https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38914

            Bug ID: 38914
           Summary: REST API account endpoint permissions should not
                    require edit_borrowers permission
 Change sponsored?: ---
           Product: Koha
           Version: Main
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5 - low
         Component: REST API
          Assignee: koha-bugs@lists.koha-community.org
          Reporter: n...@bywatersolutions.com
        QA Contact: testo...@bugs.koha-community.org
                CC: tomasco...@gmail.com

The patrons endpoint now requires only 'list_borrowers' for GET requests

The patrons/account endpoint requires "edit_borrowers" and
"updatecharges:remaining_permissions" which is really view only

The edit_borrowers in the second should be "list_borrowers" so that outside
systems can view charges without needing to be able to edit patrons.

-- 
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

Reply via email to