[Bug 35830] New: Add separate permission for Merging Patrons
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Bug ID: 35830 Summary: Add separate permission for Merging Patrons Change sponsored?: --- Product: Koha Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Circulation Assignee: koha-bugs@lists.koha-community.org Reporter: rcoert@arlingtonva.us QA Contact: testopia@bugs.koha-community.org CC: gmcharlt@gmail.com, kyle.m.hall@gmail.com Currently, the ability to Merge Patrons is lumped under the "Add, modify, and view patron information" (edit_borrowers). Merging patron records is more powerful than the ability to add/modify/view a patron record. My request is to have this as a separate permission, similar to that of delete_borrowers. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Chanel Wheeler <chanel.wheeler@yavapaiaz.gov> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |chanel.wheeler@yavapaiaz.go | |v --- Comment #1 from Chanel Wheeler <chanel.wheeler@yavapaiaz.gov> --- +1 -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |eric@bywatersolutions.com --- Comment #2 from Brendan Lawlor <blawlor@clamsnet.org> --- *** Bug 38754 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Michelle Spinney <mspinney@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mspinney@clamsnet.org -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |Needs Signoff -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #3 from Brendan Lawlor <blawlor@clamsnet.org> --- Created attachment 186301 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=186301&action=edit Bug 35830: Add merge_borrowers subpermission Merging patrons only required edit_borrowers permission but would result in a patron deletion. This patch requires a new merge_borrowers subpermission To test: 1. Give a patron the following permissions catalogue, edit_borrowers, list_borrowers 2. Log into the staff interface as the patron 3. Do a patron search and select 2 patrons 4. Click merge patron - success - a patron got deleted 5. Apply patch, updatedatabase and restart_all 6. Repeat steps 3 and 4 - you can't 7. Add the new permission for merge_borrowers 8. Repeat steps 3 and 4 - now you can 9. prove t/Koha/Auth/Patrons.t -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Patch complexity|--- |Small patch -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #186301|0 |1 is obsolete| | --- Comment #4 from Brendan Lawlor <blawlor@clamsnet.org> --- Created attachment 186302 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=186302&action=edit Bug 35830: Add merge_borrowers subpermission Merging patrons only required edit_borrowers permission but would result in a patron deletion. This patch requires a new merge_borrowers subpermission To test: 1. Give a patron the following permissions catalogue, edit_borrowers, list_borrowers 2. Log into the staff interface as the patron 3. Do a patron search and select 2 patrons 4. Click merge patron - success - a patron got deleted 5. Apply patch, updatedatabase and restart_all 6. Repeat steps 3 and 4 - you can't 7. Add the new permission for merge_borrowers 8. Repeat steps 3 and 4 - now you can 9. prove t/Koha/Auth/Patrons.t Sponsored-by: CLAMS -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |blawlor@clamsnet.org Assignee|koha-bugs@lists.koha-commun |blawlor@clamsnet.org |ity.org | -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #5 from Brendan Lawlor <blawlor@clamsnet.org> --- Setting to needs sign off for feedback. I know I need to add the atomic update in a separate commit. I think this might also need to update the database to give the new merge_borrowers permission to everyone who currently has the delete_borrowers permission. Or should it just give merge_borrowers to everyone with edit_borrowers because that's the current way it is? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Brendan Lawlor <blawlor@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #186302|0 |1 is obsolete| | --- Comment #6 from Brendan Lawlor <blawlor@clamsnet.org> --- Created attachment 187060 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=187060&action=edit Bug 35830: Add merge_borrowers subpermission Merging patrons only required edit_borrowers permission but would result in a patron deletion. This patch requires a new merge_borrowers subpermission To test: 1. Give a patron the following permissions catalogue, edit_borrowers, list_borrowers 2. Log into the staff interface as the patron 3. Do a patron search and select 2 patrons 4. Click merge patron - success - a patron got deleted 5. Apply patch, updatedatabase and restart_all 6. Repeat steps 3 and 4 - you can't 7. Add the new permission for merge_borrowers 8. Repeat steps 3 and 4 - now you can 9. prove t/Koha/Auth/Patrons.t Sponsored-by: CLAMS -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #7 from Brendan Lawlor <blawlor@clamsnet.org> --- I added an insert statement to the atomic update to add the merge_borrowers permission for all users who currently have the edit_borrowers permission This makes the behavior for for existing installations consistent with the current functionality. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Lucas Gass (lukeg) <lucas@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|Koha |Patrons Group|Koha security | Product|Koha security |Koha -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Lucas Gass (lukeg) <lucas@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Version(s)| |25.11.00 released in| | Status|Passed QA |Pushed to main --- Comment #22 from Lucas Gass (lukeg) <lucas@bywatersolutions.com> --- Pushed to main for 25.11.00 -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Version(s)|25.11.00 |25.11.00,25.05.06,24.11.11, released in| |24.05.16,22.11.33 Status|Pushed to main |Pushed to stable -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to stable |Pushed to oldstable -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to oldstable |Pushed to oldoldstable -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to oldoldstable |Pushed to oldoldoldstable -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Fridolin Somers <fridolin.somers@biblibre.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Severity|normal |critical -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Andrii Nugged <nugged@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nugged@gmail.com --- Comment #23 from Andrii Nugged <nugged@gmail.com> --- Might be only mine specific data configuration, but on my dataset atomic update crashed: ``` Upgrade to 25.06.00.028 [00:37:40]: Bug 35830 - Add permission borrowers:merge_borrowers Added new permission 'merge_borrowers' ERROR: {UNKNOWN}: DBI Exception: DBD::mysql::db do failed: Duplicate entry '281100-4-merge_borrowers' for key 'PRIMARY' at /usr/share/koha/lib/C4/Installer.pm line 825 ``` writing this urgently here, because if this is potential atomic update crash, it will lock up Kohas for people around the world. But this might be false alarm. Investigating: I will research for a workday and give my findings, how this is critical. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #24 from Andrii Nugged <nugged@gmail.com> --- Indeed. We have: ``` q{INSERT INTO user_permissions (borrowernumber, module_bit, code) SELECT borrowernumber, module_bit, 'merge_borrowers' FROM user_permissions where module_bit = 4 and code = 'edit_borrowers';} ``` what is somewhat-non-idempotent, BUT it will luckily succeed if someone missed 25.05.06 update and went to 25.11.00, but if someone have 25.05.06 then 25.11.00 probably will fail: ``` $> git checkout community/25.05.x && fgrep "Added new permission 'merge_borrowers'" installer/data/mysql/db_revs/*.pl Previous HEAD position was 3f2987eb19f Koha 25.11.00 is here! HEAD is now at aa6597d23ec Update release notes for 25.05.06 release installer/data/mysql/db_revs/250505004.pl: say $out "Added new permission 'merge_borrowers'"; $> git checkout community/25.11.x && fgrep "Added new permission 'merge_borrowers'" installer/data/mysql/db_revs/*.pl Previous HEAD position was aa6597d23ec Update release notes for 25.05.06 release HEAD is now at 3f2987eb19f Koha 25.11.00 is here! installer/data/mysql/db_revs/250600028.pl: say $out "Added new permission 'merge_borrowers'"; ``` because it will try to non-ignore insert for already existing values, thus PRIMARY key fails. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #25 from Andrii Nugged <nugged@gmail.com> --- .. I did fixed my server with patching this SQL INSERT as "IGNORE": ``` q{INSERT IGNORE INTO user_permissions (borrowernumber, module_bit, code) SELECT borrowernumber, module_bit, 'merge_borrowers' FROM user_permissions where module_bit = 4 and code = 'edit_borrowers';} ``` and re-run `apt-get upgrade`, all passed. Not sure this is the cleanest way for now, but this might be workarounder for other non-deep-Koha people who come here from the websearch one day too. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #26 from Andrii Nugged <nugged@gmail.com> --- This is not data-specific. Any site that has already applied the 25.05.06 atomic update for Bug 35830 and then runs 25.06.00.028 (25.11.00), or has applied the 24.11.11 update and then upgrades to 25.05 or 25.11, will hit this duplicate-key error and get stuck in maintenance mode until it is manually patched. Changing above statement to use `INSERT IGNORE ...` makes the atomic update idempotent and fixes the issue. If `INSERT IGNORE ...` is considered enough, the same change should be backported to all older versions that contain this atomic update to avoid overlapping executions of the same insert on older upgrades sequences. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #27 from Katrin Fischer <katrin.fischer@bsz-bw.de> --- I think the missing bit is that the database update cannot be run multiple times at the moment, which we need to fix. Correct? -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Lucas Gass (lukeg) <lucas@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |41421 Referenced Bugs: https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=41421 [Bug 41421] Bug 35830 DB update must be idempotent -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Katie Bliss <kebliss@dmpl.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |kebliss@dmpl.org -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #28 from Andrii Nugged <nugged@gmail.com> --- Yes, exactly - the missing bit was that the atomic DB update was not idempotent, and the same non-idempotent `INSERT` ended up being shipped in multiple branches and then overlaid: once it successfully runs on an older version, a later upgrade that runs the same `INSERT` again in a newer branch hits the duplicate key and crashes update database in the middle. -- You are receiving this mail because: You are watching all bug changes.
From a packager point of view (e.g. .deb builds) it’s great that this has now been fixed in all relevant branches as quickly as it was, and I don't know how many shipped and potential overlays around the world, but I am just noting
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 --- Comment #29 from Andrii Nugged <nugged@gmail.com> --- ... Lucas (@lukeg) has now added fixes for all affected branches in Bug 41421 by changing the `user_permissions` statement to `INSERT IGNORE` in each branch, so that re-running the update (or running it twice across different branches) simply skips rows that already exist instead of throwing an error. I’m OK with the `INSERT IGNORE` approach here — it makes this update properly idempotent and unblocks all the upgrade paths. Minor downsides I can see is that: - if there ever were some unexpected data issues or duplicates in `user_permissions`, they would now be silently skipped instead of failing loudly, and - `updatedatabase` will still print “Added 'merge_borrowers' permission to existing users with 'edit_borrowers'” even on subsequent runs where no new rows are actually inserted. For this very narrow case I think that trade-off is acceptable, especially given how important it is that we deliver it asap for installs on a broken upgrade path. this, not a question. -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Wainui Witika-Park <wainuiwitikapark@catalyst.net.nz> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Pushed to oldoldoldstable |Needs documenting --- Comment #30 from Wainui Witika-Park <wainuiwitikapark@catalyst.net.nz> --- Hoping this is okay to close, changed to "Needs documenting" to get it off my list but feel free to change status if work/discussion is still needed -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Documentation| |Martin Renvoize contact| | -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35830 Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> changed: What |Removed |Added ---------------------------------------------------------------------------- Documentation| |https://gitlab.com/koha-com submission| |munity/koha-manual/-/merge_ | |requests/1173 -- You are receiving this mail because: You are watching all bug changes.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org