http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9833
M. de Rooy <m.de.r...@rijksmuseum.nl> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|Signed Off |Failed QA
Summary|New shelves permissions |New virtual shelves/lists
| |permissions
QA Contact| |m.de.r...@rijksmuseum.nl
--- Comment #6 from M. de Rooy <m.de.r...@rijksmuseum.nl> ---
I like this patch since we really need some permissions for shelves!!
But I think that we must not add manage shelves under editcatalogue.
Managing shelves should have its own permission (if we allow it in the first
place). If this patch adds an entry for shelves/lists, I would also have the
idea of adding/allowing Change ownership for instance. Note also the privacy
issue here as noted in related reports (should a staff user be able to view
these lists at all?).
So, you could remove manage_shelves from this patch or add a root entry like
lists and start a discussion on how we should view the underlying manage. What
we do need e.g. is a permission to manage shelves that do no longer have an
owner (after deleting user).
Merge from shelves is another story: this indeed fits better under
edit_catalogue.
A technical detail: To know member->userid you use GetMemberDetails: Isn't that
quite overkill?
Also please watch operator priority in $user && $shelf->{owner}==$user) ||
C4::Auth::haspermission... Place parentheses?
A test plan should be added too.
Thanks for your attention.
--
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
