[Koha-bugs] [Bug 28948] Add a /public counterpart for the libraries REST endpoints
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Sep 13 04:32:06 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28948
--- Comment #12 from David Cook <dcook at prosentient.com.au> ---
(In reply to Martin Renvoize from comment #10)
> I think we need more work here to provide
> for 'read' and 'write' allowlists.. we also need a way to alter the
> allowlist from the Koha object when required as with the load time at
> to_api here we currently have no way to pass overrides to the allowlist.
I think that we've overloaded the allow list concept. I originally came up with
the allow list concept to function as a user input validation allow/valid list
rather than an attribute-based access control list.
I like attribute-based access control, but it might make more sense to start
there and then do the input validation rather than going the other way around.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list