Hi, On Tue, Apr 8, 2008 at 9:43 AM, Henri-Damien LAURENT <[EMAIL PROTECTED]> wrote: > Very good. > just a question. > How hard would it be to add permisions to a simple link/action ?
I don't think this will be hard to do - just time consuming, given the number of functions that Koha users may want to have sliced and diced. For most scripts, the pattern is to call get_template_and_user very early; I think that will change so that first the script determines what operation is to be done, then set up the flagsrequired hash appropriately. > Say : > I want to A to make a basket but not to close it (in Acquisition module). > Only B has the right to close a basket. > following your schema, I could add close_Basket Permission and maybe use > Template::Expr to test the permission in template. The way I've designed it, you don't need to use Template::Expr; there would a separate binary CAN_user_XXX_YYY for each specific permission. I think most of the work of implementing specific privileges for acquisitions, circulation, and cataloging will be carefully adjusting the templates so that a user with limited privileges doesn't get dumped into the login page unexpectedly. > And I have a big trouble : > Who, when, how will be maintained the list of all the permissions ? > My proposition is that mysql/en/permissions.sql should be authoritative. Agreed. > But it should be accounted that it HAS to be translated. Agreed. I added a mysql/fr-FR/1-Obligatoire/userpermissions.sql as a placeholder in parallel with the existing userflags.sql, but I don't view that as a long-term solution. I'll think about it and see if I can come up with a general approach for exposing strings that are stored in the database to the translation mechanism. > And somehow it should be declared on the wiki, just as all the ccl terms > and indexes. Agreed. I propose a few conventions for the permissions codes (which I admittedly haven't been 100% consistent about in the list for tools): * view_XXX = view record type XXX * edit_XXX = edit record type XXX * first word or word group in the code is a verb * don't put in a negative, e.g., don't have something like 'cannot_edit_orders'. A permission should be a positive grant of a privilege. Regards, Galen -- Galen Charlton Koha Application Developer LibLime [EMAIL PROTECTED] p: 1-888-564-2457 x709 _______________________________________________ Koha-devel mailing list Koha-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/koha-devel
