[Koha-bugs] [Bug 22925] AuthenticatePatron should fail if patron has lost card
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22925 --- Comment #3 from Arthur Suzuki --- Hi Liz, I get your point :) Maybe yet another syspref similar to what "BlockExpiredPatronOpacActions" does but for "lost card" flag instead of "expired" flag? But then that would touch also the Web interface and not only the WebService. Probably need to create a new bug and close that one in that case. What would you think about this? Arthur PS : I've also translated and forwarded your arguments to our partner see if they can find a workaround... -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 22925] AuthenticatePatron should fail if patron has lost card
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22925 Liz Rea changed: What|Removed |Added Status|Needs Signoff |In Discussion CC||wizzy...@gmail.com --- Comment #2 from Liz Rea --- Hi Arthur, Can you explain a bit more about the use case here? Since this is ILS-DI only, and not across all of the Koha OPAC, I assume your use case has to do with connectivity to a service like Overdrive or Bolinda (or your local eBook vendor). Is that right? The reason I ask is because not every library uses the cardnumber as the login username. A person who loses their card may still have a legitimate reason to log into Koha (or an attached 3rd party service) - why should they be additionally punished for losing their card by not being able to access library resources? People lose things all the time and it's really annoying to replace all those lost things. Let's not make it harder for people. The information on the majority of library cards is basically considered public - things like your name, and your card number. They aren't secret. The password though, is. And since (I sure hope...) normally the password isn't on the library card, even if someone bad has the card, they still don't have the password and so can't get in anyway. Taking it a step further, even if the bad person went to the OPAC to change the password (presuming the library has that enabled), they would still need the username (that could be the card number, yes, but it often isn't) and/or the e-mail address associated with the account, and access to that email account, to change the password. Yes, they could then get in to the 3rd party service, but they have worked really hard to get there and compromised much more than just Koha, and likely broken a few laws in the mean time. If we are going to implement this feature, I feel like it must be optional, and definitely should be off by default. Please, if anybody thinks any of this is wrong, I'm happy to consider that point of view - I am sure I haven't thought through to every possibility and there could be a very good use case for this feature. Cheers, Liz -- You are receiving this mail because: You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 22925] AuthenticatePatron should fail if patron has lost card
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22925 Arthur Suzuki changed: What|Removed |Added Assignee|koha-b...@lists.koha-commun |arthur.suz...@biblibre.com |ity.org | Status|NEW |Needs Signoff -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
[Koha-bugs] [Bug 22925] AuthenticatePatron should fail if patron has lost card
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22925 --- Comment #1 from Arthur Suzuki --- Created attachment 89830 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=89830=edit Bug 22925 : Disable ILS-DI AuthenticatePatron if patron has lost card. test plan: 1 / set a patron as card lost in the intranet 2 / query ILS-DI with login and password -> should respond with borrowernumber 3 / apply patch 4 / Repeat 2, should respond code "PatronLostCard" -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. ___ Koha-bugs mailing list Koha-bugs@lists.koha-community.org http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/