Re: Non-clinical staff login crash

[Karsten Hilbert]

Hola a todos,

> Through trial and error, according to the errors I got (specified below) and 
> going along
> with the workaround you gave me, I have commented lines 667 to 670, and 673 
> to 676 of
> the file you mentioned (gmPG2.py).
>
> This results in being able to login, with some limitations (attached short 
> video):

Good work. The principle behind that is that non-clinical
stuff is not supposed to have access to clinical tables but
that has not been fully worked out in the code (access is
appropriately denied but handling thereof is near abysmal :-)

Again, I have checked in an improvement to be released with 1.8.20.

> - After login, I get many "Access denied" warnings/pop-ups listing the 
> plugins that I
> cannot have access to.

They are labelled with the minimum required role, indeed.

> - After all that, the client goes first to the 'Inbox' plugin (which 
> any-staff doesn't
> have access to)

For what that's worth, non-clinical staff (which any-staff
_is_ supposed to be) really should have "access" to that
plugin as per .../client/wxpython/gui/gmProviderInboxPlugin.py:

        #======================================================================
        class gmProviderInboxPlugin(gmPlugin.cNotebookPlugin):
                """Plugin to encapsulate the provider inbox window."""

                tab_name = _('Inbox')
                required_minimum_role = 'non-clinical access'

                @gmAccessPermissionWidgets.verify_minimum_required_role (
                        required_minimum_role,
                        activity = _('loading plugin <%s>') % tab_name,
                        return_value_on_failure = False,
                        fail_silently = False
                )
                def register(self):
                        gmPlugin.cNotebookPlugin.register(self)

        ...
        #======================================================================

You might want to setup a "workplace" (like a "station") for
non-clinical staff, say "reception" and define that to only
load those plugins that you wish to use for non-clinical
staff. In fact, there already is one such workplace, named
"Front Desk", intended for such purposes.

        (the list to load is stored in
        "horstspace.notebook.plugin_load_order" for each
        workplace)

Also, you can configure which plugin GNUmed is to load first

a) after searching for a patient

        the option is named "patient_search.plugin_to_raise_after_search"

b) after client startup

        that option is "horstspace.plugin_to_raise_after_startup"

> - I cannot search for patients if there is no exact match (i.e: if i write 
> 'Kirk', i can
> access him, but if I write my last name, for which I have many test patients, 
> I cannot
> get the list of the matching patients to choose from - I get access denied 
> error again).

Nice catch !  :-)

The reason being that GNUmed is retrieving additional
information for the user to eventually identify and pick the
desired patient from a list of patients matching the search
term.

I am adjusting permissions as we speak. For starters you may want to

        jessie@deb-vivobook:$ psql -d gnumed_v22 -U gm-dbo -f 
the-file-attached-to-this-mail

> But if there's an exact match, I can access the patient and add them to the 
> waiting list.

In fact, it need not be an *exact* match but rather a *singular* match :-)

In that case, additional information is not loaded and
thusly no permission error.

Best,
Karsten
--
GPG  40BE 5B0E C98E 1713 AFA6  5BC0 3BEA AC80 7D4F C89B

v22-dem-v_pat_addresses-fixups.sql
Description: application/sql