HH/SOURCE_USER_STRICT_ACCESS.md

# PX Source User - Strict Access Control

## Overview

PX Source Users have **STRICT LIMITED ACCESS** to the system. They can ONLY access:
1. `/px-sources/*` pages (their dedicated portal)
2. Password change page
3. Basic settings page
4. Logout

**ALL other URLs are blocked and redirected to `/px-sources/dashboard/`**

---

## Implementation

### 1. Middleware (`apps/px_sources/middleware.py`)

```python
class SourceUserRestrictionMiddleware:
    """
    STRICT middleware that restricts source users to ONLY:
    1. /px-sources/* pages
    2. Password change
    3. Settings
    4. Logout
    """
    
    ALLOWED_PATH_PREFIXES = ['/px-sources/']
    ALLOWED_URL_NAMES = {
        'accounts:password_change',
        'accounts:settings',
        'accounts:logout',
        'accounts:login',
    }
```

### 2. Settings Configuration

Added to `config/settings/base.py`:
```python
MIDDLEWARE = [
    ...
    'apps.px_sources.middleware.SourceUserRestrictionMiddleware',
    ...
]
```

### 3. View-Level Enforcement

Updated views to redirect source users:
- `CommandCenterView.dispatch()` - redirects to `/px-sources/dashboard/`
- `my_dashboard()` - redirects to `/px-sources/dashboard/`
- `@block_source_user` decorator - redirects to `/px-sources/dashboard/`

---

## Allowed URLs for Source Users

| URL | Access | Description |
|-----|--------|-------------|
| `/px-sources/dashboard/` | ✅ | Source User Dashboard |
| `/px-sources/complaints/` | ✅ | List their complaints |
| `/px-sources/complaints/new/` | ✅ | Create new complaint |
| `/px-sources/inquiries/` | ✅ | List their inquiries |
| `/px-sources/inquiries/new/` | ✅ | Create new inquiry |
| `/accounts/password/change/` | ✅ | Change password |
| `/accounts/settings/` | ✅ | Basic settings |
| `/accounts/logout/` | ✅ | Logout |
| `/static/*` | ✅ | Static files (CSS/JS) |
| `/media/*` | ✅ | Media files |
| `/i18n/*` | ✅ | Language switching |

---

## Blocked URLs (Redirected to `/px-sources/dashboard/`)

| URL | Blocked | Behavior |
|-----|---------|----------|
| `/` | ✅ | Redirected |
| `/dashboard/my/` | ✅ | Redirected |
| `/dashboard/admin-evaluation/` | ✅ | Redirected |
| `/analytics/*` | ✅ | Redirected |
| `/surveys/*` | ✅ | Redirected |
| `/complaints/` | ✅ | Redirected |
| `/complaints/inquiries/` | ✅ | Redirected |
| `/organizations/*` | ✅ | Redirected |
| `/config/*` | ✅ | Redirected |
| `/actions/*` | ✅ | Redirected |
| `/physicians/*` | ✅ | Redirected |
| `/px-sources/` (admin pages) | ✅ | Redirected |
| `/px-sources/new/` | ✅ | Redirected |
| `/px-sources/<id>/edit/` | ✅ | Redirected |

---

## Testing

### Test Cases

1. **Login as Source User**
   - Visit: `/`
   - Expected: Redirected to `/px-sources/dashboard/`

2. **Try to access Command Center**
   - Visit: `/dashboard/my/`
   - Expected: Redirected to `/px-sources/dashboard/`

3. **Try to access Surveys**
   - Visit: `/surveys/`
   - Expected: Redirected to `/px-sources/dashboard/`

4. **Try to access Staff**
   - Visit: `/organizations/staff/`
   - Expected: Redirected to `/px-sources/dashboard/`

5. **Access Source User Portal**
   - Visit: `/px-sources/dashboard/`
   - Expected: ✅ Works!

6. **Access Password Change**
   - Visit: `/accounts/password/change/`
   - Expected: ✅ Works!

7. **Create Complaint**
   - Visit: `/px-sources/complaints/new/`
   - Expected: ✅ Works!

---

## Security Notes

1. **Middleware runs on EVERY request** - Cannot be bypassed
2. **No error messages** - Silent redirect for better UX
3. **Whitelist approach** - Only explicitly allowed URLs work
4. **Superusers excluded** - Superusers bypass all restrictions
5. **Static files allowed** - Required for CSS/JS to work

---

## Files Modified

1. `apps/px_sources/middleware.py` - Updated `SourceUserRestrictionMiddleware`
2. `config/settings/base.py` - Added middleware to MIDDLEWARE list
3. `apps/dashboard/views.py` - Added redirects in views
4. `apps/core/decorators.py` - Updated `@block_source_user` decorator

---

**Last Updated**: 2026-02-25