Access Control Administration

Working with access control requires an administrative login.

This is the phpGACL web interface. It's very flexible but takes some study to understand. What we'll do first is go through the steps of adding a user.

Currently each new user must be added to both OpenEMR and to phpGACL. The user IDs must match. At some point we will integrate these more tightly.

First, in the "ACL Admin" tab, click on the Users section and then click the Edit link under "Access Request Objects". The AROs are our users.

You can add a user by typing the user ID, order and name into one of the blank lines as shown here. Order can be anything, we just use 10 for all entries. The click Submit to save the new entry.

Now you see the new user in the list. Next click the "ARO Group Admin" tab.

Users get their permissions by being a member of a suitable group. Buster Brown is a doctor so we'll add him to the Physicians group. So start by clicking "Assign ARO" in the Physicians line.

Then click Buster Brown to select him, and the ">>" button to move him to the selection list. Click Submit to complete the assignment.

Alright, he's now a physician!

Now click the "ACL List" tab. We're going to see how to modify a group's permissions.

This is a list of all the assignments of permissions to groups. You can edit any of these by clicking the Edit link on the right side of the page.

To add a permission to this segment, you can click a section name on the left, and then the ACO name in the center, and then the ">>" button to add it to the list of selected permissions. Then clicking Submit will save the change.