Another commit has been pushed addressing issue #1.
Re: Issue #2, I identified two permissions a regular user would have that initially seemed workable, OPAC_LOGIN and user_request.create. After some research it looks like user_request.create has to do with user requested acquisitions, but I'm not 100% sure on that. Does anyone in the community have any objections to using OPAC_LOGIN as a permission for this?
Another commit has been pushed addressing issue #1.
Re: Issue #2, I identified two permissions a regular user would have that initially seemed workable, OPAC_LOGIN and user_request. create. After some research it looks like user_request.create has to do with user requested acquisitions, but I'm not 100% sure on that. Does anyone in the community have any objections to using OPAC_LOGIN as a permission for this?