<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Fri Feb 09 00:41:44 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[UXPROD-4681] Create a permission to limit access to aspects of user data.</title>
                <link>https://folio-org.atlassian.net/browse/UXPROD-4681</link>
                <project id="10000" key="UXPROD">UX Product</project>
                    <description>&lt;p&gt;&lt;b&gt;Current situation or problem&lt;/b&gt;:&lt;/p&gt;

&lt;p&gt;As a system administrator i require the ability to restrict access to specific fields in the user record so they are not visible to general users.&#160;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;In scope&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;Adding a permission that restricts hides the address field on a user record. Only system users with the permission applied would be allowed to view the information in those fields.&lt;/p&gt;

&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Preferred solution:&lt;/b&gt;&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Provide a one - three user permissions allowing you a create view levels to user information.&lt;/li&gt;
	&lt;li&gt;Provide a user interface that would allow you to select what fields should be hidden form standard users.&lt;/li&gt;
	&lt;li&gt;Provide a user interface that would allow you to select what fields should be displayed to the each of the above permission levels.
	&lt;ul&gt;
		&lt;li&gt;The interface should allow you to show all addresses, or just specific address types. The same pattern would be used for custom data.&#160;&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
	&lt;li&gt;All api external api calls would also remove all fields that the use does not have permissions to see.&lt;/li&gt;
	&lt;li&gt;When editing a user the &quot;hidden&quot; fields would not be displayed nor would they be changed if a user did not have the required permission.
	&lt;ul&gt;
		&lt;li&gt;Example: User A does not have permissions to view home addresses. User A opens user B&apos;s record and updates their local address. While editing the record user A can not see nor knows if user B has a home address. When the record is saved the Home address information remains intact.&lt;/li&gt;
		&lt;li&gt;Example 2: User A does not have permissions to view home addresses. User A opens user B&apos;s record to add a home address to their account. User A can not add a home address as it is not listed as an option in the Address type dropdown.&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Short term solution:&lt;/b&gt;&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Hide address information by default; no matter what the address type.&lt;/li&gt;
	&lt;li&gt;Provide a single permission that makes address information visible.&#160;&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Considerations:&lt;/b&gt;&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Exports via the UI should abide by all permissions added.&lt;/li&gt;
	&lt;li&gt;Bulk edit should be aware of any restrictions and not allow the viewing of or changing of restricted patron information.&lt;/li&gt;
	&lt;li&gt;The lists app should be aware of any restrictions and not display any restricted information.&lt;/li&gt;
	&lt;li&gt;Emails and automated communications should have unrestricted access to user information.&#160;&lt;/li&gt;
	&lt;li&gt;Print notices, pull slips, ui side reports should all honor user data restrictions.&#160;&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;&#160;&lt;/p&gt;

&lt;p&gt;&lt;b&gt;Interested parties:&lt;/b&gt;&lt;/p&gt;

&lt;p&gt;Cornell&lt;/p&gt;</description>
                <environment></environment>
        <key id="12980">UXPROD-4681</key>
            <summary>Create a permission to limit access to aspects of user data.</summary>
                <type id="10002" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10322?size=medium">New Feature</type>
                                            <priority id="10005" iconUrl="https://dev.folio.org/assets/jira-priority/tbd.svg">TBD</priority>
                        <status id="1" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/open.png" description="The issue is open and ready for the assignee to start work on it.">Open</status>
                    <statusCategory id="2" key="new" colorName="blue-gray"/>
                                    <resolution id="-1">Unresolved</resolution>
                                                        <assignee accountid="-1">Unassigned</assignee>
                                                                <reporter accountid="557058:eb198214-3032-45c9-9781-9967c26deb3f">Thomas Trutt</reporter>
                                    <labels>
                            <label>permissions</label>
                            <label>usermanagement</label>
                    </labels>
                <created>Fri, 2 Feb 2024 18:19:59 +0000</created>
                <updated>Mon, 5 Feb 2024 18:24:39 +0000</updated>
                                                                                <due></due>
                            <votes>0</votes>
                                    <watches>1</watches>
                                                                        <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10168"><![CDATA[None]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10063" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>PO Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10106" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>RCA Group</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10367"><![CDATA[TBD]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i09aew:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    </customfields>
    </item>
</channel>
</rss>