Global roles

Create a role

Creating a system-wide role requires the CREATE_ROLE permission on a system level. The following example shows how you can do this using the Extra Horizon SDK:

const myNewRole = await exh.users.globalRoles.create({
  name: 'myRole',
  description: 'myNewRoleDescription',
});

Attach permissions to a role

const rql = rqlBuilder().eq('id', myNewRole.id).build();
await exh.users.globalRoles.addPermissions(rql, {
  permissions: [GlobalPermissionName.ADD_PATIENT],
});

Attach a role to a user

const rql = rqlBuilder().eq('email', 'john.doe@example.com').build();
await exh.users.globalRoles.addToUsers(rql, {
  roles: [myNewRole.id],
});

Remove a role from a user

const rql = rqlBuilder().eq('email', 'john.doe@example.com').build();
await exh.users.globalRoles.removeFromUser(rql, {
  roles: [myNewRole.id],
});

Permissions

There are more permissions that you can attach to system roles that affect the allowed actions in other services. An overview of those permissions can be found in the designated service documentation.

Last updated