Permissions

This document details the Permissions feature found under Settings in your HelloClinic system. This page is central to system security management, allowing you to precisely control different employees' access to system functions through Roles.

Feature Overview

The Permissions module uses an advanced "Role-Based Access Control (RBAC)" mechanism. The core idea is that you don't need to set permissions individually for each employee. Instead, you first create Roles with specific permission combinations, and then assign these roles to employees.

How it works:

1. Create Roles: You can first create roles such as "Doctor," "Nurse," "Front Desk Receptionist," "Clinic Manager."
2. Set Permissions: For each role, check the functional modules that role can access. For example, the "Front Desk Receptionist" role might access "Appointments" and "Checkout" but not "Consultation Records" or "Finance Reports."
3. Assign Roles: On the "Employees" management page, assign a corresponding role to each employee.

This approach makes permission management systematic, secure, and easy to maintain. When you need to adjust permissions for a category of employees, you only need to modify the corresponding role, and all employees assigned to that role will have their permissions updated simultaneously.

Main Interface Description

The main interface is divided into a "Background List" and a "New Role" window that appears when you click "+ Add Role."

1. Role List and Search

This is where you manage all your established roles.

• Search: You can enter keywords for the role name to quickly find it.
• Add Role Button:
  • [+ Add Role]: Located in the top right corner of the page, click this button to add a new user role.
• List Fields:

Field Name	English Name	Description
角色	Role	The name of the role, e.g., SuperAdmin, Doctor.
權限	Permissions	A brief list of the main permissions this role possesses.
操作	Actions	Operations that can be performed on this role (e.g., 🔍 View, ✏️ Edit).

2. New Role Window

After clicking the [+ Add Role] button, this form will pop up for you to define the permissions for the new role.

Main Operation Workflow

How to Add a New User Role?

1. On the "Permissions" main page, click the [+ Add Role] button in the top right corner.

2. The "Create Role" form window will appear.

3. Please fill in the following fields in order:

   • Role Name (Required): Enter a clear and understandable role name, such as "Nurse" or "Front Desk Manager."
   • Permissions (Permission Settings):
     • This is the most crucial step. You need to carefully select all the system permissions you want to grant to this role.
     • Operation Tip: Adopt the "principle of least privilege," checking only the items necessary for that role to perform its duties.
     • Examples:
       • For a "Front Desk Receptionist" role, you might check Appointment, Checkout, Patient.
       • For a "Doctor" role, you might check Appointment, Consultation, Patient, Drug, etc.
       • Please grant permissions cautiously for high-level administrative items such as Settings, Permissions, Subscription, User (employee management), as these should typically only be granted to the clinic's top administrator (SuperAdmin).

4. Once you've finished selecting the permissions, click the [Create] button in the bottom right corner.

How to Apply Created Roles?

1. Create Roles: On this page (Settings -> Permissions), create all the roles your clinic needs.
2. Assign to Employees: Go to the "Settings -> Employees" page.
3. When adding or editing an employee's profile, you will see a "Role" dropdown menu. Select one of the roles you just created and assign it to this employee.
4. After saving, the employee's account will immediately be subject to the permissions of this role. The next time they log in, they will only be able to see and operate the allowed functions.