Fw: Question on Feedback Item

Hi Product Committee,

I would like to share a private discussion with the group in case any others have similar questions or concerns. We’re making a concerted effort to move away from emails and towards forums / google groups so that questions and answers are in the public domain for current and future adopters of OpenLMIS.

This topic started when I followed up with Gaurav and Lakshmi about comments they embedded in the re-architecture end-state document.

Cheers,

···

Kevin Cussen

Technology Manager

Village****Reach* ** Starting at the Last Mile*

2900 Eastlake Ave. E, Suite 230, Seattle, WA 98102, USA

CELL: 1.206.604.4209

www.villagereach.org

Connect on Facebook, Twitter** ** and our Blog


From: Lakshmi Balachandran lbalachandran@clintonhealthaccess.org

Sent: Monday, December 7, 2015 12:21

To: Kevin Cussen; Gaurav Bhattacharya

Cc: Rich Magnuson

Subject: RE: Question on Feedback Item

Hi Kevin,

Great, this makes sense, no further questions.

Thanks!

Lakshmi

From: Kevin Cussen [mailto:kevin.cussen@villagereach.org]

Sent: Monday, December 7, 2015 3:18 PM

To: Lakshmi Balachandran; Gaurav Bhattacharya

Cc: Rich Magnuson

Subject: Re: Question on Feedback Item

Hi Lakshmi,

Since OpenLMIS is flexible and agnostic about the structure and levels of geographical hierarchies, being able to see only the data relevant to a particular state or district would require setting up a your supervisory nodes in a structure the matches to your state or district boundaries. However, after discussing with Rich we both agree this is totally possible. That said, I’ll still add the following user stories to the list (They just may already be met):

  • As an implementer of OpenLMIS I want to be able to define what facilities specific users have visibility into so that they can view data at only the facilities where their role demands visibility *

  • As an implementer of OpenLMIS I want to be able to define what facilities specific users have the ability to edit so that they can edit data at only the facilities where their role demands edit rights *

Furthermore, you can assign Roles at the program / supervisory node / user level as well (see embedded).

Thanks for helping me get clarity, I’m going to forward this on to the product committee for community enrichment. Let me know if anything remains unclear on your end.

Cheers,

Kevin Cussen

Technology Manager

Village****Reach* ** Starting at the Last Mile*

2900 Eastlake Ave. E, Suite 230, Seattle, WA 98102, USA

CELL: 1.206.604.4209

www.villagereach.org

Connect on Facebook, Twitter** ** and our Blog


From: Lakshmi Balachandran lbalachandran@clintonhealthaccess.org

Sent: Monday, December 7, 2015 11:43

To: Kevin Cussen; Gaurav Bhattacharya

Cc: Rich Magnuson

Subject: RE: Question on Feedback Item

Hi Kevin,

Absolutely, feel free to move the conversation to the product forum.

By geography, I meant being assigned to a state/district/etc. and being able to see only that region’s data (very similar to a program but at a regional level). So for example, we may create a “State Store Officer” role with certain permissions. The store officer at the Malaria warehouse in Kano state (Nigeria) should only be able to see and action on data related to Malaria in Kano – so no access to Abuja state data and no access to TB data for e.g. Is that how supervisory nodes are set up too?

Lakshmi

From: Kevin Cussen [mailto:kevin.cussen@villagereach.org]

Sent: Monday, December 7, 2015 1:49 PM

To: Lakshmi Balachandran; Gaurav Bhattacharya

Cc: Rich Magnuson

Subject: Re: Question on Feedback Item

Hi Lakshmi,

Sure - check out the embedded picture. What exists right now is the ability to create rights and assign them to Roles which you can assign to users. An example of a right would be “Requisition - Convert to Order” which you would assign to a storeroom manager role to take a requisition and issue. Furthermore, you can assign programs such as Malaria to a user. The intersection of this role and program would, I think, define what you’re asking for. As to geography, there is an idea of a chain of “supervisory nodes” which defines who approves of actions for others. In general you can have visibility into those below you on the chain and no visibility into those above. I don’t know if this is where you’re going with “geography” though - so we can discuss. Regardless, I’m seeing two stories here:

As an implementer of OpenLMIS, I want to be able to define new roles (a set of permissions) for my users so that they can do the activities they need for their responsibilities.

As an implementer of OpenLMIS, I want to be able to define new permissions for my users so that I can define access for my users to new functionality I create

cc’ing Rich to double check I’m describing the structure correctly. Also, would you mind if I moved this conversation into the product forum? I’m thinking this discussion could be helpful to others as part of the public domain.

Cheers,

Kevin Cussen

Technology Manager

Village****Reach* ** Starting at the Last Mile*

2900 Eastlake Ave. E, Suite 230, Seattle, WA 98102, USA

CELL: 1.206.604.4209

www.villagereach.org

Connect on Facebook, Twitter** ** and our Blog


From: Lakshmi Balachandran lbalachandran@clintonhealthaccess.org

Sent: Monday, December 7, 2015 04:26

To: Kevin Cussen; Gaurav Bhattacharya

Subject: RE: Question on Feedback Item

Hi Kevin,

Sure, let’s do that. We may be misunderstanding OpenLMIS’ current user access structure as well.

Thanks,

Lakshmi

From: Kevin Cussen [mailto:kevin.cussen@villagereach.org]

Sent: Friday, December 4, 2015 7:54 PM

To: Gaurav Bhattacharya

Cc: Lakshmi Balachandran

Subject: Question on Feedback Item

Hi Gaurav & Lakshmi,

I had a question on some of the feedback you provided, italicized below:

  • This may need to be a separate output, but access to UI/modules (e.g. VIMS/data) should be governed by user roles and programs. i.e. there needs to be a multi level user access allocation process - by role, by geography, by program.*

for e.g. we define a PM role, which will have certain access rights (no admin, no data entry, yes report generation). Then select their geography which will define which regions’ data they can/cannot view. Then select program, which then defines which programs’ data they can/cannot view.

– Malaria PM in Kano state will have access to reports for Malaria data in Kano*

I believe this is the current structure of OpenLMIS. You can create additional user profiles and assign them permissions. Perhaps we could chat next week on what granularity you would like to see in this?

Cheers,

Kevin Cussen

Technology Manager

Village****Reach* ** Starting at the Last Mile*

2900 Eastlake Ave. E, Suite 230, Seattle, WA 98102, USA

CELL: 1.206.604.4209

www.villagereach.org

Connect on Facebook, Twitter** ** and our Blog