https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25482
Tomás Cohen Arazi <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED Assignee|[email protected] |[email protected] |ity.org | --- Comment #1 from Tomás Cohen Arazi <[email protected]> --- Found the issue. It took me a while.... The thing is, the JSON::Validator/openAPI plugin combination we have in D9 is very loose, and doesn't catch a problem in the Advanced editor macros routes spec. Basically, there are routes that have: x-koha-permission: { editcatalogue => 'advanced_editor', editcatalogue => 'delete_shared_macros', } which is basically invalid, as you shouldn't be able to define a hash with two values for the same key. My first attempt was to just to the expected thing: x-koha-permission: { "editcatalogue" => [ 'advanced_editor', 'delete_shared_macros' ] } This should work, but it doesn't really. Plack would be back to work, but C4::Auth::haspermission validates the permissions when it shouldn't. At least that's what running $ prove t/db_dependent/api/v1/advanced_editor_macros.t tells. I will review the tests tomorrow (too tired today). It is possible that the permissions assignment taking place in the tests is incorrect. I was about to write a regression test for C4::Auth for this case, and see what's going on, but... to my dismay... couldn't find tests... -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
