https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38914
Bug ID: 38914
Summary: REST API account endpoint permissions should not
require edit_borrowers permission
Change sponsored?: ---
Product: Koha
Version: Main
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5 - low
Component: REST API
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
The patrons endpoint now requires only 'list_borrowers' for GET requests
The patrons/account endpoint requires "edit_borrowers" and
"updatecharges:remaining_permissions" which is really view only
The edit_borrowers in the second should be "list_borrowers" so that outside
systems can view charges without needing to be able to edit patrons.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
