This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
admin:users [2019/03/27 17:43] tmccanna |
admin:users [2020/08/31 10:47] (current) tmccanna |
||
---|---|---|---|
Line 2: | Line 2: | ||
Local Admins have overall responsibility for creating, updating, and maintaining all staff accounts for their system except for CatCoord, Cat1, and LocalAdmin accounts. CatCoord, Cat1 and LocalAdmin accounts may only be created and updated by PINES staff at the request of the library system' | Local Admins have overall responsibility for creating, updating, and maintaining all staff accounts for their system except for CatCoord, Cat1, and LocalAdmin accounts. CatCoord, Cat1 and LocalAdmin accounts may only be created and updated by PINES staff at the request of the library system' | ||
+ | |||
+ | The PINES/GPLS staff strongly recommends the use of personalized Evergreen accounts for logging | ||
+ | into staff functions. This eases troubleshooting and allows library staff to audit particular staff | ||
+ | members actions, and provides a more secure and accountable system. Use of generic logins (e.g. | ||
+ | " | ||
* [[circ: | * [[circ: | ||
* [[circ: | * [[circ: | ||
+ | * [[circ: | ||
+ | |||
+ | < | ||
+ | accounts are one and the same. Some staff users have gotten confused when they change their | ||
+ | password via the OPAC and are then unable to login to the staff client, for instance.</ | ||
+ | |||
+ | ===== Hierarchical Permission Structure ===== | ||
+ | |||
+ | Evergreen employs a hierarchical permissions structure in which " | ||
+ | settings from " | ||
+ | the " | ||
+ | inherited by all " | ||
+ | and " | ||
+ | subgroup members. In the case of the " | ||
+ | is granted to the " | ||
+ | are then assigned to individual users. See the diagram below for a visual representation of this | ||
+ | structure. | ||
+ | |||
+ | [{{ : | ||
+ | |||
+ | Assigning a permissions group to a user grants them all of the permissions in the tree. This means that | ||
+ | a LibraryManager assignment equates to granting all permissions in User + Staff + Administrator + | ||
+ | LibraryManager, | ||
+ | |||
+ | ===== Permissions Scopes ===== | ||
+ | |||
+ | Evergreen permissions are " | ||
+ | system or branch. In PINES, there are three scopes: 1. Consortium: the permission applies to the staff | ||
+ | member at any location in PINES. 2. System: the permission applies to any location within the library | ||
+ | PINES Local System system at which the staff member works 3. Branch: the permission applies to the individual library at which the staff member works. | ||
+ | |||
+ | ===== Adding Custom Permissions ===== | ||
+ | |||
+ | Staff users are assigned a set of permissions and for the Administrator class of users, some of those | ||
+ | permissions are grantable. A grantable permission is one that an administrative user can grant | ||
+ | individually to a single user. This is done in the Administration > User Permission Editor interface by | ||
+ | entering the user's library card barcode and adding checkboxes beside the appropriate permissions. | ||
+ | |||
+ | <note warning> | ||
+ | caution when doing so, as customized permissions may cause problems down the line. For | ||
+ | example, if a staff member changes employment positions at a library, her/his permissions | ||
+ | profile group may change, but any custom permissions will continue to be assigned unless | ||
+ | manually removed by the LocalAdmin. It would be beneficial to keep a record of such | ||
+ | individualized changes.</ | ||
+ | |||
+ | Locally-assigned permissions override permissions assigned " | ||
+ | example, if the Circ2 profile has VIEW_USER assigned at the Consortium scope, and you | ||
+ | assign that same permission to a specific Circ2 at the Branch scope, that staff member will be | ||
+ | limited to viewing/ | ||
+ | |||
+ | Permissions assigned at the permissions profile group level are not able to be removed on a per user | ||
+ | basis. LocalAdmins must assign a profile with fewer permissions to decrease the permissions level of | ||
+ | a user. | ||
+ | |||
+ | ===== Context Matters: Working Location and Workstation ===== | ||
+ | |||
+ | **Working Location** | ||
+ | |||
+ | Evergreen permissions rely on the user's " | ||
+ | |||
+ | For staff such as LocalAdmins or Cat1s, who may need to administer or perform work at more than one location, each relevant location must be selected. | ||
+ | |||
+ | **Workstation** | ||
+ | |||
+ | The other context Evergreen uses is the workstation location. See [[admin: | ||
+ | ===== Personal Device Policy ===== | ||
- | While the following resources are not required for PINES catalogers, they do provide additional information that may be useful. | + | If an employee needs to use a personal device to access |
- | IFLA Study Group on the Functional Requirements for Bibliographic Records. 2009. http:www.ifla.org/ | + | [[admin:personal-device|PINES Personal Device Policy]] |