Inventory - Permissions. View Instance records which are marked as Staff suppress
CSP Request Details
CSP Rejection Details
CSP Approved
Description
Environment
Potential Workaround
defines
is blocked by
relates to
Checklist
hideTestRail: Results
Activity
Charlotte Whitt October 18, 2019 at 11:39 AM
Following up on @Cate Boerema's comment in MODINV-167, I have reassigned this story to the Core Functional team.
CC: @Khalilah Gambrell
Khalilah Gambrell October 17, 2019 at 12:43 PM
Moving this issue to the backlog. cc: @Tetyana Afanasyeva and @Oleksandr Antonenko
Zak Burke October 17, 2019 at 12:22 PM
I was unaware of MODINV-167.
My comment was in the context of PR #735 which implements this permission as an exact copy of ui-inventory.instance.view. IOW, because there is no back-end support for this kind of permission (an instance record is an instance record is an instance record; it doesn't matter whether its staff_suppress value is "true" or "false" any more than if its title field is "Hamlet" or "Bill and Ted's Excellent Adventure"; they're all just instance records from the point of view of permissions), the only possible implementation I considered was constructing different queries based on the presence or absence of this permission.
If we're going to handle this on the backend, that's great ... but the same issue applies, it just moves the responsibility for all the work to construct such queries to the backend.
Marc Johnson October 17, 2019 at 10:55 AM
@Zak Burke As is being discussed on [MODINV-167], I think there will need to be a difference on the server side. Or are you proposing client side filtering of the records?
Zak Burke October 17, 2019 at 10:34 AM
It's important to note that they way this feature is implemented in the backend, there is no difference in the actual, server-enforced permissions between the psets "Inventory: View instances, holdings, and items" and "Inventory: View instance records being suppressed for staff". When a user views records without the latter pset, we will have to change those queries to filter out the suppressed records.
Details
Details
Assignee
Reporter
Tester Assignee
Labels
Priority
P4
Purpose: In the instance record, it's possible to mark the instance record, that it should not be displayed for staff - that means typical only viewable for catalogers, who are working on a draft record, etc. To support who can view these records, we need a permission that allows users (typical catalogers) to view instance records being check marked as 'Staff suppress'.
Usecase: Permission in Users to enable/disable the view of staff-suppressed instance records
Scenarios:
Scenario
Login to FOLIO Snapshot
Given the Inventory module
When enabled
Then a logical permission should be provided called "Inventory: View instance records being suppressed for staff"
Scenario
Given User A has been given the permission "Inventory: View instance records being suppressed for staff"
When User A accesses FOLIO
Then:
The Inventory app should be visible in the top navigation bar
The Inventory app should be fully accessible to User A, meaning User A can:
Search and filter instance, holdings and item records
View Instance records in detailed screen
View Instance records, which are being marked as suppressed for staff
View filter for Staff suppress in 1st pane - see https://folio-org.atlassian.net/browse/UIIN-289#icft=UIIN-289
Scenario
Given User A has been given the permission "View instance records being suppressed for staff" as part of a custom permission set
When User A accesses FOLIO
Then User A should have all rights normally conferred by this permission (see scenario 2) plus whatever additional rights conferred by the users custom permission set.