[Koha-bugs] [Bug 25672] Administrators should be able to restrict client-side plugin upload to trusted sources

Wed Oct 25 18:35:18 CEST 2023

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25672

Victor Grousset/tuxayo <victor at tuxayo.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #157840|0                           |1
        is obsolete|                            |

--- Comment #95 from Victor Grousset/tuxayo <victor at tuxayo.net> ---
Created attachment 157850
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=157850&action=edit
Bug 25672: Convert to restricting to listed repositories only

I think instead of a plain on/off switch we should use it in combination
with the plugin_repo's and set it to restrict to only those repos' (i.e.
disable uploads entirely if no repo's are listed, or just allow those
repo's when there are).

This patch achieves that, but only if plugins are installed via the
plugin browser method. We disable all direct upload avenues, so install
is blocked for other cases.

Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>
Signed-off-by: David Cook <dcook at prosentient.com.au>
Signed-off-by: Victor Grousset/tuxayo <victor at tuxayo.net>
Signed-off-by: Kyle M Hall <kyle at bywatersolutions.com>

-- 
You are receiving this mail because:
You are watching all bug changes.