Introduction: What are invisible permissions?
FOLIO permissions have a concept being either "visible" or "invisible."
Whether a permission is visible or invisible is defined by the developer who creates the permission.
Invisible permissions are generally (though not always):
- Defined in a back-end module, not as part of a user-interface module;
- Extremely granular - they may control one action in one function, for example, fetching a single record type in a single module;
- Not named in a super readable way. They have names like "circulation-rules.storage.get" or"item.record.put".
Visible permissions are generally (though not always):
- Defined in a front-end UI module;
- Groups of very granular (sometimes visible, sometimes invisible) permissions that are clumped together into one permission with one name;
- Defined with a friendly name that displays (via translation) in the FOLIO UI. They have names like "Settings (Users): Can create, edit and remove patron groups" or "Finance: View Ledger"
Why would I want to know about invisible permissions?
Ideally, when you're working in the FOLIO UI, you never have to worry about invisible permissions, because the development process did the work of defining the visible permissions such that they include all the permissions you need to do your work.
However, because FOLIO is in active development, it does happen that you might need to assign an invisible permission to a user in order to troubleshoot a potential bug, or accomplish a workflow piece that can be handled no other way in FOLIO.