[OPEN-ILS-GENERAL] All permission groups deleted?

Rogan Hamby rhamby at esilibrary.com
Tue Jul 5 16:28:33 EDT 2016 

There aren't visibility flags for hiding permission groups in the staff
client, no.

I can imagine something like a major hardware failure corrupting data and
perhaps doing this though it's unlikely.  With that said unlikely things
happen routinely somewhere with all the servers running in the world.

A person with database rights could certainly accomplish it but it would be
purely armchair theorizing with no evidence to say what a person might have
done.



On Tue, Jul 5, 2016 at 4:05 PM, Walz, Jennifer <jlwalz at asbury.edu> wrote:

> All,
>
>
>
> Yes.   Something very badly and horrible has gone wrong.    Right now in
> our staff client, the Staff group is gone.     To top that off, now the
> system is down and no one can get in.  <sigh>    People with more knowledge
> than I have are working on it and we are hopeful it will be back to normal
> soon.
>
>
>
>   Still, it should have been “impossible” for these to be deleted as a
> whole group since, as you say, the permissions themselves were actually
> assigned.     Is it somehow possible in the staff client to make them not
> SEEN?   I’m just picking at straws here, trying to figure out the steps
> that led us here.
>
>
>
> Thanks!
>
>
>
> Jennifer
>
> --------------------------------------------------
> Jennifer Walz, MLS - Head of Inconceivability
> Kinlaw Library -  *Asbury University*
> One Macklem Drive, Wilmore, KY 40390
> 859-858-3511 ext. 2269
> jlwalz at asbury.edu
>
>
>
>
>
>
>
> *From:* Open-ils-general [mailto:
> open-ils-general-bounces at list.georgialibraries.org] *On Behalf Of *Rogan
> Hamby
> *Sent:* Tuesday, July 05, 2016 3:54 PM
>
> *To:* Evergreen Discussion Group
> *Subject:* Re: [OPEN-ILS-GENERAL] All permission groups deleted?
>
>
>
> Hi Jennifer,
>
>
>
> With the caveat of anything is theoretically possible if an admin has done
> bizarre thing x, y and z ....
>
>
>
> Generally Patrons will be a child of Users and it would be impossible to
> delete Users and Patrons still exist.  It's kind of like yanking the
> foundation out from under a building and the building not moving.
>
>
>
> You can certainly delete groups and permissions be in the system.
> Permission Groups and Permissions are totally separate things.  Permission
> Groups are a label, say Catalogers, that have Permissions associated with
> them.  However, permission groups have constraints against a number of
> other tables.  It would non-trivial to delete them if they are used in
> holds rules, circ rules, assigned the users/patrons, etc...
>
>
>
> I'm echoing Thomas a bit here but what you're describing sounds very
> unlikely.  What ever appears to be happening from the staff client level is
> most likely, at the very least, not the whole story.  If you don't have
> database level access to your system you need to contact someone who does
> to investigate what is happening.
>
>
>
>
>
>
>
>
>
> On Tue, Jul 5, 2016 at 1:09 PM, Walz, Jennifer <jlwalz at asbury.edu> wrote:
>
> Thomas,
>
>  Very interesting!     And completely confusing.     What I think you are
> saying is that it is possible to delete the GROUP, but meanwhile all the
> actual permissions are still in the system?
>
>   When evergreen was started, it has two main permission groups.
> Patrons and Users.    Our patrons group is still there, but the whole group
> of Users is gone and as far as I can tell, so are the actual permission
> profiles that were under that group.    Cataloger, Catalog Administrator,
> Circulation Administrator, Systems Administrator, etc.
>
>  It would seem to me that what you are saying makes sense, that of course
> you cannot delete the actual permission profile if there are users attached
> to that profile.   But is it possible to delete the whole group AND all the
> permission profiles underneath can go away?
>
>   Thanks!
>
> Jennifer
>
>
>
> -----Original Message-----
> From: Open-ils-general [mailto:
> open-ils-general-bounces at list.georgialibraries.org] On Behalf Of Thomas
> Berezansky
> Sent: Tuesday, July 05, 2016 12:14 PM
> To: Evergreen Discussion Group
> Subject: Re: [OPEN-ILS-GENERAL] All permission groups deleted?
>
> All the permission assignments are in the database, not the file system.
>
> Taking a very quick look it appears that deleting a group assigned
> directly to a user should fail due to key constraints, but deleting a group
> only assigned to users as a secondary mapping (permission.usr_grp_map
> table) would be possible.
>
> Thus, in addition to getting your missing rows out of the
> permission.grp_tree table you would need to get the missing
> permission.grp_perm_map entries and permission.usr_grp_map entries.
>
> If your permissions are still working, though, I would instead assume that
> something happened to make them not show up where you expect them. Have you
> checked at the database level to see that they are, in fact, gone, and it
> isn't just that permission to touch those groups isn't assigned properly?
>
> Thomas Berezansky
> Assistant Network Administrator
> Merrimack Valley Library Consortium
> 4 High ST, Suite 175
> North Andover, MA 01845
> Phone: 978-557-8161
>
> -----Original Message-----
> From: Open-ils-general [mailto:
> open-ils-general-bounces at list.georgialibraries.org] On Behalf Of Walz,
> Jennifer
> Sent: Tuesday, July 05, 2016 11:54
> To: Evergreen Discussion Group <open-ils-general at list.georgialibraries.org
> >
> Subject: [OPEN-ILS-GENERAL] All permission groups deleted?
>
> All –
>
>
>
> So, what happens when all the staff permission groups are deleted?    How
> is it that people can still login to the system?   Staff with “cataloger”
> permissions and “circ” permissions and so forth?   What happens when they
> try to login with that account?   Does evergreen ‘assign’ them some other
> type of permission?     Our patron permissions group is fine.   Our staff
> group got obliterated.
>
>
>
> And how do you get the permissions all back?    We have the server backed
> up.  Where do these reside and can you copy them back onto the current
> working server?   File location?
>
>
>
> Thanks!
>
>
>
> Jennifer
>
> --------------------------------------------------
> Jennifer Walz, MLS - Head of Insanity
> Kinlaw Library -  Asbury University
> One Macklem Drive, Wilmore, KY 40390
> 859-858-3511 ext. 2269
> jlwalz at asbury.edu
>
>
>
>
>
>
>
>
> --
>
> --------------------------------------------------------------
>
> Rogan R. Hamby, Data and Project Analyst
>
> Equinox - Open Your Library
>
> rogan at esilibrary.com
>
> 1-877-OPEN-ILS | www.esilibrary.com
>
>
>



-- 
--------------------------------------------------------------
Rogan R. Hamby, Data and Project Analyst
Equinox - Open Your Library
rogan at esilibrary.com
1-877-OPEN-ILS | www.esilibrary.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://libmail.georgialibraries.org/pipermail/open-ils-general/attachments/20160705/0f3827bc/attachment.html>

More information about the Open-ils-general mailing list