https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36561 --- Comment #21 from David Cook <dcook@prosentient.com.au> --- (In reply to David Cook from comment #17)
(In reply to Katrin Fischer from comment #16)
I feel like the permission description as is might cause some confusion around staff, especially as it's currently only used on the API and has no effect in the interface.
Suggestion: Verify user credentials via REST API
That's a good point. I'd be happy with that suggestion.
I was thinking about this again... and I think that this is the approach I'll take. I thought about created an "External Web Services" top-level permission, but "validate_borrowers" is the only permission I could think to add to it. Looking at /cgi-bin/koha/ilsdi.pl and everything else is really covered by our existing permissions. "AuthenticatePatron" is the only exception. -- You are receiving this mail because: You are watching all bug changes.