> > I see. What's special about these users? Should they have special > > permissions? Usually it's advisable to use groups for this kind of > > specialization. >
They're special for two reasons: 1) As you said: permissions. I created a group "Psychologists" (most of the real names will be in Spanish, I translate here), and gave access to menus and models (made it in a "xml" file). I didn't get to try to give access to specific fields (which could be useful in some cases) but I can do what I basically need with the others. 2) More fields needed, and management by the group of "Managers". They are part of the "management model" that the managers of the center need to see. "Managers" is another group (system users), that has to be able, for example, to create a Psychologist, change its data, give it permissions to be a Psychologist (if necessary), assign "Patients" (part of the "management model" but not users) to Psychologists, make appointments that involve Psychologists, and other things that mostly don't involve the class Psychologist. > If you describe the actual requirements rather than the technical > details about your current solution, we might be able to show you some > easier approaches. Resuming: Psychologists are both part of another group's "management model" and also "system users" (Patients are only a "management model", and "Managers" are only "system users", so they're easy to handle, but Psychologists are both). I have seen the "GNU Health" system but didn't like the way it solves that situation (Physicians), partly because of the GUI problem I told you before, partly because of security issues. - The GUI problem is nothing for me as a user (or any of you, I believe) because we can clearly see in the levels of abstraction of different models, but for the end users things may not be as clear... and making a "new-new-new" user (in many "layers") to create a Physician would surely create many complains to me here :) - The "security" problem I see (not that important) is that the "internal user" is not "hardwired" to the "management model" registry, so it may lead to a mistake in which a "manager" assigns a user previously created to a Physician, and it has the wrong permissions. My solution is not complete so I can't say it is better by now, anyway. Thanks again for your answer. Regards, Miguel Tasende -- -- [email protected] mailing list
