[OPEN-ILS-DEV] User permissions error

[Jason Etheridge]

One thing we tend to overlook with the bootstrap CGI scripts:  there
is no defensive programming or sanity checking of inputs here, so it's
possible to put your system into an inconsistent state.

For example, let's say you have a perm group tree that looks like this:

Staff
\----- Circulator
\----- Cataloger

And you have a permission called UPDATE_MARC assigned to Cataloger.

If at this point you add UPDATE_MARC to Staff, you could break the
interface, because then Cataloger will have an explicit perm set and
it will also be inheriting the perm from Staff.
The rule here is don't set a permission in an ancestor group if any of
the descendant groups already have that permission set.

If you can't untangle this from the interface you may need to drop
down to the database to clean things up.

Another way you can break things is by not having consecutive depths
in your Org Unit Types.

For example, assume you have Organization Unit Types like so:
Consortium  Depth: 0  Parent: None
System  Depth: 1 Parent: Consortium
Branch  Depth: 2  Parent: System

And you decide you don't want to model your Organization Tree that
deeply, so you delete System, and rename Consortium to be System,
resulting in:
System  Depth: 0 Parent: None
Branch  Depth: 2 Parent: System

You would need to further change the depth for Branch to 1 for this
not to break things.

It's worth mentioning that this interface is being re-implemented and
the new one will be safer to use.

-- 
Jason Etheridge
 | VP, Community Support and Advocacy
 | Equinox Software, Inc. / The Evergreen Experts
 | phone: 1-877-OPEN-ILS (673-6457)
 | email: jason at esilibrary.com
 | web: http://www.esilibrary.com