[Bug 8839] New: Independant Branches - Checkout to patron belonging to another branch
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 Priority: P5 - low Change sponsored?: --- Bug ID: 8839 CC: gmcharlt@gmail.com, kyle.m.hall@gmail.com Assignee: koha-bugs@lists.koha-community.org Summary: Independant Branches - Checkout to patron belonging to another branch Severity: enhancement Classification: Unclassified OS: All Reporter: kyle@bywatersolutions.com Hardware: All Status: NEW Version: master Component: Circulation Product: Koha -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 --- Comment #1 from Kyle M Hall <kyle@bywatersolutions.com> --- Some libraries want to use the IndependantBranches feature to prevent libraries from editing each other's patron records while still allowing any library to issue items to another library's patrons. It appears that this behavior may have been standard in some previous versions of Koha, but is currently not. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 --- Comment #2 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 12562 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=12562&action=edit Bug 8839 - Independant Branches - Checkout to patron belonging to another branch Adds the new system preference IndependantBranchesPreventIssuing to control whether IndependantBranches stops one branch from viewing the patron record or issuing items to a patron from a different library. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |Needs Signoff -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|koha-bugs@lists.koha-commun |kyle@bywatersolutions.com |ity.org | -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 Frédéric Demians <frederic@tamil.fr> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |frederic@tamil.fr --- Comment #3 from Frédéric Demians <frederic@tamil.fr> --- It's not that clear from a Koha administrator perspective since IndependantBranches means no authorization to modify anything from another branch. And what will you do if a library want the contrary: preventing issuing but allowing to see other branch borrowers? Couldn't you reach your goal with a syspref named 'IndependantBranchOverwriteTo', with those values: - nothing - Issue to other branches - See other branches borrowers - Issue to other branches and see other branches borrowers -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 --- Comment #4 from Kyle M Hall <kyle@bywatersolutions.com> --- (In reply to comment #3)
It's not that clear from a Koha administrator perspective since IndependantBranches means no authorization to modify anything from another branch. And what will you do if a library want the contrary: preventing issuing but allowing to see other branch borrowers?
Couldn't you reach your goal with a syspref named 'IndependantBranchOverwriteTo', with those values:
- nothing - Issue to other branches - See other branches borrowers - Issue to other branches and see other branches borrowers
Without a large amount of development, it's not possible to issue to a borrower without being allowed to see them. The same goes for being able to view a borrower without being able to issue to them ( though this is less complicated ). I think this is a good start. Those other options can be added on an as needed basis. I do wonder if I should change the name of the system preference to something like IndependantBranchesCirculation instead though. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 --- Comment #5 from Frédéric Demians <frederic@tamil.fr> --- Ok, I understand! I was scratching nowhere. From my perspective, trying to have the end user perspective, the difficulty is to understand how both sysprefs work together: IndependantBranches and the new one. Cascading sysprefs are a pain to work with... Yes, a syspref without negative spelling, witouth 'prevent', would be better to understand. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #12562|0 |1 is obsolete| | --- Comment #6 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 12748 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=12748&action=edit Bug 8839 - Independant Branches - Checkout to patron belonging to another branch Adds the new system preference IndependantBranchesPreventIssuing to control whether IndependantBranches stops one branch from viewing the patron record or issuing items to a patron from a different library. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 Kyle M Hall <kyle@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #12748|0 |1 is obsolete| | --- Comment #7 from Kyle M Hall <kyle@bywatersolutions.com> --- Created attachment 14865 --> http://bugs.koha-community.org/bugzilla3/attachment.cgi?id=14865&action=edit Bug 8839 - Independant Branches - Checkout to patron belonging to another branch Adds the new system preference IndependantBranchesCirculation to control whether IndependantBranches stops one branch from viewing the patron record or issuing items to a patron from a different library. -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 Fred P <fred.pierre@smfpl.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fred.pierre@smfpl.org --- Comment #8 from Fred P <fred.pierre@smfpl.org> --- You may be aware about the IndependantBranches preference issue. Setting IndependantBranches to "Don't Prevent" overrides the AutoLocation "Require" ip range restrictions, allowing remote access from anywhere, with implications for security. Auth.pm around line 834: if (C4:Context->boolean_preference('IndependantBranches') && C4::Context->boolean_preference('AutoLocation')){ # we have to check they are coming from the right ip range If we do not restrict remote access, we need to implement stronger login security. So I am wondering how the new IndependantBranches settings affect security. Are we still wide open to password cracking if we say "Don't Prevent" for IndependantBranches? Or do the new settings help secure the system? -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 --- Comment #9 from Fred P <fred.pierre@smfpl.org> --- Sorry, that's probably a separate issue... -- You are receiving this mail because: You are watching all bug changes.
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8839 Owen Leonard <oleonard@myacpl.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Needs Signoff |Failed QA --- Comment #10 from Owen Leonard <oleonard@myacpl.org> --- No test plan. -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org