn't impose any limitation between the transition from one status to another, the UI implements the following state machine:
0 Comments