[Koha] Intranet Security

[paul POULAIN]

Joshua Ferraro wrote:

>I have been thinking about the current intranet security setup whereby any staff member can access any part of the intranet.  Is this the policy in the libraries that are currently using Koha?  It may be important to some of the larger systems (where more than a dozen people are using the intranet) to increase the levels of password protection.  My concern is less of a control issues and more of an "oops I just deleted our main branch" issue.  Even adding one more layer by seperating the admin from the normal staff functions might be useful.  Even better, maybe users could be added and given "permission" to access parts of the intranet.  What does everyone think?
>Joshua
>
Hi Joshua,

I've one good and one bad new :-)
the bad being you're wrong.
the good being you're wrong :-)))
In the members area, you have an option (bottom left : modify user flag 
) to choose between 11 differents actions a librarian can do in the DB :

FLAGS
superlibrarian Access to all librarian functions
circulate Circulate books
catalogue View Catalogue (Librarian Interface)
parameters Set Koha system paramters
borrowers Add or modify borrowers
permissions Set user permissions
reserveforothers Reserve books for patrons
borrow Borrow books
reserveforself Reserve books for self
editcatalogue Edit Catalogue (Modify bibliographic/holdings data)
updatecharges Update borrower charges


Note that all users can't do anything by default : most users are just 
borrowers, not librarians.

-- 
Paul POULAIN
Consultant indépendant en logiciels libres
responsable francophone de koha (SIGB libre http://www.koha-fr.org)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.katipo.co.nz/pipermail/koha/attachments/20030422/12a2e4ec/attachment-0001.htm