https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28948
--- Comment #12 from David Cook <[email protected]> --- (In reply to Martin Renvoize from comment #10) > I think we need more work here to provide > for 'read' and 'write' allowlists.. we also need a way to alter the > allowlist from the Koha object when required as with the load time at > to_api here we currently have no way to pass overrides to the allowlist. I think that we've overloaded the allow list concept. I originally came up with the allow list concept to function as a user input validation allow/valid list rather than an attribute-based access control list. I like attribute-based access control, but it might make more sense to start there and then do the input validation rather than going the other way around. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
