How to deny access to all reports

Using ACL isn’t helpful because once you choose an option the user will be granted access to all reports associated to this option. For example if you grant financial write, you will also grant the user access to financial reports. Only accounting and admins should have access to this data.

create a custom menu

1 Like

@stephenwaite
Thanks for your kind reply. I did however try to use PHPGACL and created a new ARO group admin and made all ACLs as deny but once i used any function it automatically allowed the reports section of this specific function.

can cp standard menu to a file named custom.json in the same directory and then assign users that Main menu role

edit json menu role to assign stricter acl

detailed explanation thread

1 Like

what does cp stand for ?

i opened \openemr\interface\main\tabs\menu\menus\standard.json and changed “requirement”: 0 to 1 but no change

cp = copy, that way you preserve your original standard menu

would revert the 0 to 1 change and instead change rep_a to admin

1 Like

@stephenwaite
changed all rep_a to admin in all reports related parts of code and successfully denied access to non admins, mission accomplished :clap:
Of course I got a couple of JSON errors and wasn’t able to log in when something unnecessary was changed or missing a special character. Again does updating version or patch in the future will have any impact or its irrelevant? Anyway i backed up the original JSON just in case.

Finished my day on a happy note :partying_face:

nicely done, would add custom.json to your list of customizations to bring in after an upgrade; it won’t be affected by a patch since the file doesn’t exist in the community repo

1 Like