https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32404
Bug ID: 32404
Summary: Two-factor authentication for staff client doesn't
work for all staff accounts
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
CC: [email protected]
With the new feature, Two-factor authentication for staff client - TOTP, staff
permissions seem to be needed to activate this:
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
{
template_name => 'members/two_factor_auth.tt',
query => $cgi,
type => 'intranet',
flagsrequired => { editcatalogue => '*' },
}
);
which means that only staff with top-level catalogue permissions can activate
their two-factor authentication.
However, I believe this should be allowed by all staff accounts which would
change this feature to allow staff to have just the "Staff access, allows
viewing of catalogue in staff interface (catalogue) " permission.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
[email protected]
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
