[Bug 29000] New: Create a display of patrons with permissions
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 Bug ID: 29000 Summary: Create a display of patrons with permissions Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Patrons Assignee: koha-bugs@lists.koha-community.org Reporter: fridolin.somers@biblibre.com QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com, kyle.m.hall@gmail.com Actually it is hard to find which patrons have which permissions. It can lead to mistakes and security issues. I've created a POC plugin : https://github.com/biblibre/koha-plugin-users-with-permissions Maybe permissions could be displayed in patrons search table. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=28991 -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 Andrew Fuerste-Henry <andrew@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |andrew@bywatersolutions.com --- Comment #1 from Andrew Fuerste-Henry <andrew@bywatersolutions.com> --- +1, this would be handy -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au --- Comment #2 from David Cook <dcook@prosentient.com.au> --- I actually wrote a simple PHP script to do this about 10 years ago, as a library needed to be able to easily audit user permissions, and I've been meaning to convert it into Perl... but it looks like you've saved me the hassle! -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 --- Comment #3 from David Cook <dcook@prosentient.com.au> --- I have it in the Tools module with the label "User Audit", but I suppose it should be in the "Patrons" module? Maybe next to "Patron lists" we could have a "Permission audit" or "Permission review" button? -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 Marcel de Rooy <m.de.rooy@rijksmuseum.nl> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |m.de.rooy@rijksmuseum.nl -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 --- Comment #4 from Fridolin Somers <fridolin.somers@biblibre.com> --- (In reply to David Cook from comment #3)
I have it in the Tools module with the label "User Audit", but I suppose it should be in the "Patrons" module? Maybe next to "Patron lists" we could have a "Permission audit" or "Permission review" button?
Yep. Maybe a link "Patrons with permissions" ;) -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 --- Comment #5 from David Cook <dcook@prosentient.com.au> --- (In reply to Fridolin Somers from comment #4)
(In reply to David Cook from comment #3)
I have it in the Tools module with the label "User Audit", but I suppose it should be in the "Patrons" module? Maybe next to "Patron lists" we could have a "Permission audit" or "Permission review" button?
Yep. Maybe a link "Patrons with permissions" ;)
Well, all patrons have permissions though, even if it's minimal permissions. That would also take up a lot of room on the screen on a Patrons toolbar. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 --- Comment #6 from Fridolin Somers <fridolin.somers@biblibre.com> --- "Permission review" sounds good then. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 Séverine Queune <severine.queune@bulac.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |severine.queune@bulac.fr -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 Mathieu Saby <mathsabypro@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mathsabypro@gmail.com --- Comment #7 from Mathieu Saby <mathsabypro@gmail.com> --- +1 This need was expressed by several French libraries during a workshop last year. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 --- Comment #8 from David Cook <dcook@prosentient.com.au> --- (In reply to David Cook from comment #2)
I actually wrote a simple PHP script to do this about 10 years ago, as a library needed to be able to easily audit user permissions, and I've been meaning to convert it into Perl... but it looks like you've saved me the hassle!
I actually did convert my PHP into Perl last year but it's not as pretty as the version I saw Frido do for a Koha plugin. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 Aude Charillon <aude.charillon@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aude.charillon@openfifth.co | |.uk -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29000 Sarah Cornell <sbcornell@cityofportsmouth.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sbcornell@cityofportsmouth. | |com --- Comment #9 from Sarah Cornell <sbcornell@cityofportsmouth.com> --- +1! I would love to have this as well. I just spent a few hours trying to audit permissions using SQL following our upgrade to 25.11. Even if I could get the SQL to produce results that are 100% accurate and easy to read, the SQL would have to be adjusted whenever categories were added or changed in the permissions matrix. My most recent use case: There is a new permission for viewing borrower checkout history in the "borrowers" category. Our circulation accounts usually have the whole category selected. Which accounts do I need to go into and deselect this new permission? Routine use case: Every 6 months, review all users with permissions to make sure that departing staff have had their permissions removed and new staff have had them added. I'm glad this bug came up when I was searching for something else! Great idea. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org