[Koha-bugs] [Bug 14391] Granular permissions for the administration module

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Fri Sep 28 08:28:54 CEST 2018 

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14391

--- Comment #10 from Katrin Fischer <katrin.fischer at bsz-bw.de> ---

> > manage_classifications No text on form? => typo CASE 'manage_classfications'
> > Missing letter !

Fixed!

> > Spelling Manage column configuation / SRU server confiugration / search
> > enginge

Fixed!

> > installer/data/mysql/atomicupdate/bug14391_granular_admin_permissions.sql
> > The atomic update queries could be further optimized. You add separate
> > inserts for each permission with subqueries for borrowers. Easy to read, but
> > more costly to run.
> > Do you have figures about how long it takes on a larger patron table ?

I think there will be a limited number of patrons to be updated even for big
libraries as the number of staff should still be relatively small compared to
the potential number of users.

> > Why not something like:
> > INSERT INTO user_permissions (borrowernumber, module_bit, code)
> > SELECT borrowers.borrowernumber, permissions.module_bit, permissions.code
> > FROM borrowers 
> > LEFT JOIN user_permissions USING (borrowernumber)
> > LEFT JOIN permissions ON module_bit =3 AND code NOT IN ( * list existing
> > permissions for admin * )
> > WHERE user_permissions.code='parameters_remaining_permissions'
> > This replaces most separate inserts and uses joins instead of subqueries.

Need to take another look here if you think it's really necessary.

> > 
> > admin/localization.pl, svc/localization
> > Need manage_itemtypes
> > Understand why you do it, but it seems not logical in the long run. Better
> > add a specific one.

I'll add a separate permission in another follow-up.

> > 
> > admin/printers.pl
> > parameters => '*'
> > Only case where we refer to *. Why not separate?

The code is dead and unused - I have proposed removing it instead on bug 7651.
As it's currently not used and not visible in the GUI, I would not like to
expose it with a new permission. As it's non-functional there is also a super
low risk of people breaking something there :)

-- 
You are receiving this mail because:
You are watching all bug changes.

More information about the Koha-bugs mailing list