Joshua Ferraro wrote:
I have been thinking about the current intranet security setup whereby any staff member can access any part of the intranet. Is this the policy in the libraries that are currently using Koha? It may be important to some of the larger systems (where more than a dozen people are using the intranet) to increase the levels of password protection. My concern is less of a control issues and more of an "oops I just deleted our main branch" issue. Even adding one more layer by seperating the admin from the normal staff functions might be useful. Even better, maybe users could be added and given "permission" to access parts of the intranet. What does everyone think? Joshua
Hi Joshua, I've one good and one bad new :-) the bad being you're wrong. the good being you're wrong :-))) In the members area, you have an option (bottom left : modify user flag ) to choose between 11 differents actions a librarian can do in the DB : FLAGS superlibrarian Access to all librarian functions circulate Circulate books catalogue View Catalogue (Librarian Interface) parameters Set Koha system paramters borrowers Add or modify borrowers permissions Set user permissions reserveforothers Reserve books for patrons borrow Borrow books reserveforself Reserve books for self editcatalogue Edit Catalogue (Modify bibliographic/holdings data) updatecharges Update borrower charges Note that all users can't do anything by default : most users are just borrowers, not librarians. -- Paul POULAIN Consultant indépendant en logiciels libres responsable francophone de koha (SIGB libre http://www.koha-fr.org)