https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7550
Marcel de Rooy <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #62441|0 |1 is obsolete| | --- Comment #27 from Marcel de Rooy <[email protected]> --- Created attachment 62912 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=62912&action=edit Bug 7550: SCO - Restrict access of patron's image With this patch if SelfCheckoutByLogin is set to 'username and password', only the logged in user will be able to see the image linked to his/her logged in account. If set to "barcode" we generate a token but it can be easily generated. You should add a warning in the about page if SelfCheckoutByLogin="barcode" and ShowPatronImageInWebBasedSelfCheck="Show". How I tested: - Go to SCO - Log - Enable self checkout, go to [Your Server]//cgi-bin/koha/sco/sco-main.pl - Log in with a user 'A' who has a patron image - Copy the address of the patron image into an other browser window - Change the borrowernumber to on of an other user 'B' having a patron image - Verify that the patron image is NOT displayed Signed-off-by: Marc VĂ©ron <[email protected]> Signed-off-by: Marcel de Rooy <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
