[Koha-bugs] [Bug 28882] Incorrect permissions check client-side
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Aug 19 16:15:55 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28882
--- Comment #3 from Marcel de Rooy <m.de.rooy at rijksmuseum.nl> ---
Work to be done:
Login with a non-superlibrarian user
Edit permissions for a superlibrarian user
=> You can remove it, then cannot add it back
Should we allow removal of superlibrarian permission by
non-superlibrarian user?
No, I definitely think that a non-superlib should not be able to remove perms
from a superlib. That would be kind of a security hole imo.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list