[Koha-devel] Enable libraries to moderate OPAC self-registrations
Alex Buckley
alexbuckley at catalyst.net.nz
Mon Sep 5 03:12:50 CEST 2022
Hi Arthur,
Thanks for your response! It's always interesting to hear other Koha
vendors' workflows.
I think a combination of what you outline and what David C suggested
would work.
When a new syspref is enabled then the default category of
self-registered users is restricted from logging in via SIP2. Therefore,
they can see and click on the links to electronic resources, but not
authenticate until a librarian has shifted them to a different patron
category.
What I will do is write patches for this as the first step.
As I mentioned in the email response to David just now I still think
adding the ability for librarians to moderate patron accounts in a
similar way as is done for patron self-edit requests would be a useful
end goal, but upstreaming the above behavior would be a good first step
to build on.
Many thanks,
Alex
On 2/09/22 00:53, Arthur wrote:
>
> Hi Alex,
>
> In our case (Koha + Bokeh + ArteCampus), being able to authenticate
> against Koha doesn't mean someone would be granted access the resource
> (permissions are managed by ArteCampus).
>
> In our case, any koha user can authenticate and see the link to the
> resource, even non connected users can see the link.
>
> However, ArteCampus reads the patron category upon authentication and
> only grants access to the resource to some selected categories.
>
> ArteCampus uses CASv3 to authenticate against Bokeh (Bokeh gets a copy
> of koha users once a day).
>
> Since Bokeh imports the patron category as a group, and CASv3 exports
> group information as an attribute upon authentication, ArteCampus can
> read this information, to check if a user can be granted access to a
> resource.
>
> It is then possible for the librarians who manage ArteCampus to deny
> access to resource for certain koha categories.
>
> This works with ArteCampus because they made some effort into
> integrating users attributes but I don't know if that would be easily
> reproducible with any other electronic resource provider, people would
> need to ask their provider if they have those kind of features, which
> may not be the case.
>
>
> Maybe you could make something with koha permissions or a syspref so
> that the default category for self registered users is not able to
> login to the OPAC (nor the API...) until moved to a proper category by
> the librarians who validates the registration process?
>
> Best,
>
> Arthur
>
> On 01/09/2022 07:39, Alex Buckley wrote:
>>
>> Hi Arthur,
>>
>> Thanks very much for your reply. Very interesting idea!
>>
>> Are the electronic resources that you hide with Bokeh the links in
>> biblio 856$u subfields?
>>
>> To give you some more context, one of the reasons this feature was
>> proposed was that as soon as patrons have a Koha userid and password
>> then they could authenticate (via Stunnel/SIP2) to electronic
>> platforms linked from the OpacNav HTML customisations on the OPAC
>> home page.
>>
>> Meaning if the OPAC has OPACPublic='Enable' then electronic resource
>> platform links in HTML customisations would be visible on the OPAC
>> home page and, therefore, accessible to all users regardless of their
>> patron category.
>>
>> Having some ability for libraries to moderate registrations, before
>> those users have a userid and password, would restrict whether they
>> could authenticate to these electronic platforms via Stunnel/SIP2.
>>
>> Thanks,
>>
>> Alex
>>
>>
>> On 1/09/22 01:01, Arthur wrote:
>>>
>>> Hi Alex (&folks)
>>>
>>> What about the electronic ressources uses the Koha
>>> groups/patron_category to allow or deny access to the resource?
>>>
>>> Then if newly created patrons have a specific default category, then
>>> this category could be denied access to electronic resources.
>>>
>>> We've done this way for our frontend software (Bokeh) and it works
>>> quite well. Upon login, the patron category is received.
>>>
>>> Depending on the category, the user can see the links to electronic
>>> resource or not. Also the electronic resource server checks the
>>> category against Koha using CAS attributes.
>>>
>>> Cheers,
>>>
>>> Arthur
>>>
>>> On 31/08/2022 06:32, Alex Buckley wrote:
>>>>
>>>> Thanks for that Tomas, I appreciate it. I will add a separate
>>>> table(s) and will have a think about what you have noted.
>>>>
>>>> Kind regards,
>>>>
>>>> Alex
>>>>
>>>>
>>>> On 31/08/22 14:35, Tomas Cohen Arazi wrote:
>>>>> Please, use a separate table. And think of the request workflow
>>>>> handling in the db, the statuses (as enum), how it will be handled
>>>>> at library or library group level. Even if not implemented at this
>>>>> stage. Also, maybe you need more than one table, don't fear adding
>>>>> tables if they make sense and give us a cleaner implementation.
>>>>>
>>>>> Moderation should be traceable, etc.
>>>>>
>>>>> Thinking of API routes for the process usually clears the design
>>>>> issues as it points to the classes you will need.
>>>>>
>>>>> El lun, 29 ago 2022 19:46, Alex Buckley
>>>>> <alexbuckley at catalyst.net.nz> escribió:
>>>>>
>>>>> Kia ora/Hello Koha community,
>>>>>
>>>>> I am currently working on reviving bug 25090
>>>>> <https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25090>
>>>>> ( Moderate OPAC self-registrations before a patron account is
>>>>> created ).
>>>>>
>>>>> *New proposed functionality:*
>>>>>
>>>>> Step 1: The library enables both the new
>>>>> 'PatronSelfRegistrationModeration' syspref and the existing
>>>>> 'OpacResetPassword'syspref.
>>>>>
>>>>> Step 2: When a user submits an OPAC self-registration their
>>>>> Koha patron account is not created immediately - i.e. they
>>>>> cannot yet log into the OPAC.
>>>>>
>>>>> Step 3: A pending registration link appears at the bottom of
>>>>> the staff client home page (like what's currently done with
>>>>> new purchase suggestions, or OPAC patron modification requests).
>>>>>
>>>>> Step 4: Librarians can click on the link to go to a page to
>>>>> approve or decline the registration.
>>>>>
>>>>> Step 4a: If approved the user is sent an email notice,
>>>>> containing their Koha username and an OPAC reset password link.
>>>>>
>>>>> Step 4b: If declined the user is sent a different email notice.
>>>>>
>>>>> *The rationale for adding this feature:*
>>>>> You can currently limit the circulation of self-registered
>>>>> patrons - by using the PatronSelfRegistrationDefaultCategory
>>>>> syspref and creating circulation rule(s) for that category.
>>>>>
>>>>> However, users only need an OPAC login (without the ability to
>>>>> circulate) to access electronic content providers (integrated
>>>>> with Koha via STunnel/SIP2). Some electronic content providers
>>>>> charge libraries based on their usage. Meaning it might not be
>>>>> optimal having anyone from around the world self-registering
>>>>> for a library OPAC login and accessing electronic content from
>>>>> some providers, therefore, incurring extra costs for the library.
>>>>>
>>>>> Bug 25090 was originally developed in the early days of the
>>>>> pandemic to ensure new self-registering OPAC users accessing
>>>>> 3rd party databases were coming from acceptable locations i.e.
>>>>> they were members of the organisation the library is in.
>>>>>
>>>>> More details can be found here:
>>>>> https://www.catalyst.net.nz/blog/mental-health-education-resource-library-now-offers-online-self-registration
>>>>>
>>>>> *Questions I would like to hear your thoughts on please:*
>>>>>
>>>>> Q1: Are you in favour of this as a new feature in Koha?
>>>>>
>>>>> Q2: Would you prefer a new database table be added for
>>>>> self-registrations awaiting approval, or should I use the
>>>>> borrowers_modifications table - as is used by OPAC patron
>>>>> modification requests?
>>>>>
>>>>> Q3: How would you envisage this self-registration moderation
>>>>> feature fitting in with the existing
>>>>> PatronSelfRegistrationVerifyByEmailand
>>>>> PatronSelfRegistrationDefaultCategory sysprefs?
>>>>>
>>>>> Any thoughts much appreciated.
>>>>>
>>>>> Kind regards,
>>>>>
>>>>> Alex
>>>>>
>>>>> _______________________________________________
>>>>> Koha-devel mailing list
>>>>> Koha-devel at lists.koha-community.org
>>>>> https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
>>>>> website : https://www.koha-community.org/
>>>>> git : https://git.koha-community.org/
>>>>> bugs : https://bugs.koha-community.org/
>>>>>
>>>> --
>>>> Alex Buckley
>>>> Koha Developer | Implementation Lead
>>>> Catalyst IT - Expert Open Source Solutions
>>>>
>>>> Catalyst.Net Ltd - a Catalyst IT group company
>>>>
>>>> CONFIDENTIALITY NOTICE: This email is intended for the named recipients only.
>>>> It may contain privileged, confidential or copyright information. If you are not
>>>> the named recipient, any use, reliance upon, disclosure or copying of this email
>>>> or its attachments is unauthorised. If you have received this email in error,
>>>> please reply via email or call +64 4 499 2267.
>>>>
>>>> _______________________________________________
>>>> Koha-devel mailing list
>>>> Koha-devel at lists.koha-community.org
>>>> https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
>>>> website : https://www.koha-community.org/
>>>> git : https://git.koha-community.org/
>>>> bugs : https://bugs.koha-community.org/
>>>
>>> _______________________________________________
>>> Koha-devel mailing list
>>> Koha-devel at lists.koha-community.org
>>> https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
>>> website : https://www.koha-community.org/
>>> git : https://git.koha-community.org/
>>> bugs : https://bugs.koha-community.org/
>> --
>> Alex Buckley
>> Koha Developer | Implementation Lead
>> Catalyst IT - Expert Open Source Solutions
>>
>> Catalyst.Net Ltd - a Catalyst IT group company
>>
>> CONFIDENTIALITY NOTICE: This email is intended for the named recipients only.
>> It may contain privileged, confidential or copyright information. If you are not
>> the named recipient, any use, reliance upon, disclosure or copying of this email
>> or its attachments is unauthorised. If you have received this email in error,
>> please reply via email or call +64 4 499 2267.
--
Alex Buckley
Koha Developer | Implementation Lead
Catalyst IT - Expert Open Source Solutions
Catalyst.Net Ltd - a Catalyst IT group company
CONFIDENTIALITY NOTICE: This email is intended for the named recipients only.
It may contain privileged, confidential or copyright information. If you are not
the named recipient, any use, reliance upon, disclosure or copying of this email
or its attachments is unauthorised. If you have received this email in error,
please reply via email or call +64 4 499 2267.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20220905/92eaa9d2/attachment-0001.htm>
More information about the Koha-devel
mailing list