https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17229 --- Comment #60 from Nick Clemens <nick@bywatersolutions.com> --- (In reply to Jonathan Druart from comment #59)
Here the behaviours are expected to be the same (between ILSDI and REST API), the existence of bug 24841 is proving it.
Unless that bug is incorrect? The holds route is privileged, not public - it behaves as staff, not as OPAC - so it doesn't check if patron restricted/debarred, I will add this comment to that bug
If we go with this patch we will have to fix bug 24841 anyway, and what are we going to do? Add the checks to the controller?
We have to decide what we want to do yes, but we shouldn't enforce that conversation here
I know it's more work to have things done properly, but it's not a good pro argument :D
I don't see it as doing things properly, but fixing a confirmed bug here and making architecture decisions later. We should work towards deprecating ILSDI, but until then we should allow for fixing these outstanding issues -- You are receiving this mail because: You are watching all bug changes.