https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37144
--- Comment #33 from David Cook <dc...@prosentient.com.au> --- (In reply to Laura Escamilla from comment #32) > In summary, the new subpermission would integrate with existing permissions > by adding a layer of control over access to sensitive data, thus bridging > the privacy gap without undermining the functionality of broader permissions > like "list_borrowers." > > I hope this clarifies how the new subpermission complements and enhances the > existing permission structure. Please let me know if you need further > details or have additional questions. Thanks for that, Laura. I think that I understand what you're saying. In other words, anyone currently with "list_borrowers" (also "edit_borrowers" for legacy reasons although we didn't give all "edit_borrowers" the "list_borrowers" permission when it came out as "edit_borrowers" could still do everything "list_borrowers" could do) would also need "view_contact_information" in order to continue seeing the information they're currently seeing. At a glance, I don't see a patch attached that performs that update. Without it, I think a lot of Koha staff users would become very unhappy in prod. In some ways, it's a shame this isn't implemented via Koha::Patron. If it were, it could be unit tested. (For instance, Koha::Patron could have a method that restricts the display of certain information, and ./members/moremember.pl could invoke that method based on the permission that the session user has.) That actually reminds me... I thought Tomas and Martin previously were working on something like that, but I can't remember the details now. With it as a template change, we should probably have some Selenium tests. Actually Selenium tests would be good in either case, since we're talking about restricting sensitive information. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
