https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=39372
--- Comment #28 from David Cook <[email protected]> --- (In reply to Jonathan Druart from comment #27) > 1. We should be nicer in opac-shelves and send a "not authorized" message > (search for `push @messages` in the script) That's how the change in opac/opac-shelves.pl works. The die is caught and then the message is added to @messages. opac/opac-addbybiblionumber.pl doesn't have @messages > 2. Wondering if we should not have a safeguard in Koha::Virtualshelf->store, > just in case (there are already several checks there) Could do I guess. > Something like: > if ( ! C4::Context->preference('OpacAllowPublicListCreation') > && C4::Context->interface eq 'opac' > && !$self->in_storage ) { > Koha::Exceptions::Authorization::Unauthorized->throw > } > > 3. Do you know exactly the context of the use case? Why would you disallow > creation of private lists for users? Yes, there are libraries in organisations like prisons/correctional centres where they don't want users to be able to input any data into the system at all. I'm sure there are probably other use cases but that's the one that brought this to my attention. -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
