Permission escalation for override

Current situation or problem:
Sometimes, users will want to perform actions in FOLIO that they are not permitted to perform. A supervisor may want to temporarily escalate permissions for the user, instead of performing the action themselves on their own machine (or going over to the user's machine and logging them out and logging in on that machine).

In scope

• Decide on approach for permission escalation
• Implement for at least check out override

Out of scope

Use case(s)

• Mostly in circulation, for customer service needs that are time-sensitive. Nov. 25, 2020 product owner meeting didn't have many use cases other than circulation for needing to escalate a user's permissions.

Proposed solution/stories

• Vega developers have proposed approach in CIRC-882

Links to additional info

• Slides: https://docs.google.com/presentation/d/1rRsyPN-uqKcDkpoaE490bcHX-JoAdtNKmNlXY7eaBlE/
• Comments from Holly: Decide on approach FOLIO should take on permission escalation. This is what happens if there is an Override button but the logged in user doesn't have permission to do an override. In most cases a supervisor would then do the override. There are several different ways this could be handled. Vega is looking into options as part of the feature to do overrides for item blocks and patron blocks, but we need a solution for all of FOLIO. Vega will work with the tech leads to discuss the various options (see CIRC-882) and then Darcy/Holly will discuss the options with the RA SIG and POs (who will then discuss the options with their SIGs if needed). This has to be a FOLIO-wide decision.

Questions

• Will users now be able to see actions they don't have access to?
• Can we implement this only a few actions at a time?
  • Overrides, where a user has been interrupted during an action they can usually perform (check out, renewal), may be most important