[Koha-bugs] [Bug 12497] Make OPAC search history feature accessible when it should
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Nov 22 11:53:54 CET 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12497
--- Comment #3 from Gaetan Boisson <gaetan.boisson at biblibre.com> ---
On additional issue is that if you have activated search history on the opac,
and have an opac set to private via opacpublic, then patrons can only access
their search history if they have the permission to manage borrowers.
To reproduce :
- set your opac to private via opacpublic
- activate EnableOpacSearchHistory
- log in your private opac with a user that has no permissions for the staff
interface
- search for something in the catalog
- the link for search history is now visible, but if you click on it, you will
get an access denied message
- log in to your private opac with a user that has the "borrowers" permission
- repeat above steps : you can now access your search history.
Since this issue and the fact that the url still responds when the syspref is
turned off, when it should display an access denied page, can be fixed in the
same block of code, we will offer a patch for both issues at once.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list