Uploaded image for project: 'PhenoTips'
  1. PT-2299

Add a "secure" PatientRepository component that checks access rights before performing an action

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.3-milestone-1
    • Component/s: patient-data
    • Labels:
      None
    • Sprint:

      Description

      Currently, the default PatientRepository implementation doesn't enforce any rights, as is the standard for java code, leaving the rights checking to the components that process client requests. Since both the velocity-facing script service and the REST service need to check these rights, it makes sense to move this aspect in a single place.

        Attachments

          Activity

            People

            • Assignee:
              sdumitriu Sergiu Dumitriu
              Reporter:
              sdumitriu Sergiu Dumitriu
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: