Comment 15 for bug 1777677

Another commit has been pushed addressing issue #1.

Re: Issue #2, I identified two permissions a regular user would have that initially seemed workable, OPAC_LOGIN and user_request.create. After some research it looks like user_request.create has to do with user requested acquisitions, but I'm not 100% sure on that. Does anyone in the community have any objections to using OPAC_LOGIN as a permission for this?