Hi all,

I wanted to ask for feedback on an issue we recently uncovered. We recently 
upgraded from Evergreen 3.1 to 3.3 and implemented a complete revamp of our 
permission structure to include a strict requirement that anyone who 
creates/deletes items or bibs must pass cataloging assessments. However, we 
have found that staff can create new volume/call# and item records with only 
the permissions granted to Circulator, which do not include CREATE_VOLUME or 
CREATE_COPY. These should be the permissions checked before Evergreen permits a 
user to create a new item or call# record, right? I don't see any other 
permissions that should supersede those, but am I missing something?

I created a bug with links to our permissions list and examples from two 
different test databases (running 3.1 and 3.3) where I was able to create new 
holdings without having CREATE_VOLUME or CREATE_COPY permissions: 

Any testing/feedback/confirmation that anyone is willing to provide would be 
most welcome.



April Durrence
NC Cardinal Training Specialist
NC Dept. of Natural and Cultural Resources
919.814.6794 | april.durre...@ncdcr.gov
109 East Jones Street | 4640 Mail Service Center
Raleigh, North Carolina 27699-4600
[A close up of a logo  Description automatically generated]
Email correspondence to and from this address is subject to the North Carolina 
Public Records Law and may be disclosed to third parties.

Reply via email to