NC Cardinal is undertaking a project to rethink and restructure our staff 
permissions. We would welcome your scrutiny and feedback on what we're planning 
to do. The Evergreen permissions descriptions are not always clear and robust, 
so some of the decisions we've made while reallocating staff permissions are 
based on guesses and experimentation. As we work through the testing phase and 
begin usage in our production database, we intend to contribute any information 
gleaned about permissions to Evergreen community documentation.

One of our goals is to make better use of inheritance and avoid assigning the 
same permission to multiple permission groups. Here is a visual representation 
of the changes we're planning to make.

Here is a Google Spreadsheet showing permission groups and the granular 
privileges assigned to them:
Mouse over the column headers to see a description of the intended function of 
each permission group. Commenting on this document is open to the public, so 
feel free to comment if you have suggestions or insight.

We do not have centralized cataloging in NC Cardinal, so as a part of this 
project, we've defined two cataloger permission groups: Item Cataloger 
(add/edit/delete call number and item records) and Bib Cataloger (everything 
else). We've created assessments that catalogers must successfully complete to 
be assigned to these permission groups. These assessments are intended to 
ensure that catalogers are doing their work according to our Cataloging Best 
Practices We are 
incorporating the Acquisitions permission into the appropriate cataloger 
permission group, as libraries may freely use acquisitions in various ways and 
we don't see a need for the separate acquisitions permission groups. Please let 
us know if there is a use case we may be overlooking.

Item Cats inherit all Circulator permissions, but branch managers who perform 
basic cataloging and also need to enter closed dates, etc. can be assigned 
Branch Admin as a secondary permission group.

Another experimental change is removing the EVERYTHING permission from Branch 
Admin (Local System Admin) and System Admin because we think it grants too much 
(undefined) power. (We have not found any documentation that defines exactly 
which permissions are conveyed with EVERYTHING.) But, we may find this 
problematic if there are areas of old code that only check for the EVERYTHING 
permission and not a discrete permission.

We've also recently consolidated our patron permission groups down to 12 
permission groups.

If any of you have taken on a project like this, we'd love to hear about your 
experiences, lessons learned and suggestions.

Benjamin Murphy
NC Cardinal Program Manager
NC Dept. of Natural and Cultural Resources
919.814.6797  |<>

109 East Jones Street  | 4640 Mail Service Center
Raleigh, North Carolina 27699-4600

Email correspondence to and from this address is subject to the North Carolina 
Public Records Law and may be disclosed to third parties.

Reply via email to