[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 --- Comment #10 from David Cook --- (In reply to Caroline Cyr La Rose from comment #7) > I've run into this problem with our consortium installation. Each library > has access to reports, therefore access to all the information of all the > libraries, including patron information, which is sensitive... > > I was thinking maybe something similar to lists (who can run this report? > Everyone, Owner only, etc.) or similar to acquisition funds (who can use > this fund? Everyone, Owner only, Owner and users only, or > Owner/users/library) with the possibility to add users one by one. After reading this and bug 37052 again, I think that I understand and I think that I like this idea. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Michelle Spinney changed: What|Removed |Added CC||mspin...@clamsnet.org -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Katrin Fischer changed: What|Removed |Added See Also||https://bugs.koha-community ||.org/bugzilla3/show_bug.cgi ||?id=37052 -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Caroline Cyr La Rose changed: What|Removed |Added Version|21.05 |unspecified -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Mathieu Saby changed: What|Removed |Added CC||mathsaby...@gmail.com --- Comment #9 from Mathieu Saby --- Hi In Europe this is pretty bad on a GDPR point of view... Could we imagine something like the logic in acquisition module, where funds can be managed by specific colleagues ? -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 --- Comment #8 from David Cook --- (In reply to Caroline Cyr La Rose from comment #7) > I've run into this problem with our consortium installation. Each library > has access to reports, therefore access to all the information of all the > libraries, including patron information, which is sensitive... > > I was thinking maybe something similar to lists (who can run this report? > Everyone, Owner only, etc.) or similar to acquisition funds (who can use > this fund? Everyone, Owner only, Owner and users only, or > Owner/users/library) with the possibility to add users one by one. Interesting idea although I'm not sure how it would work in practice. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Caroline Cyr La Rose changed: What|Removed |Added CC||philippe.blo...@inlibro.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Caroline Cyr La Rose changed: What|Removed |Added CC||caroline.cyr-la-rose@inlibr ||o.com --- Comment #7 from Caroline Cyr La Rose --- I've run into this problem with our consortium installation. Each library has access to reports, therefore access to all the information of all the libraries, including patron information, which is sensitive... I was thinking maybe something similar to lists (who can run this report? Everyone, Owner only, etc.) or similar to acquisition funds (who can use this fund? Everyone, Owner only, Owner and users only, or Owner/users/library) with the possibility to add users one by one. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Katrin Fischer changed: What|Removed |Added See Also||https://bugs.koha-community ||.org/bugzilla3/show_bug.cgi ||?id=33793 -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 --- Comment #6 from AspenCat Team --- The way our consortium operates is we share reports by having our branches use a dropdown menu. I'm not sure how feasible it is, but what would be ideal is making it so that drop down would only list the library that is logged in. Similarly it would be good to prevent using a branch code for a report that does match the home library, at a certain permission level. I certainly agree with David's point about the difficulties in accomplishing this, but perhaps instead of an intervention there would be a way to limit what is viewable or what can be selected based on branch. - Bob Bennhoff -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 AspenCat Team changed: What|Removed |Added CC||aspencatt...@clicweb.org -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 --- Comment #5 from David Cook --- (In reply to Donna from comment #0) > Likewise, if I am in a consortium/multi-library setting, and do not have the > permission to view patron data from other libraries, in the reports module I > can run reports that contain patron data from any of the other libraries. Unfortunately this one isn't really possible. Intervening before the query is sent to the database isn't feasible since the query permutations are too varied. Intervening after the results are retrieved would lead to a discrepancy in rows retrieved and rows viewed. You wouldn't be able to determine the result count until after you'd tried to retrieve all possible rows. It would lead to a wildly different user experience, and at that point you'd almost be better off re-writing the Reports module not to allow custom SQL at all. But that creates other problems too, of course. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 David Cook changed: What|Removed |Added CC||dc...@prosentient.com.au --- Comment #4 from David Cook --- Something we've done locally is make it so that reports containing any reference to the borrowers table require an additional token/code that gets emailed to a supervisor. The supervisor then needs to give that code to the user wanting to run the report. That prevents the circulation clerk from running reports for patron information they shouldn't have. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Steve, OSLRI, USA changed: What|Removed |Added CC||ssp...@oslri.net --- Comment #3 from Steve, OSLRI, USA --- It was suggested that I hop on board this bug, so here I go! Reading the comments on this ticket, I would suggest we are talking about two different things... both very useful! 1) I like the idea that Donna has originally suggested with the ability to restrict access to data in certain tables. Perhaps one simple way to do this would be to identify tables and/columns that ought to require special permissions and create a single (or if warranted) a couple user permissions in place for those. I'd agree with reading history. I'd also argue any PII fields in the borrowers table. 2) What brought me here might be a little closer to Andrew's comment. (Maybe?) We will potentially have many staff members in our system writing reports and are concerned about "clutter". We'd love the ability for somebody to be able to define a "sharing level" for a report. Perhaps, four levels: (1) Private/Just Me, (2) Shared with My Branch, (3) Shared with My Library Group, (4) Shared with Everyone. This would really help cut down on clutter AND allow people to work on draft queries that are NOT ready for prime time without somebody else attempting to use it by accident. I'd agree that super librarians should see all. That way we can help somebody with a report in their private reports should they ask for help. (Perhaps this is a different bug?) Cheers! -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Emmi Takkinen changed: What|Removed |Added CC||emmi.takki...@koha-suomi.fi -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 --- Comment #2 from Katrin Fischer --- The issue with the sub group could be that a lot of people have authorised values permission for cataloging purposes. Mabe we could have an option to flag those reports and a 'super reports' permission for running them? Although having different levels might be nice. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 --- Comment #1 from Andrew Fuerste-Henry --- Maybe this could tie to report (sub)groups? I like the idea of being able to mark things private/restricted either at the individual report, the sub-group, or the group level. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 30198] Add privacy elements to reports
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30198 Donna changed: What|Removed |Added CC||and...@bywatersolutions.com ||, ||jza...@bywatersolutions.com ||, ||ke...@bywatersolutions.com, ||sbr...@bywatersolutions.com -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
