After selecting the option to add a group or a user an input form will be displayed:
Enter the name of the new group (free text) OR select a user from the dropdown list.
After clicking the next form displayed will depend on the selection of group or user:
User - select the appropriate profile(s):
Group - select the appropriate users that will belong to this group, then select the appropriate profile(s):
After selecting the option to view the settings for a user, a selection form will be displayed:
Select a user from the dropdown list (these are the users as defined in AFO 611) and click . The system returns with a list of groups / permissions applicable to this user:
Below is a description of the steps the system takes to verify the permissions in the application, when users try to perform a certain action.
Retrieval of the permission profile
For the verification of the permissions, the permission profile to be used must be selected:
The record type and record status are used to obtain a list of valid permission profiles for that type and status within the database.
The system will check all permission profiles that can be applied for the given user and record type/status, and always take the most restrictive permission. So if for instance two permission profiles can be applied in which a field may be modified according to the first one, but not to the second one, the second profile rule will apply.
The verification of the permissions for the different cataloguing actions is implemented as follows:
· Addition of a new record
The permission is checked based upon the record type
· Modification of an existing record
The permission is checked based upon the record type and record status
· Removal of an existing record
The permission is checked based upon the record type and record status
· Modification of the technical data of an existing record
The permission is checked based upon the record type and record status
· Copy of an existing record
Only allowed if addition of a record of the record type is allowed
· Merge of an existing record
Only allowed if addition, modification and removal of this record type/status is allowed.
· Global delete (from SSP functions)
Record deletion will not be allowed when the user has no permissions for it
Once permission has been given to add or modify a record, the permission checks are done at the field level:
· Addition of a new field
If not allowed, the field will not be shown in the list that is obtained with Ctrl-F5, and if the field is typed in manually, it will be refused upon saving.
· Modification of an existing field
If not allowed, the field will be protected in the record editor. If the field contents should not be visible they are displayed as stars and the field will be protected.
· Removal of an existing field
If not allowed, the field will be protected in the record editor. If the field contents should not be visible they are displayed as stars and the field will be protected.
Addition, modification and removal of relations through the relations group on the record overview screen will be verified based upon record type, record status and the field that is used to store the relation internally.
Authority controlled fields
If an authority controlled field is created or updated, and if the user has no permission for the creation of new headings, then (s)he will only be able to use existing authorities for the bibliographic field. Any attempt to enter a new authority, or change an existing one, will be refused in that case.