Uploaded image for project: 'UX Product'
  1. UX Product
  2. UXPROD-2645

Permission escalation for override

    XMLWordPrintable

Details

    • Supervisor logs in and performs a regular override.
    • Vega
    • 1
    • 49
    • R4
    • R2
    • R3
    • R2
    • R3
    • R2
    • R4

    Description

      Current situation or problem:
      Sometimes, users will want to perform actions in FOLIO that they are not permitted to perform. A supervisor may want to temporarily escalate permissions for the user, instead of performing the action themselves on their own machine (or going over to the user's machine and logging them out and logging in on that machine).

      In scope

      • Decide on approach for permission escalation
      • Implement for at least check out override

      Out of scope

      Use case(s)

      • Mostly in circulation, for customer service needs that are time-sensitive. Nov. 25, 2020 product owner meeting didn't have many use cases other than circulation for needing to escalate a user's permissions.

      Proposed solution/stories

      • Vega developers have proposed approach in CIRC-882

      Links to additional info

      • Slides: https://docs.google.com/presentation/d/1rRsyPN-uqKcDkpoaE490bcHX-JoAdtNKmNlXY7eaBlE/
      • Comments from Holly: Decide on approach FOLIO should take on permission escalation. This is what happens if there is an Override button but the logged in user doesn't have permission to do an override. In most cases a supervisor would then do the override. There are several different ways this could be handled. Vega is looking into options as part of the feature to do overrides for item blocks and patron blocks, but we need a solution for all of FOLIO. Vega will work with the tech leads to discuss the various options (see CIRC-882) and then Darcy/Holly will discuss the options with the RA SIG and POs (who will then discuss the options with their SIGs if needed). This has to be a FOLIO-wide decision.

      Questions

      • Will users now be able to see actions they don't have access to?
      • Can we implement this only a few actions at a time?
        • Overrides, where a user has been interrupted during an action they can usually perform (check out, renewal), may be most important

      TestRail: Results

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                hollyolepm Holly Mistlebauer
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                  Created:
                  Updated:

                  TestRail: Runs

                    TestRail: Cases