dhis2-devs-core team mailing list archive

Thread
Date

Re: Read only access to orgunits

To: Bob Jolliffe <bobjolliffe@xxxxxxxxx>
From: Lars Helge Øverland <larshelge@xxxxxxxxx>
Date: Thu, 2 Apr 2015 18:58:02 +0200
Cc: DHIS 2 Core developers list <dhis2-devs-core@xxxxxxxxxxxxxxxxxxx>, Rangarirai Matavire <matavirer@xxxxxxxxx>
In-reply-to: <CACd=f9edyxXbgYPax584f9BjhCUPYAS=FW3nvondvyfBNtmxOQ@mail.gmail.com>

Hi Bob,

yes that is correct.

You can read but of course not create org units without explicit authority.

For most objects we now have "sharing" applied, which means you could make
that meta-data private (hidden). We do not have sharing for org units due
to the nature of the hierarchy (would be problematic if some higher-level
org units were private/hidden).

regards,

Lars

On Thu, Apr 2, 2015 at 6:36 PM, Bob Jolliffe <bobjolliffe@xxxxxxxxx> wrote:

> Hi
>
> I am struggling to find an required authority to create a user which
> has readonly access to the orgunits.
>
> Specifically I want to create an account for a facility registry type
> client who can read orgunits (+groups, levels, attributes) from the
> api - and no acces to anything else.  Am I missing something silly?
> The default seems to be If I create a user with no privileges
> whatsoever that user has access to the api metadata and resource
> endpoints.  Is that the way it is?
>
> Cheers
> Bob
>
> --
> Mailing list: https://launchpad.net/~dhis2-devs-core
> Post to     : dhis2-devs-core@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-devs-core
> More help   : https://help.launchpad.net/ListHelp
>

Follow ups

Re: Read only access to orgunits
From: Rangarirai Matavire, 2015-04-23

References

Read only access to orgunits
From: Bob Jolliffe, 2015-04-02