 PHC Hub Administrator
User Guide (v. March 2018)
|
IWeb
User Role Access and Permissions
There are two basic permission checks that are performed in PHC Hub:
- A login source check determines whether you
can access the application the way you are trying to (HL7 Realtime,
IWeb, Linkover,
Webservice, or Web Interface).
For example, a Facility Client with Upload HL7 access can submit HL7
messages via the Realtime Interface, but cannot log in using the Web
Interface. Conversely, a Registry Client user may log in using the
Web Interface, but cannot submit message through the HL7 Realtime
Server unless they are granted that permission in IWeb.
- A second check determines the user's allowed
modes or roles which drive the rest of the behavior primarily for
users that logged in via the Web Interface and IWeb Linkover. This
check happens via a central mechanism in Permisison.java
due to each page identifying itself as having a "PermissionId"
with "Permission objects" constructed to grant access to
IDs based on an array of modes.
For example, an Organization Client user may log in through the Web
Interface, but cannot create new import profiles or administer the
application because they don't have the Admin role. A Registry Client
user can log in through the Web Interface, administer the application
settings, and create import/export profiles, but cannot access the
Interface Status Manager unless they are granted the Project Tracker
permission in IWeb.
The following defines the interaction between IWeb
user roles and PHC Hub
permissions:
- Login
- User can log in to the PHC Hub
user interface (UI)
- Admin
- User can modify application and profile settings and perform other
administrative tasks
- Projects
- User can access PHC Hub
Project Tracker functionality
- Import
- User can submit HL7 updates (VXUs)
- Test
- User can access PHC Hub's
HL7 testing/troubleshooting tools
- Review
- User can review incoming messages and their associated validation
results
- WS Export
- User can access PHC Hub's
patient demographic export web service
| Access Level |
Login1 |
Admin2 |
Projects3 |
Import4 |
Test |
Review |
WS Export5 |
| Registry Client |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
| Registry View |
Yes |
No |
No |
No |
Yes |
Yes |
Yes |
| Organization Client |
Yes |
No |
No |
Yes |
Yes |
Yes |
No |
| Organization View |
Yes |
No |
No |
No |
Yes |
Yes |
No |
| Facility Client |
Yes |
No |
No |
Yes |
Yes |
Yes |
No |
| Facility View |
Yes |
No |
No |
No |
Yes |
Yes |
No |
| No Login |
No |
No |
No |
Yes |
No |
No |
Yes |
1Requires "PHC Hub Access" permission.
2Requires "System Administrator" permission.
3Requires "Project Tracker Access" permission.
4Requires "Upload HL7 Access" permission.
5Requires "PHC Hub
Run Web Service Export" permission.
6Review access is limited to the data/reports appropriate to
the access level and the providers the logged in user is associated with.
Related topics:
