2 // Copyright (C) 2005-2006 Rod Roark <rod@sunsetsystems.com>
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
9 // This program may be run after phpGACL has been installed, and will
10 // create the Access Control Objects and their sections as required
11 // by OpenEMR. See openemr/library/acl.inc file for the list of
12 // currently supported Access Control Objects(ACO), which this
13 // script will install. This script also creates several
14 // ARO groups, an "admin" ARO, and some reasonable ACL entries for
16 // ARO groups include:
18 // Physicians (Doctors)
19 // Clinicians (Nurses, Physician Assistants, etc.)
20 // Front Office (Receptionist)
24 // If you have previously installed phpGACL, and have since upgraded
25 // to a new version of OpenEMR, then should consider upgrading
26 // the phpGACL database with the acl_upgrade.php script to ensure
27 // the database includes all the required Access Control Objects(ACO).
30 include_once('library/acl.inc');
32 if (! $phpgacl_location) die("You must first set up library/acl.inc to use phpGACL!");
34 include_once("$phpgacl_location/gacl_api.class.php");
36 $gacl = new gacl_api();
38 // Create the ACO sections. Every ACO must have a section.
40 if ($gacl->add_object_section('Accounting', 'acct', 10, 0, 'ACO') === FALSE) {
41 die("<br>This is not working. Make sure you have:<br>" .
42 "* Set the correct phpgacl database name, user and password in gacl.ini.php<br>" .
43 "* Done the same in gacl.class.php<br>" .
44 "* Run setup.php from the phpGACL distribution<br>" .
45 "* Not already run this script successfully<br>");
47 $gacl->add_object_section('Administration', 'admin' , 10, 0, 'ACO');
48 $gacl->add_object_section('Encounters' , 'encounters' , 10, 0, 'ACO');
49 $gacl->add_object_section('Patients' , 'patients' , 10, 0, 'ACO');
50 $gacl->add_object_section('Squads' , 'squads' , 10, 0, 'ACO');
51 $gacl->add_object_section('Sensitivities' , 'sensitivities', 10, 0, 'ACO');
53 // Create Accounting ACOs.
55 $gacl->add_object('acct', 'Billing (write optional)' , 'bill' , 10, 0, 'ACO');
56 $gacl->add_object('acct', 'Price Discounting' , 'disc' , 10, 0, 'ACO');
57 $gacl->add_object('acct', 'EOB Data Entry' , 'eob' , 10, 0, 'ACO');
58 $gacl->add_object('acct', 'Financial Reporting - my encounters', 'rep' , 10, 0, 'ACO');
59 $gacl->add_object('acct', 'Financial Reporting - anything' , 'rep_a', 10, 0, 'ACO');
61 // Create Administration ACOs.
63 $gacl->add_object('admin', 'Superuser' , 'super' , 10, 0, 'ACO');
64 $gacl->add_object('admin', 'Calendar Settings' , 'calendar' , 10, 0, 'ACO');
65 $gacl->add_object('admin', 'Database Reporting' , 'database' , 10, 0, 'ACO');
66 $gacl->add_object('admin', 'Forms Administration' , 'forms' , 10, 0, 'ACO');
67 $gacl->add_object('admin', 'Practice Settings' , 'practice' , 10, 0, 'ACO');
68 $gacl->add_object('admin', 'Superbill Codes Administration' , 'superbill', 10, 0, 'ACO');
69 $gacl->add_object('admin', 'Users/Groups/Logs Administration', 'users' , 10, 0, 'ACO');
70 $gacl->add_object('admin', 'Batch Communication Tool' , 'batchcom' , 10, 0, 'ACO');
71 $gacl->add_object('admin', 'Language Interface Tool' , 'language' , 10, 0, 'ACO');
72 $gacl->add_object('admin', 'Pharmacy Dispensary' , 'drugs' , 10, 0, 'ACO');
73 $gacl->add_object('admin', 'ACL Administration' , 'acl' , 10, 0, 'ACO');
75 // Create ACOs for encounters.
77 $gacl->add_object('encounters', 'Authorize - my encounters' , 'auth' , 10, 0, 'ACO');
78 $gacl->add_object('encounters', 'Authorize - any encounters' , 'auth_a' , 10, 0, 'ACO');
79 $gacl->add_object('encounters', 'Coding - my encounters (write,wsome optional)' , 'coding' , 10, 0, 'ACO');
80 $gacl->add_object('encounters', 'Coding - any encounters (write,wsome optional)' , 'coding_a', 10, 0, 'ACO');
81 $gacl->add_object('encounters', 'Notes - my encounters (write,addonly optional)' , 'notes' , 10, 0, 'ACO');
82 $gacl->add_object('encounters', 'Notes - any encounters (write,addonly optional)' , 'notes_a' , 10, 0, 'ACO');
83 $gacl->add_object('encounters', 'Fix encounter dates - any encounters' , 'date_a' , 10, 0, 'ACO');
84 $gacl->add_object('encounters', 'Less-private information (write,addonly optional)', 'relaxed' , 10, 0, 'ACO');
86 // Create ACOs for patients.
88 $gacl->add_object('patients', 'Appointments (write optional)' , 'appt' , 10, 0, 'ACO');
89 $gacl->add_object('patients', 'Demographics (write,addonly optional)' , 'demo' , 10, 0, 'ACO');
90 $gacl->add_object('patients', 'Medical/History (write,addonly optional)', 'med' , 10, 0, 'ACO');
91 $gacl->add_object('patients', 'Transactions (write optional)' , 'trans', 10, 0, 'ACO');
92 $gacl->add_object('patients', 'Documents (write,addonly optional)' , 'docs' , 10, 0, 'ACO');
93 $gacl->add_object('patients', 'Patient Notes (write,addonly optional)' , 'notes', 10, 0, 'ACO');
95 // Create ACOs for sensitivities.
97 $gacl->add_object('sensitivities', 'Normal', 'normal', 10, 0, 'ACO');
98 $gacl->add_object('sensitivities', 'High' , 'high' , 20, 0, 'ACO');
100 // Create ARO groups.
102 $users = $gacl->add_group('users', 'OpenEMR Users' , 0 , 'ARO');
103 $admin = $gacl->add_group('admin', 'Administrators', $users, 'ARO');
104 $clin = $gacl->add_group('clin' , 'Clinicians' , $users, 'ARO');
105 $doc = $gacl->add_group('doc' , 'Physicians' , $users, 'ARO');
106 $front = $gacl->add_group('front', 'Front Office' , $users, 'ARO');
107 $back = $gacl->add_group('back' , 'Accounting' , $users, 'ARO');
109 // Create a Users section for the AROs (humans).
111 $gacl->add_object_section('Users', 'users', 10, 0, 'ARO');
113 // Create the Administrator in the above-created "users" section
114 // and add him/her to the above-created "admin" group.
116 $gacl->add_object('users', 'Administrator', 'admin' ,10, 0, 'ARO');
117 $gacl->add_group_object($admin, 'users', 'admin', 'ARO');
119 // Set permissions for administrators.
123 'acct'=>array('bill', 'disc', 'eob', 'rep', 'rep_a'),
124 'admin'=>array('calendar', 'database', 'forms', 'practice', 'superbill', 'users', 'batchcom', 'language', 'super', 'drugs', 'acl'),
125 'encounters'=>array('auth_a', 'coding_a', 'notes_a', 'date_a'),
126 'patients'=>array('appt', 'demo', 'med', 'trans', 'docs', 'notes'),
127 'sensitivities'=>array('normal', 'high')
129 NULL, array($admin), NULL, NULL,
130 1, 1, 'write', 'Administrators can do anything'
133 // Set permissions for physicians.
137 'acct'=>array('disc', 'rep'),
138 'admin'=>array('drugs'),
139 'encounters'=>array('auth_a', 'coding_a', 'notes_a', 'date_a'),
140 'patients'=>array('appt', 'demo', 'med', 'trans', 'docs', 'notes'),
141 'sensitivities'=>array('normal', 'high')
143 NULL, array($doc), NULL, NULL,
144 1, 1, 'write', 'Things that physicians can read and modify'
147 // Set permissions for clinicians.
151 'encounters'=>array('notes', 'relaxed'),
152 'patients'=>array('demo', 'med', 'docs', 'notes'),
153 'sensitivities'=>array('normal')
155 NULL, array($clin), NULL, NULL,
156 1, 1, 'addonly', 'Things that clinicians can read and enter but not modify'
160 'admin'=>array('drugs'),
161 'encounters'=>array('coding'),
162 'patients'=>array('appt')
164 NULL, array($clin), NULL, NULL,
165 1, 1, 'write', 'Things that clinicians can read and modify'
168 // Set permissions for front office staff.
172 'patients'=>array('appt', 'demo', 'trans', 'notes')
174 NULL, array($front), NULL, NULL,
175 1, 1, 'write', 'Things that front office can read and modify'
178 // Set permissions for back office staff.
182 'acct'=>array('bill', 'disc', 'eob', 'rep', 'rep_a'),
183 'admin'=>array('practice', 'superbill'),
184 'encounters'=>array('auth_a', 'coding_a', 'date_a'),
185 'patients'=>array('appt', 'demo')
187 NULL, array($back), NULL, NULL,
188 1, 1, 'write', 'Things that back office can read and modify'
194 <title
>OpenEMR ACL Setup
</title
>
195 <link rel
=STYLESHEET href
="interface/themes/style_blue.css">
198 <span
class="title">OpenEMR ACL Setup
</span
>
