https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36561
David Nind <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #165713|0 |1 is obsolete| | --- Comment #8 from David Nind <[email protected]> --- Created attachment 165718 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=165718&action=edit Bug 36561: Add "validate_borrowers" permission for /api/v1/auth/password/validation This change adds a "validate_borrowers" permission which allows a user to only validate borrowers by using the /api/v1/auth/password/validation endpoint. This avoids scenarios where you want third-parties to authenticate a user without giving them full permissions to perform CRUD operations on user data. To test: 1. Apply patch 2. Run "koha-upgrade-schema kohadev" 3. koha-plack --reload kohadev 4. prove -v t/db_dependent/api/v1/password_validation.t 5. Visit http://localhost:8081/cgi-bin/koha/members/member-flags.pl?member=51 6. Note that a new subpermission "validate_borrowers" appears under the "borrowers" permission Signed-off-by: David Nind <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
