[Koha-bugs] [Bug 28882] Incorrect permissions check client-side
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Sep 10 08:04:50 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28882
--- Comment #12 from Katrin Fischer <katrin.fischer at bsz-bw.de> ---
(In reply to Marcel de Rooy from comment #10)
> What remains for me is the question: Should we allow a non-superlibrarian to
> give him or herself the privilege to change systemprefs?
> Because you can disable ProtectSuperlib etc..
> But this should be solved on another report imo.
>
> Should we only protect that pref, or a specific set of prefs, or actually
> not allow changing sysprefs at all by non superlibs? I tend to choose the
> latter.
I don't think shutting out non-superlibrarians from the admin tools/system
preferences is a feasible solution. That forces you to give out superlibrarian
permissions to more people instead of making it a protected circle. We just
added granular permissions for administration areas - that would make them
practically useless.
Maybe the ProtectSuperLib should not be a pref in the first place?
> Even a few other options on the Admin menu like Koha to MARC mapping (among
> others) might be candidates too for restricting them to superlibrarians only.
> What do you think?
We do already have separate permissions for all those areas, I believe adding
dependencies like that, will only make the system more intransparent.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list