Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Users with browse permissions can delete inventory records

Description

Overview:
Call number browse: View permissions and Subject browse: View permissions contain reference to ui-inventory.all-permissions.TEMPORARY. As a result, the users who have browse permissions only can delete inventory records.

Expected Results:
User with browse permissions should be able to browse and see the inventory records but not be able to delete or edit
Actual Results:
User with browse permissions should be able to browse and see the inventory records and are able to delete or edit
Additional Information:
ui-inventory.all-permissions.TEMPORARY should be replaced with ui-inventory.instance.view (Display name: Inventory: View instances, holdings, and items)

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Attachments

4

Checklist

hide

TestRail: Results

Activity

Show:

Magda Zacharska January 11, 2023 at 11:23 PM
Edited

Added for the actions menu behavior.

Yauheniya Kryshtafovich January 5, 2023 at 1:13 PM

Hi, and the story is verified on Snapshot-2:
1. User with only "Call number browse: View permissions" cannot modify, add or delete records in "Inventory" app:


2. User with only "Subject browse: View permissions" cannot modify, add or delete records in "Inventory" app:

User with only browse permissions in "Actions" menu has option "View request", is it correct?

Done

Details

Assignee

Reporter

Priority

Story Points

Sprint

Development Team

Firebird

Fix versions

RCA Group

Incomplete/missing requirements

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs
Created December 19, 2022 at 5:27 PM
Updated June 14, 2023 at 6:38 PM
Resolved January 11, 2023 at 11:23 PM
TestRail: Cases
TestRail: Runs