ahunter-pnwu wrote on Tuesday, November 29, 2016:
I have been trying to find a way to modify the code to only allow specific users to view their own notes on a patient in the Patient Summary page. For example, when you log in and go to a patient’s summary page, in the “Inbox” section under ‘Notes’ you can view all notes by all users on this patient’s file. We need to make it so you can only view your own notes on that patient, and nobody else’s. I have already revoked permission to access Messages for anyone other than admin level users, but this doesn’t change anything on the patient summary side.
I have looked through most of the code such as /openemr/library/pnotes.inc, /openemr/interface/patient_file/summary/pnotes.php and so on, but cannot find anywhere to set these privileges.
Does anyone have any idea or experience with modifying the ACLs on the code level, specifically with patient notes access?
Thank you!