e-Signature (roots_hemms_signature)¶
A thin Layer 3 bridge that wires OCA sign_oca onto the two HEMMS records where offline paper signing hurts most:
- Annual ปจป. inspection report — committee chair + 2 members sign inside Odoo with a chained-hash audit trail; replaces the paper round-trip for HA Thailand evidence
- Service / MA contracts — external vendor signs via portal email link, hospital authorized signer co-signs in-app; signed PDF lands on the contract chatter automatically
What you get¶
| Feature | Where | Status |
|---|---|---|
| "Send for Signature" header button | Inspection form (state=submitted) and Contract form | ✅ Q4.3 / Q4.4 |
| Smart button "📝 N Sign Requests" | Both forms | ✅ Q4.3 / Q4.4 |
| Live qweb PDF rendered at signing time | Inspection report + new contract summary | ✅ Q4.3 / Q4.4 |
| Portal signing for vendors (email link) | Contract flow only | ✅ Q4.4 |
| Multi-signer requests (any order — no workflow ordering) | Both | ✅ — OQ2 locked |
| Chained SHA-256 audit trail per signer | Both — built into sign_oca | ✅ |
| Final signed PDF attached to parent chatter | Both — _check_signed hook | ✅ Q4.5 |
| "Digitally Signed" stamp on the printed report | Both PDFs | ✅ Q4.3 / Q4.4 |
| Pre-built demo templates | One per bridged model | ✅ Q4.3 / Q4.4 |
What it deliberately does NOT do (V1)¶
| Item | Why | Future |
|---|---|---|
| Internal sign-offs (BME Manager / Ward / PM monthly) | OQ1 — paper for V1; hospital workflows still tolerate paper at these points | Q5+ |
| Sequential signing order (e.g. chair must sign last) | OQ2 — added complexity not worth it for V1 | Q5+ |
State gating (contract active requires signed) | OQ3 — signing is a parallel facet, not a lifecycle gate | Q5+ |
| OTP / 2FA at sign moment | On the upstream sign_oca roadmap; not built | Q6+ |
| PKI / ETDA Level 2 certified signatures | On the upstream sign_oca roadmap; not built | Q6+ |
Bridge on maintenance.request | OQ1 — internal sign-offs deferred | Q5+ |
Compliance positioning¶
The signature engine provides ETDA Level 1 equivalent: a canvas signature image with chained SHA-256 hashes, IP-stamped audit log entries, and a certificate page per request. This is sufficient for:
- HA Thailand audit evidence on ปจป. inspections (paper trail replacement)
- Internal record-keeping for warranty/MA contracts
- Demonstrating "who signed what, when, and from where" to auditors
It is NOT sufficient for:
- Court-defensible signatures requiring a CA-issued certificate (ETDA Level ⅔)
- Cross-border contracts where signers' national e-signature laws require qualified electronic signatures
For those scenarios, sign the document externally via a certified provider and upload the resulting PDF to the record's chatter via the standard attachment widget. The HEMMS layer does not block this fallback — it complements it.
Module relationships¶
┌─────────────────────────────────────────────────────────────────┐
│ Layer 3 — Hospital lens │
│ roots_hemms_signature (LGPL-3, this module) │
│ ├ bridges hemms.asset.inspection (Q4.3) │
│ ├ bridges hemms.service.contract (Q4.4) │
│ └ extends sign.oca.request._check_signed (Q4.5) │
└─────────────────────────────────────────────────────────────────┘
▲
│ depends
┌─────────────────────────────────────────────────────────────────┐
│ Layer 2 — OCA building block │
│ sign_oca (AGPL-3, vendored from OCA/sign 18.0) │
│ ├ sign.oca.template / item / role / field │
│ ├ sign.oca.request / signer / log │
│ └ OWL-based signing UI + portal + certificate report │
└─────────────────────────────────────────────────────────────────┘
Related pages¶
- Get Started — install + your first signed inspection
- Configuration — roles, templates, hospital signer setup
- Workflows — the inspection and contract signing flows step-by-step