From the spec I linked above, these are 2 of the big sections about the overall
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20813 --- Comment #47 from Lisette Scheer <lisette@bywatersolutions.com> --- plan, I'll also add the spec sections to the relevant bugs. The current Koha permissions system has evolved organically over 20+ years, resulting in mixed ideologies, inconsistent granularity, and architectural confusion. This proposal outlines a modern Role-Based Access Control (RBAC) system that provides: - Clear separation of concerns (resources, actions, scopes) - Consistent CRUD patterns across all modules - Role-based abstraction for easier administration - Library/branch-level scoping built into the core model - Backward compatibility during migration - Future extensibility for multi-tenancy and advanced features Core Principles - Resources not Functions - Permissions apply to resources (Patrons, Items, Budgets) - CRUD Consistency - Every resource has standard Create, Read, Update, Delete - Scope Separation - Library/branch restrictions are separate from permissions - Role Abstraction - Users assigned roles, roles have permissions - Explicit Dependencies - Permission prerequisites are enforced in code - Extensible - Easy to add new resources and actions User → Role → Permission → Resource + Action + Scope -- You are receiving this mail because: You are watching all bug changes.