Evergreen in Action

Appendix A: Suggested Profile Permissions

There are well over 500 permissions that can be granted to users in a default installation of Evergreen. Below you will find suggested minimums for four different functional user types within a library: circulation, cataloging, local administration, and patron.

These permissions are not hard and fast. You can add to them. You can even create new permissions that aren't in the default list.

General principles

Access the Permission Groups editor from Admin > Server Administration > Permission Groups

Permissions must be added to a group one by one. The good news is that you only have to do this once. After this, you will just be editing the permission group, adding or removing single permissions as necessary.  

Be careful with Context Location and depth. For many things, a Consortium depth level will be appropriate. For others, only a depth of System will be appropriate (meaning the local library, even if the local library has no branches). For instance, you wouldn't want to give permission to all the librarians in your consortium to delete each others' holdings from the catalog. But you would want a local library to be able to weed her own collection.

Circulation

The basic, useful permissions to add to the permission profile for librarians who will work the circulation desk are:

ABORT_TRANSIT
BAR_PATRON
CANCEL_HOLDS
CHECKIN_BYPASS_HOLD_FULFILL
CIRC_CLAIMS_RETURNED.override
CIRC_OVERRIDE_DUE_DATE
CIRC_PERMIT_OVERRIDE
COPY_ALERT_MESSAGE.override
COPY_BAD_STATUS.override
COPY_CHECKIN
COPY_CHECKOUT
COPY_HOLDS
COPY_IS_REFERENCE.override
COPY_NEEDED_FOR_HOLD.override
COPY_NOT_AVAILABLE.override
COPY_STATUS_LOST.override
COPY_STATUS_MISSING.override
COPY_TRANSIT_RECEIVE
CREATE_BILL
CREATE_CONTAINER
CREATE_CONTAINER_ITEM
CREATE_COPY
CREATE_COPY_NOTE
CREATE_COPY_STAT_CAT
CREATE_COPY_STAT_CAT_ENTRY
CREATE_COPY_TRANSIT
CREATE_HOLD_NOTIFICATION
CREATE_IN_HOUSE_USE
CREATE_MARC
CREATE_MY_CONTAINER
CREATE_NON_CAT_TYPE
CREATE_PATRON_STAT_CAT
CREATE_PATRON_STAT_CAT_ENTRY
CREATE_PAYMENT
CREATE_TRANSACTION
CREATE_TRANSIT
CREATE_USER
CREATE_VOLUME
CREATE_VOLUME_NOTE
DELETE_CONTAINER
DELETE_COPY
DELETE_HOLDS
DELETE_USER
DELETE_VOLUME
HOLD_ITEM_CHECKED_OUT.override
IMPORT_MARC
ITEM_ON_HOLDS_SHELF.override
MARK_ITEM_DAMAGED
MARK_ITEM_MISSING
MARK_ITEM_MISSING_PIECES
MAX_RENEWALS_REACHED.override
MERGE_USERS
MR_HOLDS
OFFLINE_UPLOAD
OFFLINE_VIEW
OPAC_LOGIN
PATRON_EXCEEDS_CHECKOUT_COUNT.override
PATRON_EXCEEDS_FINES.override
PATRON_EXCEEDS_OVERDUE_COUNT.override
PERSISTENT_LOGIN
REGISTER_WORKSTATION
REMOTE_Z3950_QUERY
RENEW_CIRC
RENEW_HOLD_OVERRIDE
REQUEST_HOLDS
SET_CIRC_CLAIMS_RETURNED
SET_CIRC_LOST
SET_CIRC_MISSING
STAFF_LOGIN
TITLE_HOLDS
UNBAR_PATRON
UPDATE_BATCH_COPY
UPDATE_BILL_NOTE
UPDATE_CONTAINER
UPDATE_COPY
UPDATE_COPY_STAT_CAT
UPDATE_COPY_STAT_CAT_ENTRY
UPDATE_HOLD
UPDATE_MARC
UPDATE_NON_CAT_TYPE
UPDATE_ORG_UNIT
UPDATE_PATRON_ACTIVE_CARD
UPDATE_PATRON_PRIMARY_CARD
UPDATE_PATRON_STAT_CAT
UPDATE_PATRON_STAT_CAT_ENTRY
UPDATE_PAYMENT_NOTE
UPDATE_PICKUP_LIB_FROM_TRANSIT
UPDATE_USER
UPDATE_VOLUME
VIEW_BILLING_TYPE
VIEW_CIRCULATIONS
VIEW_CONTAINER
VIEW_COPY_CHECKOUT_HISTORY
VIEW_COPY_NOTES
VIEW_HOLD
VIEW_HOLD_NOTIFICATION
VIEW_HOLD_PERMIT
VIEW_ORG_SETTINGS
VIEW_PERM_GROUPS
VIEW_PERMISSION
VIEW_PERMIT_CHECKOUT
VIEW_REPORT_OUTPUT
VIEW_TITLE_NOTES
VIEW_TRANSACTION
VIEW_USER
VIEW_USER_FINES_SUMMARY
VIEW_USER_TRANSACTIONS
VIEW_VOLUME_NOTES
VOID_BILLING
VOLUME_HOLDS
actor.org_unit.closed_date.create
actor.org_unit.closed_date.delete
actor.org_unit.closed_date.update
group_application.user
group_application.user.patron

Cataloging

A cataloger will need all the same permissions as a librarian working at Circulation with a few additions. The extra permissions for a cataloger would be:

CREATE_MFHD_RECORD
CREATE_MONOGRAPH_PART
DELETE_MFHD_RECORD
DELETE_MONOGRAPH_PART
DELETE_RECORD
MERGE_AUTH_RECORDS
UPDATE_MFHD_RECORD
UPDATE_MONOGRAPH_PART
UPDATE_RECORD

Local Administrator

A local administrator permission profile shares some of the characteristics of both a Circulation and Cataloging permission profile. There are additional elements that have to do with reporting.

The local administrator basic permission profile can contain the following permissions.

You can add more permissions as you require but it is generally a good idea not to use a local administrator account for day to day work.

CREATE_TRIGGER_VALIDATOR
CREATE_USER
CREATE_USER_GROUP_LINK
CREATE_VOLUME
CREATE_VOLUME_NOTE
DEBUG_CLIENT
DELETE_CONTAINER
DELETE_COPY_NOTE
DELETE_COPY_STAT_CAT
DELETE_COPY_STAT_CAT_ENTRY
DELETE_COPY_STAT_CAT_ENTRY_MAP
DELETE_PATRON_STAT_CAT
DELETE_PATRON_STAT_CAT_ENTRY
DELETE_PATRON_STAT_CAT_ENTRY_MAP
DELETE_TITLE_NOTE
DELETE_TRIGGER_VALIDATOR
DELETE_USER
DELETE_VOLUME
DELETE_VOLUME_NOTE
HOLD_ITEM_CHECKED_OUT.override
IMPORT_MARC
MR_HOLDS
OFFLINE_EXECUTE
OFFLINE_UPLOAD
OFFLINE_VIEW
OPAC_LOGIN
REGISTER_WORKSTATION
REMOTE_Z3950_QUERY
RENEW_CIRC
RENEW_HOLD_OVERRIDE
REQUEST_HOLDS
RUN_REPORTS
SET_CIRC_CLAIMS_RETURNED
SET_CIRC_LOST
SET_CIRC_MISSING
SHARE_REPORT_FOLDER
STAFF_LOGIN
TITLE_HOLDS
UPDATE_BATCH_COPY
UPDATE_CONTAINER
UPDATE_COPY
UPDATE_COPY_STAT_CAT
UPDATE_COPY_STAT_CAT_ENTRY
UPDATE_NON_CAT_TYPE
UPDATE_ORG_SETTING
UPDATE_ORG_UNIT
UPDATE_PATRON_STAT_CAT
UPDATE_PATRON_STAT_CAT_ENTRY
UPDATE_TRIGGER_HOOK
UPDATE_TRIGGER_VALIDATOR
UPDATE_USER
UPDATE_VOLUME
VIEW_BILLING_TYPE
VIEW_CIRCULATIONS
VIEW_CONTAINER
VIEW_COPY_CHECKOUT_HISTORY
VIEW_COPY_NOTES
VIEW_HOLD
VIEW_HOLD_NOTIFICATION
VIEW_HOLD_PERMIT
VIEW_ORG_SETTINGS
VIEW_PERM_GROUPS
VIEW_PERMISSION
VIEW_PERMIT_CHECKOUT
VIEW_REPORT_OUTPUT
VIEW_TITLE_NOTES
VIEW_TRANSACTION
VIEW_TRIGGER_EVENT_DEF
VIEW_USER
VIEW_USER_FINES_SUMMARY
VIEW_USER_TRANSACTIONS
VIEW_VOLUME_NOTES
VOLUME_HOLDS
actor.org_unit.closed_date.create
actor.org_unit.closed_date.delete
actor.org_unit.closed_date.update

 A Patron Permission Profile

Patrons don't require many permissions in the system. They do need to be able to place holds, to log in to the OPAC and perform functions related to their account there. This set of permissions will allow a patron to do practically everything they will ever need to do related to their account and using materials.

If you belong to a consortium which allows patrons to use their library card at any library, then the depth of these permissions should be set to Consortium.

ABORT_REMOTE_TRANSIT
COPY_CHECKIN
CREATE_MY_CONTAINER
HOLD_EXISTS.override            
HOLD_ITEM_CHECKED_OUT.override
MR_HOLDS
OPAC_LOGIN
PERSISTENT_LOGIN
RENEW_CIRC
TITLE_HOLDS