https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39199
--- Comment #8 from David Cook <[email protected]> --- (In reply to Shi Yao Wang from comment #7) > What would be the appropriate permission or set of permissions for each > route then? Honestly, there are no appropriate permissions for these routes, because in Koha there are no permissions specifically for creating emails. Sending particular emails is separated into different modules with their own permissions. And viewing sent emails involves patron level and branch level permissions. It's complex. Looking back on Lucas's original description... it sounds like he was talking about the 3rd party sending the notice and then just adding a record of the sent message to Koha. That's actually quite an interesting idea, because it would just be storing the record of the email in Koha rather than using Koha to send the email. @Shi Yao Wang, is your intention here to just allow an API user to view and send emails arbitrarily? I don't think there's a scenario where that's going to be a good idea. If you have a more specific scenario, I'd be happy to provide some advice. For instance, if you want to use Koha to send the email, you could create an "api_sendemail" permission and then create a mapping between the API user and particular letter.id templates. That said, that could be dangerous as well, because it could be possible to abuse letter templates. So we'd want to be very careful there. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
