https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27423
--- Comment #6 from David Cook <[email protected]> --- (In reply to Katrin Fischer from comment #3) > I think the scope of ILS-DI and the REST-API is also different. > > This is an API for discovery interfaces that's supposed to not allow more > than the OPAC user should be able to do. They can place a hold... but they > cannot manipulate a holds data. They can look up a patron, but not change > their data etc. > > I believe the REST API as is might not serve well here as it allows too much > and you'd want to have something more limited to be used by external > catalog/discovery providers specifically`? Those are interesting points too. I have been thinking that Koha is due for a review of its authorization system... -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
