https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38914
Bug ID: 38914 Summary: REST API account endpoint permissions should not require edit_borrowers permission Change sponsored?: --- Product: Koha Version: Main Hardware: All OS: All Status: NEW Severity: normal Priority: P5 - low Component: REST API Assignee: koha-bugs@lists.koha-community.org Reporter: n...@bywatersolutions.com QA Contact: testo...@bugs.koha-community.org CC: tomasco...@gmail.com The patrons endpoint now requires only 'list_borrowers' for GET requests The patrons/account endpoint requires "edit_borrowers" and "updatecharges:remaining_permissions" which is really view only The edit_borrowers in the second should be "list_borrowers" so that outside systems can view charges without needing to be able to edit patrons. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list Koha-bugs@lists.koha-community.org https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/