https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32968
--- Comment #58 from Pedro Amorim <[email protected]> --- (In reply to Jonathan Druart from comment #46) > 1. Should we restrict access to the whole ERM module is vendor_manage is not > set? I don't know :) Also, see comment #49 > 2. I can list agreements even if I have only erm_eholdings. It's confusing > as we don't have access to "Licenses". It's working as intented. I followed your suggestion on comment #3, to me it makes sense because eHoldings may be related to agreements, but not licenses. Either way, I'm open to suggestions about this, should eHoldings write permission give read-only permission to both agreements+licenses? > 3. EBSCO Add to/Remove from holdings buttons should be removed with only > erm_show > 4. Same for "Add new agreement" on EBSCO pkg show view Yes, thanks! I missed EBSCO permissions in these patches. Will provide patches for this when I find the time. > 5. I don't get an error when I access /cgi-bin/koha/erm/licenses/edit/1 with > only erm_show (same for agreement) You don't get an error, you are redirected to /cgi-bin/koha/erm/erm.pl. If this is what you are experiencing, do you think it would be preferable to show an error page instead? (I don't think this is important, this is just a permission double-check in case the user attempts to access content that he doesn't have permission to, directly through the URL). Error or not, user doesn't have access to the content he's not permitted to. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
