[Bug 10059] New: admin user can't see budgets on acq page
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 Bug ID: 10059 Summary: admin user can't see budgets on acq page Classification: Unclassified Change sponsored?: --- Product: Koha Version: 3.10 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 - low Component: Acquisitions Assignee: kyle@bywatersolutions.com Reporter: nengard@gmail.com The admin user cannot access budgets in acq. Soooo - when you go to Acq logged in as the admin user you see a message that there are no budgets defined even if there are. This user has been locked down for security reasons (in 3.10 I think) but now it makes it very hard to do support because in this case I need to create a new user to test with and then delete them. So option #1 might be required for us in the future to do support. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |katrin.fischer@bsz-bw.de --- Comment #1 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- I am not sure that fixing the root user will go far in acquisitions. You will be able to see things, but as soon as you went in and changed something that could cause more trouble. A lot of things in acquisitions are tied to users and them having real borrowernumbers. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 Chris Cormack <chris@bigballofwax.co.nz> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |chris@bigballofwax.co.nz --- Comment #2 from Chris Cormack <chris@bigballofwax.co.nz> --- Didn't we just add a thing that warns you all over the place to not use the db user (its not the admin user, its the db user) to do anything except create a real user? -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 --- Comment #3 from Nicole C. Engard <nengard@gmail.com> --- Yes, we did ... but it has caused all kinds of problems when it comes to a support company. We use that user to get in to our customer's systems to help them with support. Yes, we can create a superlibrarian, but there are too many ways that those in the library could delete or mess up that user and make it impossible for us to get in. One example is a batch delete on 'inactive' patrons - well our support user would never have checked anything out and as such would be deleted. The warning is good - and it should be there for the average user, but this development has made it difficult as a company supporting libraries to continue to support them. Nicole -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 --- Comment #4 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- I think that you can't totally prevent having problems with this user - as it is no real user. It has no borrowernumber, no library, no history... There will always be behaviour a bit different than using a normal superlibrarian user. And even this user varies sometimes from a user with all permissions checked. So maybe a different solution would be better in the long run. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 Owen Leonard <oleonard@myacpl.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |In Discussion Version|3.10 |master -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 Galen Charlton <gmcharlt@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |gmcharlt@gmail.com --- Comment #5 from Galen Charlton <gmcharlt@gmail.com> --- (In reply to Nicole C. Engard from comment #3)
The warning is good - and it should be there for the average user, but this development has made it difficult as a company supporting libraries to continue to support them.
Wouldn't it suffice to create a normal superlibrarian account, but hang on to the root DB credentials in case you need to recreate the superlibrarian account? Also, the normal patron purge specifically excludes patron records whose category type is staff. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 --- Comment #6 from Nicole C. Engard <nengard@gmail.com> --- Well library staff can manually delete any users they want .. so they could (and probably will by accident) delete the user we don't want deleted. Of course we're creating users for this - I just think that it will effect other companies out there. Nicole -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 --- Comment #7 from Chris Cormack <chris@bigballofwax.co.nz> --- (In reply to Nicole C. Engard from comment #6)
Well library staff can manually delete any users they want .. so they could (and probably will by accident) delete the user we don't want deleted. Of course we're creating users for this - I just think that it will effect other companies out there.
Nicole
Catalyst is cool with it, we tell our clients not to delete the test/catalyst users. And we also ask them to create them. Works for us. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 --- Comment #8 from Galen Charlton <gmcharlt@gmail.com> --- (In reply to Chris Cormack from comment #7)
(In reply to Nicole C. Engard from comment #6)
Well library staff can manually delete any users they want .. so they could (and probably will by accident) delete the user we don't want deleted. Of course we're creating users for this - I just think that it will effect other companies out there. [snip] Catalyst is cool with it, we tell our clients not to delete the test/catalyst users. And we also ask them to create them. Works for us.
The current state of affairs works for Equinox as well. IOW, the support company I work for also sees no need to regularly use the DB credentials to log into Koha, particularly since the staff interface nowadays explicitly recommends against doing that. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 --- Comment #9 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- We have to use personal admin accounts, so using the database user is out of question for us anyway. Libraries deleting those has never happened so far, we have notes and names that make it very clear that those belong to us and are not to be deleted. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10059 Jonathan Druart <jonathan.druart@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jonathan.druart@biblibre.co | |m Resolution|--- |INVALID Status|In Discussion |RESOLVED --- Comment #10 from Jonathan Druart <jonathan.druart@biblibre.com> --- I think this one can be considered as invalid. Please reopen if I am wrong. -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org