Status

Requirements

• OpenMRS user and role management should be replicated in OpenSRP and the OpenMRS dependency removed. Required functions:
  • Create user
  • Archive user
  • Edit user
  • Allow user to reset forgotten password
  • Assign roles to a user
  • Create role (TBD)
  • Archive role (TBD)
  • Edit role (TBD)
• Role-based permissions will need to be enabled in the API in order to restrict user management operations to administrators (and to users for self-management)
• Existing OpenMRS roles include the following - these will need to be rationalized:
  • Administrator
  • Anonymous
  • Authenticated
  • OpenSRP - Get All Events
  • Provider
  • System Developer
• A hard-coded list of roles could be implemented for MVP (Todo: Validate)
• Assumption: The main code changes will be around the OauthAuthenticationProvider and will require a facade to a new service mimicking the DrishtiAuthenticationProvider and replacing the OpenMRSUserService with an OpenSRPUserService
• There should be a UI accessible through the WebUI for managing users (upsert) and roles (assignment to users)
• The functionality should only be available to users with the relevant roles

Tasks

• Create OpenSRP data schema for users and roles
• Build OpenSRPUser Service
• Replace OpenMRSUserService with OpenSRPUserService
• Test that OuthAuthenticationProvider functions as before 
• Add RBAC to the WebUI - High LOE dependency. SHould be scoped and estimated separately 
• Create  WebUI screens for user management
• Assumption: Not all users will be providers, but all providers will be users 

Mock-Ups

Existing Views

Test Case