[Koha-bugs] [Bug 30178] Every librarian can edit every item with IndependentBranches on
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Sat Feb 26 18:40:28 CET 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30178
--- Comment #10 from Janusz Kaczmarek <januszop at gmail.com> ---
> We just arrived at the same spot :) I first confirmed it by adding the line
> to the templates:
>
> [% item.homebranch %] | [% Branches.GetLoggedInBranchname() %]
>
> So the fix is correct, but I feel we might want to revisit this confusing
> variable at some point. Changing code to name is an easy template task, so
> passing it like this appears not necessary.
The more that the use of GetLoggedInBranchname creates a possible security
issue in a malignant case of two different branches with the same name.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list