https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=38040
--- Comment #32 from David Cook <[email protected]> --- Since the holds in tmpl/intranet-tmpl/prog/en/includes/holds_table.inc are actually hashrefs from reserve/request.pl we can actually do the permission check in the controller, and then we just look for the flag in the template/view so that we can toggle the display accordingly. Something like "$logged_in_user->can_manage_hold($hold->patron)" would be good, because it could apply to both IndependentBranches and Library Groups. Plus we can then use it for validating the actions/ops server-side as well. The only question that remains then is how to gracefully handle errors server-side. Although really I think something like pre-validating before the action/op and throwing a 403 is not a bad idea. Simple and effective. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
