https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39453 Bug ID: 39453 Summary: Add attribute type settings for restricting access to extended attributes Change sponsored?: --- Product: Koha Version: Main Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Patrons Assignee: koha-bugs@lists.koha-community.org Reporter: glasklas@gmail.com QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com, kyle.m.hall@gmail.com This patch introduces a "readonly", "secret" and "hidden" setting for patron attribute types. All restrictions enforced by these new settings are not applied for superlibrarians, where attributes behave as if they have not been set. Readonly make the attributes of this type readonly, they appear on the patrons details page and when editing a patron, but their values can't be changed. Hidden attributes are not visible on the patrons details page or when editing a patron, but can for example be used internally. Secret attributes are basically the same thing as hidden, but the appear with their value masked in the patrons details page, and could be used for sensitive data not all staff members should have access to. One use case (at our library) is to emulate a role based access control by having a number of reserved users as templates for roles. We then have a number of hidden attributes mapping users to these "roles", and a script running nightly that assigns permissions based on this mapping. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.