Notetaker: Maura Byrne
If we have additional time:
Requested by Erin N.
Erin was going to bring this up with RA-SIG, but they had a packed schedule this week and couldn't accommodate.
Currently, user searching is a "starts-with" search that searched across all of the fields in the record. This means that a great number of irrelevant results come back when searching for a name, for instance. We did a test search for user "Li," and every record that began with "li" in the first name, last name, patron group, e-mail address, or barcode came up. We could get an exact match on a barcode search and a UUID search. This is a standard default among developers. But the Users module is not a discovery system, so that strategy for searching is unproductive.
UM-SIG strongly preferred that we be able to do exact-match searches on last name, e-mail address and external system ID. Also, since a drop-down box for selecting the field to search exists in the Inventory module, we'd like one for Users.
This question was asked on Slack, and Theodor Tolstoy gave the answer that yes, there is. It is the module mod_user_import. That should be used for loading users.
This was brought up in a Slack channel, and that discussion implied that deleting records was a messy business.
Patty W. recommended that we deactivate users instead of deleting them. Uschi K. said that was not an option in Europe, because the GDPR has to allow user data to be deleted. Björn M. asked if a deletion feature was implicitly in the MVP. No one could say if that was true. Erin brought up Jira ticket UIU-1079, where a user might be anonymized on an individual basis, then purged later. It may be possible to anonymize, then purge, a user, to comply with GDPR, but it's certainly not ideal.
Discussion requested by Björn M.
A PIN is not the same as a password. Earlier, FOLIO project heads considered them to be the same. However, a PIN would be easier to use with a Self-CKO machine, especially with a line of people waiting behind you. If you're seen inputting a PIN at a public touch screen, it would be easier to change your PIN than it would to change your password in the campus IdM system.
This was marked "Not needed" by most institutions in UXPROD-1811.
|Item||Who||Notes||Discussed Today?||Resolution / Next Steps||Carry topic?|
Searching by specific fields
Right now Users has general keyword searching; we will want to be able to search specific fields - IDs, emails, addresses, notes?
Perhaps one of these issues fits:
|Yes.||Yes; this is not yet resolved.|
|Pop-ups on user transactions||Steffi||notes may be used for communication about users, and pop-ups on user transaction (or displaying of notes) is desired. Khalilah indicated this should be raised as a new feature request.|
|Bulk User import||Erin|
Does anyone know (or can tell me) what the current, supported approach is (or will be) for bulk importing user records? I can see a github for mod-user-import, jiras for that project with comments that ask if that mod is still being supported. |I can see a very old jira (https://issues.folio.org/browse/MODUSERS-3) for bulk-loading that was last updated last year.I can see a very old jira about performance improvements (https://issues.folio.org/browse/MODUIMP-4) that was last updated last
|Yes||Theodor Tolstoy said there was a canonical loader, and pointed it out in the Slack discussion.||Yes; may need additional discussion in group as we go.|
Deleting User Records
Discussing the need for deleting patron records (no Jira currently; need for one discussed in comments of https://issues.folio.org/browse/UIU-1079)
refering to Action Item "Create Feature for password rules"
This is the story for the validation of passwords:
Some of the rules seem to restrict too much. We would like to configure the password strength. See configuration options in the ILS the GBV libraries use now (at the bottom of this page)
the tag cap-mvp has been removed - reason? Further activities?
The tag was removed, and this was dropped from the MVP due to capacity (discussed at RA SIG meeting)
We can and probably should review the requirements that Khalilah has generated; they are attached to the master Jira.
|Discussion on PIN needs for user records||Bjorn, others?||Important to discuss - Because the entry of an account password (e.g. university login) in a public space, e.g. self-checkout is not very protective. The input, especially in vertically hanging touch screen monitors, is not protected from the view of others behind me. Also, if I feel someone has been watching me, I can simply change my PIN without having to change my account (university) password. This provides extra security. The principle should be the same as with a bank card, where the account password and card PIN are different. We'd all be surprised if it wasn't that way with our bank, I think. Leipzig does not need this urgently, because we need at least another 2 years for go-live. But in the long run all Saxon libraries need this.||Yes.||Patty will check back with the reporter of UXPROD-1811||Yes|
In our current ILS we can set these options:
# minimum length, default=0
# Maximum length, default=length of the newly entered password.
# Minimum number of lowercase letters, default=0
# Minimum number of capital letters, default=0
# Minimum number of digits, default=0
# Minimum number of special characters, default=0
# List of allowed special characters, e.g. /$%_-
# Unauthorized words separated by a comma. The user number is generally not allowed. Example: not,yet,or
Translated with www.DeepL.com/Translator