[OPEN-ILS-GENERAL] Help with Security

Stuart Miller stuartwm at uchicago.edu
Mon Jun 30 16:01:53 EDT 2008 

Our Library is attempting to evaluate Evergreen functionality for a large academic. I have been trying to figure out how security is set up and am running into some walls. Answers to any of the following would be helpful-any assistance/advice  would be greatly appreciated. I have a feeling that the administrative features/configuration options of Evergreen are not particularly intuitive and that getting some  basic training from a support vendor would be the easiest way to answer these questions. If anyone out there thinks that really is the best approach, we'd appreciate your frank advice. Thanks.

Stuart Miller
Library Systems Analyst
University of Chicago


1. I assume that the "user group" is a feature that allows for grouping of various individual permissions into one setting so that upon registration, a user (meaning either patrons or staff members) could be assigned to a group and nothing more would be needed. If in fact that is true, I cannot find what the documentation wiki identifies as the "Permission Editor in the bootstrap interface" which is where I assume I can see what permissions are attached to what groups-and where I could create new groups. Is this anywhere near correct? If so, where is the bootstrap interface to be found? I asked our programmer/installer about this and he had no idea what this meant.

2. I found a list of permissions and what they mean in the documentation wiki and also found where these can be applied in the client. However, it is not exactly clear as to how these work in conjunction with the defined locations. I see a location list as we have defined them and then for each permission, there is a drop-down under the label "Depth" which contains only a few locations. It could well be that we do not understand the location structure, but from what I see, only the working location makes sense. I further assume that the working location enables the user to perform the designated functions for items AT that location from a workstation linked to that location--is that correct? And if if there is a link between a permission and a user that involves the location, what does the client workstation link/location have to do with anything?  Is it intended as an extra layer of security?

3. For each permission, there is checkbox for "Applied". If the group to which the user is assigned actually contains permissions, then why am I not seeing the boxes checked since the user is already assigned to a group when s/he was registered? But maybe the user group enables OTHER actions? I did figure out that you had to use Circulation's Register Patron feature to establish a staff record in order to use the User Permission Editor.

4. I assume "Grantable" means that the user so-granted can come in and assign the same permission to another user. Is that correct?

5. How is it that the admin login we have is NOT also a patron? Or is this a hard-coded feature?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://list.georgialibraries.org/pipermail/open-ils-general/attachments/20080630/460adbd6/attachment.html

More information about the Open-ils-general mailing list