https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37144
--- Comment #41 from David Cook <[email protected]> --- > With our mix of old and new code (C4/Koha) still not an easy task. It is a tough one. I have a similar use case to Laura, which I'll likely need to code and deploy soon. I suspect I'll have to do something like this in the short-term, since it's the easier/quicker change to make. But I think we do need to put more thought into a design for a comprehensive solution. We need some way to associate the $logged_in_user with the Koha::Patron object, but there's lots of different ways of getting a Koha::Patron object even. On other projects with better MVC structures and smaller codebases, I've done some column-level security, although it was mostly in terms of restricting updates at the column-level. Using Koha::Proxy::Patron class to wrap Koha::Patron could work... except that there are ways of getting Koha::Patron objects from other objects which could bypass that. But maybe it would be enough... Actually, looking through './circ/circulation.pl' I'm thinking how we mostly want to use an unrestricted Koha::Patron for a lot of the business logic... but then for some things we'd want to use a Koha::Proxy::Patron with user restrictions for view logic... This is one of those topics where I think it's difficult to come up with a perfect design ahead of time... but where it's also easy to create a mess by having an incomplete design ahead of time... -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
