https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36135
--- Comment #150 from Lucas Gass (lukeg) <[email protected]> --- > > 1) The new permission batch_modify_holds is not enough to use this tool. If > > the staff member has that but does not have reserveforothers->place_holds, > > they can still access the tool but get a 403 error when performing a search > > at /cgi-bin/koha/tools/batch_modify_holds.pl > Good catch, I'll have a closer look. There are several solutions to this but I don't know which is right. 1. Check for both place_holds and batch_modify_holds before allowing to use tool. 2. Update holds API endpoint to allow for those who have batch_modify_holds 3. Move the permission from tools to reserveforothers. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
