[Koha-bugs] [Bug 33284] New: checkout_renewals table retains checkout history in violation of patron privacy
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Mar 20 20:37:53 CET 2023
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33284
Bug ID: 33284
Summary: checkout_renewals table retains checkout history in
violation of patron privacy
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5 - low
Component: Circulation
Assignee: koha-bugs at lists.koha-community.org
Reporter: andrewfh at dubcolib.org
QA Contact: testopia at bugs.koha-community.org
CC: gmcharlt at gmail.com, kyle.m.hall at gmail.com
Depends on: 30275
The checkout_renewals table introduced in bug 30275 can retain a link between a
patron and an issue_id when the patron's privacy is set to Never. That data
should be anonymized.
To recreate:
- have a patron with their privacy set to Never retain reading history
- check an item out to the patron, renew it via the OPAC
- confirm your patron's borrowernumber can be found in
checkout_renewals.renewer_id and the issue_id for your checkout can be found in
checkout_renewals.checkout_id
- check your item in
- confirm your patron's borrowernumber has been removed from
old_issues.borrowernumber
- confirm your patron's borrowernumber and the issue_id for your checkout can
still be found in checkout_renewals.checkout_id (along with a note that the
renewal happened via the OPAC, thereby making it perfectly clear that this was
a patron renewing the item they had checked out themselves).
Should we not replace checkout_renewals.renewer_id with the anonymous patron's
borrowernumber when the item is returned, if the patron is set to not retain
reading history?
Referenced Bugs:
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30275
[Bug 30275] Checkout renewals should be stored in their own table
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list