[Koha-bugs] [Bug 20407] Hide some fields from unauthorized users

bugzilla-daemon Mon, 21 May 2018 07:51:41 -0700

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20407


Martin Renvoize <martin.renvo...@ptfs-europe.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |martin.renvoize@ptfs-europe
                   |                            |.com

--- Comment #3 from Martin Renvoize <martin.renvo...@ptfs-europe.com> ---
The slightly more accepted way of doing this to date that I have seen is to
reduce the default response to only contain public fields and set the private
fields to need explicitly requesting in the api call. This way, rather than
sending back a 200 with varying content you send back either a 200 with what
the consumer has asked for (or is expecting) or you send back a 401
Unauthorized and the client knows to authenticate).

The principle of Least Surprise.

I do like the x-public way of defining it in the spec though.. :)

-- 
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

[Koha-bugs] [Bug 20407] Hide some fields from unauthorized users

Reply via email to