https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20813
--- Comment #47 from Lisette Scheer <[email protected]> --- From the spec I linked above, these are 2 of the big sections about the overall plan, I'll also add the spec sections to the relevant bugs. The current Koha permissions system has evolved organically over 20+ years, resulting in mixed ideologies, inconsistent granularity, and architectural confusion. This proposal outlines a modern Role-Based Access Control (RBAC) system that provides: - Clear separation of concerns (resources, actions, scopes) - Consistent CRUD patterns across all modules - Role-based abstraction for easier administration - Library/branch-level scoping built into the core model - Backward compatibility during migration - Future extensibility for multi-tenancy and advanced features Core Principles - Resources not Functions - Permissions apply to resources (Patrons, Items, Budgets) - CRUD Consistency - Every resource has standard Create, Read, Update, Delete - Scope Separation - Library/branch restrictions are separate from permissions - Role Abstraction - Users assigned roles, roles have permissions - Explicit Dependencies - Permission prerequisites are enforced in code - Extensible - Easy to add new resources and actions User → Role → Permission → Resource + Action + Scope -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
