Allow others to use my account (privacy waiver)

Bug #1715767 reported by Jeff Davis on 2017-09-07
This bug affects 1 person
Affects Status Importance Assigned to Milestone

Bug Description

In some circumstances, it would be convenient for patrons to indicate that other people are allowed to use their account.

Use case: Jane Doe has a hold ready for pickup but is unable to come into the library. Her husband John Doe goes to the library to pick up the hold on her behalf. His name is listed on Jane's account, so library staff know it's okay to check out the book on Jane's account and give it to John (rather than checking it out on John's account as in bug 1661688).

You can use patron notes for this, but that's cumbersome. At Sitka, we've added a custom widget in patron edit and My Account. Staff or patrons can enter one or more names and indicate which functions the person is allowed to access for their account. The widget looks like something this (see attached screenshots):

Allow others to use my account:

_______________________ (freeform textbox for John Doe's name)

[ ] Place Holds?
[ ] Pickup Holds?
[ ] View History?
[ ] Borrow Items?

[ Add Person ] [ Remove Person ]

Multiple names can be added. The information is stored as JSON in a custom user setting, which means that patrons can directly manage who is on their account, via the preferences tab in My Account. There is no special new circ functionality or anything -- it's really just a glorified patron note, and it's up to circ staff to review the information on the account and validate the person at the desk based on library policies. Not every library will want this feature, so there should also be an org unit setting to enable/disable it.

This is a custom feature that we've had at Sitka for many years. The code needs to be cleaned up for general use, and I need to add web client support and automated testing. I'm also open to tweaking the implementation if there are better ways to do it.

Jeff Davis (jdavis-sitka) wrote :
Jeff Davis (jdavis-sitka) wrote :
Changed in evergreen:
importance: Undecided → Wishlist
Jeff Davis (jdavis-sitka) wrote :

Working branch user/jeffdavis/lp1715767-privacy-waiver-squashed implements this feature:;a=shortlog;h=refs/heads/user/jeffdavis/lp1715767-privacy-waiver-squashed

Rather than using a user setting, which proved cumbersome, this branch adds a new actor.usr_privacy_waiver table. Names and permitted functions can be entered and modified via My Account or the patron editor, and are displayed in the patron account summary.

tags: added: pullrequest
Changed in evergreen:
milestone: none → 3.2-beta
Jennifer Pringle (jpringle-u) wrote :

We've been using this live in Sitka in 3.1 since the end of May.

Changed in evergreen:
milestone: 3.2-beta → 3.2-rc
Changed in evergreen:
milestone: 3.2-rc →
Ben Shum (bshum) wrote :

Some thoughts about this new table, if we're tracking user names data. What happens if a user is deleted (purged) from the system? Perhaps we need to add some triggers to scrub out corresponding data in the new table if an actor.usr is deleted.

Jeff Davis (jdavis-sitka) wrote :

Yeah, the foreign key constraint on the actor.usr_privacy_waiver.usr column ought to have ON DELETE CASCADE. I've updated the branch accordingly.

Changed in evergreen:
milestone: → 3.3-beta1
Jeff Davis (jdavis-sitka) wrote :

Rebased to current master, cleaned up merge conflicts, and pushed to a new working branch, user/jeffdavis/lp1715767-privacy-waiver-squashed-rebased (thanks to Chris Sharp for the heads-up):;a=shortlog;h=refs/heads/user/jeffdavis/lp1715767-privacy-waiver-squashed-rebased

Jeff Davis (jdavis-sitka) wrote :

Pushed an additional commit to remove privacy waiver entries when user data is purged.

Chris Sharp (chrissharp123) wrote :

Works as advertised. Pushed to master in anticipation of Evergreen 3.3.

tags: added: signedoff
Changed in evergreen:
status: New → Fix Committed
Changed in evergreen:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers