[Koha-bugs] [Bug 29509] GET /patrons* routes permissions excessive
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Nov 18 11:55:31 CET 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29509
--- Comment #3 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
(In reply to Martin Renvoize from comment #2)
> I wondering how our changes to objects.search and objects.find might affect
> public routes and seeing ones owned data?
That's a good question. It probably highlights the search_limited methods are
too staff side oriented.
I did this:
$ git grep 'sub search_limited'
Koha/ArticleRequests.pm:sub search_limited {
Koha/Patron/Discharge.pm:sub search_limited {
Koha/Patrons.pm:sub search_limited {
Koha/Reviews.pm:sub search_limited {
It feels like safe for now.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list