https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41845
--- Comment #3 from David Cook <[email protected]> --- (In reply to Caroline Cyr La Rose from comment #2) > I think what bugs me most is that when I check the main "Cataloging" > permission (editcatalogue), it also checks the restrictive permission > (edit_items_restricted) which means that you think the person has all > permissions in cataloging, but in fact they don't. Oh wow... that is really bad. I've never noticed that before as I don't have many libraries using the syspref SubfieldsToAllowForRestrictedEditing. But yikes! That has to be a bug. And yet... yeah... that really exposes just how bad that permission is designed. It could be improved a bit so that if you have the full editcatalogue permission it doesn't apply the restriction (like how it doesn't apply the restriction to superlibrarian) but still... not good. > I'm not sure how the revamp will affect the UI, but I think that if continue > to have restrictive permissions, if you check the "main" permission of a > group, it should NOT include the restrictive permissions (i.e. checking > editcatalogue should check everything in that section EXCEPT > edit_items_restricted) Well, the issue isn't really with "edit_items_restricted" being checked, because if you have full editcatalogue permission, you don't have the subpermission stored in the database. It's just an implied subpermission given you have the full top-level permission. I agree though that someone with full "editcatalogue" permission shouldn't have "edit_items_restricted" apply to them. I don't know that a "restriction" category would necessarily make sense since the restrictions wouldn't be grouped in any other way other than being restrictions... Personally, I would love to see "policies" that allow/deny actions, which could then be attached to individuals or patron categories. I could imagine some stock policies like "cataloguer" which people could then tailor, and "limited_cataloguer" could be made and have "edit_items_restricted" added. But then how to categorise those permissions vs restrictions in whatever hypothetical editor we came up with... But yeah... it's the permission/subpermission inheritance thing which is really the problem here... I'm not sure how to solve this one with our current permission system. I really dislike that things like "edit_items_restricted" and "view_borrower_infos_from_any_libraries" exist. We need to have more of a think about how we can restructure these... -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
