add security levels to norm rules
Because all norm rules can be edited by all staff with cataloger roles, there is great room for erroneous changes for rules that are applied to batch jobs. For example, the norm rule that is applied to records being brought in from Z39.50 targets can be edited by any staff member. A single error in the rule can break the z39.50 import process for all staff until the source of the error is identified. Likewise, if we have a rule applied to import profiles and a staff member inadvertently changes it and we load 50,000 records, that could cause huge data corruption. There needs to be a way to secure a norm rule to administrators such that normal staff with cataloger roles cannot change them.
We are considering adding the ability to limit editing both for templates and rules. We are considering that users with cataloging administrating roles will be able to lock specific templates and rules. Will it address your needs?
Emanuela Pisanu commented
the editing of rules and templatehas to be limited to catalog administrators, expecially in large institutions and consortia.
Anne Jolidon commented
This would be great. With the newly introduced template section in the new MDE, we had lately a lot of overwritten templates. As for the rules, even if we didn't have problems yet, they are currently far too exposed to inadvertent modifications.
Claudia Burattelli commented
It is extremely important that editing rules and template is limited to catalog administrators, expecially in large institutions and consortia.
Shawn King commented
This is fine as long as it is only for locking specific templates and rule and not limiting who can create and use the templates and rules. We have many catalogers who utilize templates and indication rules for specific marc data input and searches. Can they be duplicated like the out of the box ExLibris ones? That might be helpful.
Bernhard Schubert commented
Cataloguing administrators make sense for an individual institution, but there also needs to be a possibility for administrators in a network environment to lock templates and rules. There has to be a federation/inheritance concept behind this, similar to how configurations are shared between NZ and IZs.
François Renaville commented
Thanks, Itai. This would meet our expectations here.
I agree with Maaike's comment.
Maaike Vautier commented
Thank you for adressing this issue.
On my side, this will solve the security problem. Hpowever, any user with cataloging adminitrating roles must be able to lock and unlock the rule/template (even if it was not that user who locked the rule/template in the first place).
Manu Schwendener commented
Vicki Grahame commented
I though rules could not be changed if they were tied to normalization process or included in a load profile.
I know they cannot be deleted
Stacie Traill commented
Yes, I support this idea. We largely have not had issues with this (very few catalogers venture into the Rules area, even though they can), but it definitely makes me nervous. Agree that normalization/merge/indication rules should all be covered.
A Rowe commented
I agree. Another way this could be done would be for ExL to introduce a Rules Cataloguer role, so that we can assign this to only those staff that need to use rules. Most staff with the Cataloguer role do not need to use rules.
It would also be good to distinguish between staff that can run a rule over a record such as a Use Only role, and staff that can edit and delete rules.
Laura Morse commented
We are too new to have run into issues with merge and indication, but I agree that these should all be treated in the same manner. Thanks for the suggestion!
Mike Rogers commented
I just used my last three votes on this idea. I also agree with Simon that it should be expanded to merge and Indication rules as well. The Cataloger role is one that we have to apply widely to students, and they certainly do NOT need access to the rules. In addition, most staff do not need access either. For us, we would be much happier if these rules were accessible via the Catalog Manager and Catalog Administrator roles only (not Cataloger).
Simon Hunt commented
I would expand that request to merge and indication rules as well. All three types can be used in import profiles, and it should be possible to write-protect individual rules.
François Renaville commented