Current problem: Users with assigned permission sets are not able to edit a shared instance from a member tenant, despite the permission set having the necessary permissions. When the individual permissions are assigned, then the user is able to edit the shared instance. There appears to be an issue with the permission sets. See the attached screencasts for an example of the assigned permission sets not working, and it working as expected with individual permissions.

Notes:

• This used to be working

• Reproduced in Poppy Bugfest (see screencasts) - also reproduced in Quesnelia bugfest

Reported example:

Preconditions:

• Authorized user with the following affiliations/permissions:

  • Primary Affiliation = Member A

    • Permissions include "quickMARC: View, edit MARC bibliographic record" and “Inventory: View, create, edit instances”

  • Shadow Affiliation = Central tenant

    • Permissions include "quickMARC: View, edit MARC bibliographic record" and “Inventory: View, create, edit instances”

• The system must contain shared "Instance" records.

• User is on the main page of "Inventory" app in the Member A tenant.

Steps to Reproduce:

1. Click on the "Shared" accordion button and check thе "Yes" checkbox from expanded accordion.

2. To view the "Instance" record, click on it at result list.

3. Click on the "Actions" dropdown button on the shared instance record.

Expected Results: The “Edit instance” and “Edit MARC bibliographic record” actions are present. The “Edit MARC bibliographic record” action is only present when source = MARC.

Actual Results: Neither action is present on shared instances in the member tenant. The actions are present on local instances in the member tenant and on shared instances in the Central tenant.

Critical service patch details

1. Describe issue impact on business - Users with assigned permission sets are not able to edit a shared instance from a member tenant, despite the permission set having the necessary permissions.

2. What institutions are affected? (field “Affected Institutions” in Jira to be populated) - MOBIUS; All ECS.

3. What is the workaround if exists? Recreate all permissions sets using individual permissions for each user. This workaround would be tedious and unsustainable for the amount of users for a site like MOBIUS.

4. What areas will be impacted by fix (i.e. what areas need to be retested) - ui-inventory

5. Brief explanation of technical implementation and the level of effort (in workdays) and technical risk (low/medium/high). - when checking central tenant permissions, also check subPermissions, that permission sets may contain. Level of effort - 1 workday. Technical risk - low .

6. Brief explanation of testing required and level of effort (in workdays). Provide test plan agreed with by QA Manager and PO.  - Low effort.

7. What is the roll back plan in case the fix does not work? Revert to previous version.