http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=8215
--- Comment #37 from Kyle M Hall <[email protected]> --- > Permissions related: > - if one wanted to delegate ADD/DEL reserves permissions without also the > manage(ADE/EDIT?DEL) courses permission, that can't be done. Without manage > courses, course_reserves is not an accessible page, so one can't get to the > links to add/del reserves. This should be fixed in this new patch. > - Also, while i had permissions to delete reserves, I copied the url of the > remove link to the clipboard. then i removed the staff permssion allowing > delete reserves. i logged in as staff and saw only the edit link (no > remove), BUT I pasted the remove action url from my clipboard and the delete > worked. So a check needs to be in the script/controller/security layer to > see what is an accepted action. The same probably goes for courses. Also fixed in the new patch. > - Maybe the TERM and DEPARTMENT could be added to the optional data that > folks choose to load. The future testers would be helped. We could definitely do this, but the values for TERM and DEPARTMENT are so library-specific that any data we add would certainly not be usable out of the box. I think it is just as good if not better to just document them as part of the setup process in the manual. > - I don't know the repercussion of having no library set. (NULL in columns?), > You might want a check and popup to prevent adding rows unless a library is > set. There are no repercussions for not having a library set. None of the code for this feature uses the logged in user's set branch for anything, so no worries there! -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
