[Bug 33793] New: Add method to define limited access to run reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 Bug ID: 33793 Summary: Add method to define limited access to run reports Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 - low Component: Reports Assignee: koha-bugs@lists.koha-community.org Reporter: andrewfh@dubcolib.org QA Contact: testopia@bugs.koha-community.org Currently a user with the execute_reports permission can run any report in the system. A library may wish for a given user to be able run some reports but not others. It would be great to have a mechanism for allowing limited reports access. Maybe something akin to the SubfieldsToAllowForRestrictedEditing preference? We could create ReportGroupsToAllowForRestrictedExecution, in which one selects groups of reports. We add a new execute_reports_restricted permission. A user with that permission can only run reports in the groups specified in the preference. Or maybe ditch the system preference and add a "restricted access" flag to each report? -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 Andrew Fuerste-Henry <andrewfh@dubcolib.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lucas@bywatersolutions.com, | |nick@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 Michelle Spinney <mspinney@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mspinney@clamsnet.org -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 --- Comment #1 from Michelle Spinney <mspinney@clamsnet.org> --- This would be very helpful for consortia. We'd like staff to run specific reports created for their library. Right now they can run network wide reports any time which can slow down our system during peak hours. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 Eileen Chandler <echandler@clamsnet.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |echandler@clamsnet.org --- Comment #2 from Eileen Chandler <echandler@clamsnet.org> --- This would be great improvement for our consortium and I would imagine for any larger library system too. We want to empower library staff to run reports but we'd also like our consortium-wide reports to be accessible only to our consortium/network staff. Consortium wide reports are resource intensive and we run those in "off" hours. If library staff had access to a set of reports just for their location it would be more efficient and effective. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 Lisette Scheer <lisette.scheer@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lisette.scheer@bywatersolut | |ions.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 --- Comment #3 from Lisette Scheer <lisette.scheer@bywatersolutions.com> --- I think the "restricted access" flag would be a great way to go rather than groups. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 --- Comment #4 from AspenCat Team <aspencatteam@clicweb.org> --- We would be interested in this as well. We haven't had a problem yet, but it is a potential concern that someone can get personal patron data from a library they don't work at. We would like to see this be secure and only staff who need to see that type of data, be able to see that type of data. - Bob Bennhoff -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 AspenCat Team <aspencatteam@clicweb.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |aspencatteam@clicweb.org -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au --- Comment #5 from David Cook <dcook@prosentient.com.au> --- (In reply to AspenCat Team from comment #4)
We would be interested in this as well. We haven't had a problem yet, but it is a potential concern that someone can get personal patron data from a library they don't work at. We would like to see this be secure and only staff who need to see that type of data, be able to see that type of data. - Bob Bennhoff
I was just thinking this same thing. Locally, we have a mechanism where reports that include "borrowers" need to use a token which is sent to a supervisor by email. That way, the supervisor knows who is running those potentially sensitive reports and when they're running them. (Kind of like some retail systems that require two people to authorize certain transactions.) -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 Katrin Fischer <katrin.fischer@bsz-bw.de> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.koha-community | |.org/bugzilla3/show_bug.cgi | |?id=30198 -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |caroline.cyr-la-rose@inlibr | |o.com -- You are receiving this mail because: You are watching all bug changes.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=33793 Andrew Fuerste-Henry <andrew@bywatersolutions.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |DUPLICATE --- Comment #6 from Andrew Fuerste-Henry <andrew@bywatersolutions.com> --- *** This bug has been marked as a duplicate of bug 37052 *** -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.
participants (1)
-
bugzilla-daemon@bugs.koha-community.org