https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41550 --- Comment #5 from Lisette Scheer <lisette@bywatersolutions.com> --- Roles would stack, so the most permissive role would override less permissive roles beneath and you can set a role to inherit permissions from another role, rather than recreating all the permissions for role A if role B is all of role A+extra permissions Predefined System Roles (just a starting point, though might be good to do one/full checkbox with subpermissions that currently exists so we could port to those?) These would be imported but only assigned if the existing permissions are a full match (if possible, since not everything has scopes right now) 1. Superlibrarian Description: Full system access Permissions: *:*:* (all permissions) 2. Circulation Staff Description: Front desk circulation operations Permissions: patrons:read:own_library patrons:update:own_library (limited fields) checkouts:create:own_library checkouts:delete:own_library (checkin) holds:create:own_library holds:read:own_library holds:update:own_library fines:read:own_library fines:create:own_library restrictions:read:own_library 3. Circulation Manager Description: Circulation management + overrides Inherits: Circulation Staff Additional Permissions: patrons:create:own_library patrons:delete:own_library checkouts:force:own_library checkouts:override:own_library fines:writeoff:own_library fines:refund:own_library restrictions:create:own_library restrictions:delete:own_library 4. Cataloger Description: Cataloging and item management Permissions: biblios:create:any biblios:read:any biblios:update:any items:create:own_library items:read:any items:update:own_library items:delete:own_library authorities:read:any authorities:update:any 5. Cataloging Manager Description: Full cataloging control Inherits: Cataloger Additional Permissions: biblios:delete:any items:batch_modify:any items:batch_delete:any authorities:create:any authorities:delete:any frameworks:update:none 6. Acquisitions Staff Description: Order and receive materials Permissions: vendors:read:none budgets:read:own baskets:create:own baskets:read:own_library baskets:update:own orders:create:own orders:read:own_library orders:receive:own_library invoices:read:own_library 7. Acquisitions Manager Description: Budget and vendor management Inherits: Acquisitions Staff Additional Permissions: vendors:create:none vendors:update:none budgets:manage:library_group baskets:delete:own_library orders:delete:own_library invoices:create:own_library invoices:update:own_library 8. Reports User Description: Run existing reports Permissions: reports:read:any reports:execute:own (only own reports) 9. Reports Manager Description: Create and manage all reports Permissions: reports:create:own reports:read:any reports:update:own reports:delete:own reports:execute:any 10. System Administrator Description: System configuration (not all-powerful) Permissions: system_preferences:read:none system_preferences:update:none libraries:manage:any circ_rules:manage:any marc_frameworks:manage:none patron_categories:manage:none staff_users:manage:any roles:manage:system 11. Branch Manager Description: Full control of own library Permissions: patrons:manage:own_library checkouts:manage:own_library holds:manage:own_library items:manage:own_library fines:manage:own_library staff_users:create:own_library staff_users:update:own_library reports:execute:any 12. Self-Check User (Special) Description: Kiosk/automated patron Permissions: checkouts:create:own_library checkouts:read:own (only own checkouts) holds:read:own -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.