acl_setup.php

   1 <?php
   2  // Copyright (C) 2005 Rod Roark <rod@sunsetsystems.com>
   3  //
   4  // This program is free software; you can redistribute it and/or
   5  // modify it under the terms of the GNU General Public License
   6  // as published by the Free Software Foundation; either version 2
   7  // of the License, or (at your option) any later version.
   8
   9  // This program may be run after phpGACL has been installed, to
  10  // create the Access Control Objects and their sections as required
  11  // by OpenEMR.  Also created are some sample ARO groups, an "admin"
  12  // ARO, and some reasonable ACL entries for the groups.
  13
  14  include_once('library/acl.inc');
  15
  16  if (! $phpgacl_location) die("You must first set up library/acl.inc to use phpGACL!");
  17
  18  include_once("$phpgacl_location/gacl_api.class.php");
  19
  20  $gacl = new gacl_api();
  21
  22  // Create the ACO sections.  Every ACO must have a section.
  23  //
  24  $gacl->add_object_section('Accounting'    , 'acct'      , 10, 0, 'ACO');
  25  $gacl->add_object_section('Administration', 'admin'     , 10, 0, 'ACO');
  26  $gacl->add_object_section('Encounters'    , 'encounters', 10, 0, 'ACO');
  27  $gacl->add_object_section('Patients'      , 'patients'  , 10, 0, 'ACO');
  28  $gacl->add_object_section('Squads'        , 'squads'    , 10, 0, 'ACO');
  29
  30  // Create Accounting ACOs.
  31  //
  32  $gacl->add_object ('acct', 'Billing (write optional)'           , 'bill' , 10, 0, 'ACO');
  33  $gacl->add_object ('acct', 'EOB Data Entry'                     , 'eob'  , 10, 0, 'ACO');
  34  $gacl->add_object ('acct', 'Financial Reporting - my encounters', 'rep'  , 10, 0, 'ACO');
  35  $gacl->add_object ('acct', 'Financial Reporting - anything'     , 'rep_e', 10, 0, 'ACO');
  36
  37  // Create Administration ACOs.
  38  //
  39  $gacl->add_object ('admin', 'Superuser'                       , 'super'    , 10, 0, 'ACO');
  40  $gacl->add_object ('admin', 'Calendar Settings'               , 'calendar' , 10, 0, 'ACO');
  41  $gacl->add_object ('admin', 'Database Reporting'              , 'database' , 10, 0, 'ACO');
  42  $gacl->add_object ('admin', 'Forms Administration'            , 'forms'    , 10, 0, 'ACO');
  43  $gacl->add_object ('admin', 'Practice Settings'               , 'practice' , 10, 0, 'ACO');
  44  $gacl->add_object ('admin', 'Superbill Codes Administration'  , 'superbill', 10, 0, 'ACO');
  45  $gacl->add_object ('admin', 'Users/Groups/Logs Administration', 'users'    , 10, 0, 'ACO');
  46  $gacl->add_object ('admin', 'Batch Communication Tool'            , 'batchcom' , 10, 0, 'ACO');
  47
  48  // Create ACOs for encounters.
  49  //
  50  $gacl->add_object ('encounters', 'Authorize - my encounters'                        , 'auth'    , 10, 0, 'ACO');
  51  $gacl->add_object ('encounters', 'Authorize - any encounters'                       , 'auth_a'  , 10, 0, 'ACO');
  52  $gacl->add_object ('encounters', 'Coding - my encounters (write,wsome optional)'    , 'coding'  , 10, 0, 'ACO');
  53  $gacl->add_object ('encounters', 'Coding - any encounters (write,wsome optional)'   , 'coding_a', 10, 0, 'ACO');
  54  $gacl->add_object ('encounters', 'Notes - my encounters (write,addonly optional)'   , 'notes'   , 10, 0, 'ACO');
  55  $gacl->add_object ('encounters', 'Notes - any encounters (write,addonly optional)'  , 'notes_a' , 10, 0, 'ACO');
  56  $gacl->add_object ('encounters', 'Fix encounter dates - any encounters'             , 'date_a'  , 10, 0, 'ACO');
  57  $gacl->add_object ('encounters', 'Less-private information (write,addonly optional)', 'relaxed' , 10, 0, 'ACO');
  58
  59  // Create ACOs for patients.
  60  //
  61  $gacl->add_object ('patients', 'Appointments (write optional)'           , 'appt' , 10, 0, 'ACO');
  62  $gacl->add_object ('patients', 'Demographics (write,addonly optional)'   , 'demo' , 10, 0, 'ACO');
  63  $gacl->add_object ('patients', 'Medical/History (write,addonly optional)', 'med'  , 10, 0, 'ACO');
  64  $gacl->add_object ('patients', 'Transactions (write optional)'           , 'trans', 10, 0, 'ACO');
  65  $gacl->add_object ('patients', 'Documents (write,addonly optional)'      , 'docs' , 10, 0, 'ACO');
  66  $gacl->add_object ('patients', 'Patient Notes (write,addonly optional)'  , 'notes', 10, 0, 'ACO');
  67
  68  // Create ARO groups.
  69  //
  70  $users = $gacl->add_group('users', 'OpenEMR Users' , 0     , 'ARO');
  71  $admin = $gacl->add_group('admin', 'Administrators', $users, 'ARO');
  72  $clin  = $gacl->add_group('clin' , 'Clinicians'    , $users, 'ARO');
  73  $doc   = $gacl->add_group('doc'  , 'Physicians'    , $users, 'ARO');
  74  $front = $gacl->add_group('front', 'Front Office'  , $users, 'ARO');
  75  $back  = $gacl->add_group('back' , 'Accounting'    , $users, 'ARO');
  76
  77  // Create a Users section for the AROs (humans).
  78  //
  79  $gacl->add_object_section('Users', 'users', 10, 0, 'ARO');
  80
  81  // Create the Administrator in the above-created "users" section
  82  // and add him/her to the above-created "admin" group.
  83  //
  84  $gacl->add_object('users', 'Administrator', 'admin' ,10, 0, 'ARO');
  85  $gacl->add_group_object($admin, 'users', 'admin', 'ARO');
  86
  87  // Set permissions for administrators.
  88  //
  89  $gacl->add_acl(
  90   array(
  91    'acct'=>array('bill', 'eob', 'rep', 'rep_e'),
  92    'admin'=>array('calendar', 'database', 'forms', 'practice', 'superbill', 'users','batchcom'),
  93    'encounters'=>array('auth_a', 'coding_a', 'notes_a', 'date_a'),
  94    'patients'=>array('appt', 'demo', 'med', 'trans', 'docs', 'notes')
  95   ),
  96   NULL, array($admin), NULL, NULL,
  97   1, 1, 'write', 'Administrators can do anything'
  98  );
  99
 100  // Set permissions for physicians.
 101  //
 102  $gacl->add_acl(
 103   array(
 104    'acct'=>array('rep'),
 105    'encounters'=>array('auth_a', 'coding_a', 'notes_a', 'date_a'),
 106    'patients'=>array('appt', 'demo', 'med', 'trans', 'docs', 'notes')
 107   ),
 108   NULL, array($doc), NULL, NULL,
 109   1, 1, 'write', 'Things that physicians can read and modify'
 110  );
 111
 112  // Set permissions for clinicians.
 113  //
 114  $gacl->add_acl(
 115   array(
 116    'encounters'=>array('notes', 'relaxed'),
 117    'patients'=>array('demo', 'med', 'docs', 'notes')
 118   ),
 119   NULL, array($clin), NULL, NULL,
 120   1, 1, 'addonly', 'Things that clinicians can read and enter but not modify'
 121  );
 122  $gacl->add_acl(
 123   array(
 124    'encounters'=>array('coding'),
 125    'patients'=>array('appt')
 126   ),
 127   NULL, array($clin), NULL, NULL,
 128   1, 1, 'write', 'Things that clinicians can read and modify'
 129  );
 130
 131  // Set permissions for front office staff.
 132  //
 133  $gacl->add_acl(
 134   array(
 135    'patients'=>array('appt', 'demo', 'trans', 'notes')
 136   ),
 137   NULL, array($front), NULL, NULL,
 138   1, 1, 'write', 'Things that front office can read and modify'
 139  );
 140
 141  // Set permissions for back office staff.
 142  //
 143  $gacl->add_acl(
 144   array(
 145    'acct'=>array('bill', 'eob', 'rep', 'rep_e'),
 146    'admin'=>array('practice', 'superbill'),
 147    'encounters'=>array('auth_a', 'coding_a', 'date_a'),
 148    'patients'=>array('appt', 'demo')
 149   ),
 150   NULL, array($back), NULL, NULL,
 151   1, 1, 'write', 'Things that back office can read and modify'
 152  );
 153
 154 ?>
 155 <html>
 156 <head>
 157 <title>OpenEMR ACL Setup</title>
 158 <link rel=STYLESHEET href="interface/themes/style_blue.css">
 159 </head>
 160 <body>
 161 <span class="title">OpenEMR ACL Setup</span>
 162 <br><br>
 163 <span class="text">
 164
 165 All done!
 166
 167 </span>
 168
 169 </body>
 170 </html>