Versions Compared

Old Version 7

changes.mady.by.user Jana Freytag

Saved on

compared with

New Version Current

changes.mady.by.user Molly Driscoll

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Date

...

Functional Area

Product Owner

Planned Release (if known)

Decision Reached

Reasoning

Link to supporting materials

Comments

e.g. loans, fees/finesNamee.g. Q4 2018, Q1 2019Clearly stated decision
  • Because...
  • Because...
e.g. mock-up, JIRA issue




























Notes

  • PC Announcements, Sharon Wiles-Young
    • Links in agenda
    • Friday, 1/29, 10 AM EST: Mike and the Governance Committee are going to give an overview of the Governance Model.
      • Will address questions.
    • Anton et al are looking at the testing process; thinking of moving some testing after sprint reviews to avoid finding issues so late in the process (Bugfest) in future.
  • User permissions discussion, Erin Nettifee
    • Slide deck in agenda
    • Intention is to provide background info on permissions and foster discussion on the topic.
    • FOLIO permissions are granular, with several little pieces: some hidden, some visible.
    • Permission attributes: all permissions have some/all of these values.
      • permissionName: can be very lengthy, typically contains an action verb; acts as unique identifier.
      • displayName: what appears in the UI (permission picker plugin); required if a visible permission.
      • Description
      • subPermissions: cluster of more granular permissions; cannot be discerned in UI
      • visible: dictates whether it appears in the UI (permission picker plugin); only about 10% of all permissions appear in UI unless developer setting has been flipped to show hidden permissions.
        • Note: showing invisible permissions can wreak havoc on user functionality in FOLIO due to sheer volume – UI not meant to handle that – but you can turn on to poke around test
      • Permissions v. permission sets
        • Confusing concept/terminology
        • Don’t worry about the difference; people tend to use terms interchangeably.
          • Use permission sets explicitly when talking about building in user settings.
        • Some institutions are worried about sub-permissions.
      • Questions & discussion:
        • Andrea L.: So how do we find what sub-permissions are assigned?
          • Github – even showing invisible permissions in UI does not show sub-permissions.
        • Amelia S.: If there is no specified "visible" field is the value is assumed false?
          • Correct; there needs to be an explicit true for the permission to display in the UI.
        • Mark C.: Has there been any thought given to delivering FOLIO with default permission sets?
        • How are permissions managed upgrade to upgrade?
          • Adding functionality in Iris to migrate built in permissions to address changes/deprecation.
          • Does not help with new permissions, but new permissions should be documented by POs in release notes for each version.
        • Anya: How do we rectify dependent permissions? E.g. if you need inventory permissions for courses, what is the “rippling” impact?
          • com/folio-org
          • If a module has mod- prefix, typically back-end (usually hidden permissions)
          • If a module has ui-prefix, typically front-end (usually visible permissions)
          • Courses had both a mod- and a ui- module
            • Look in package.json (sometimes names differently)
            • Has lots of information about permission sets and sub-permissions and when those overlap between apps
          • Need to have communication between practitioners and developers to have a permission set that reflects the need/desired behavior while working within the bounds of what FOLIO allows.
        • Erin: What kind of documentation do we want/need for permissions?
          • Role-based permission set advisory
          • Descriptions displayed in tool-tip – helpful for many things in FOLIO
            • Name, description, sub-permissions, visibility included in documentation
            • Erin showed spreadsheet maintained by POs. Might not be super accessible, but could be adapted for a better format with PO buy-in and consultation with Marcia.
            • Keeping this up to date and more visible is a good interim solution
          • David: More inclined to be generous with permissions if system logging of operator actions is improved.
            • g. not just logging renewals, but logging operator of a due date change.
            • Circulation log may help bridge that gap with RA-related actions
          • Are there permissions that are missing that are required by your institution?
            • Permission restrictions when off duty.
              • Would need to be facilitated by hosting provider based on location, rather than schedule.
              • IP or VPN restriction – depends on campus configuration
              • 2 factor authentication setup
            • Restrictions by service points were discussed but have not gained momentum.
  • Please add topics for Thursday's meeting. We will be discussing documentation but would like more granular topics.