https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36561
--- Comment #3 from David Cook <dc...@prosentient.com.au> --- Created attachment 165447 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=165447&action=edit Bug 36561: Add "validate_borrowers" permission for /api/v1/auth/password/validation This change adds a "validate_borrowers" permission which allows a user to only validate borrowers by using the /api/v1/auth/password/validation endpoint. This avoids scenarios where you want third-parties to authenticate a user without giving them full permissions to perform CRUD operations on user data. To test: 1. Apply patch 2. Run "koha-upgrade-schema kohadev" 3. koha-plack --reload kohadev 4. prove -v t/db_dependent/api/v1/password_validation.t 5. Visit http://localhost:8081/cgi-bin/koha/members/member-flags.pl?member=51 6. Note that a new subpermission "validate_borrowers" appears under the "borrowers" permission -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/