https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24609 --- Comment #8 from Andrew Isherwood <andrew.isherwood@ptfs-europe.com> --- Thanks for this Jonathan. I guess that then raises the question of whether that logic should go in the route controller? Or whether there should be a centralised location (probably the route spec), which would enable the creator to specify all the conditions that must be met before the route can be accessed. I guess extending what x-koha-authorization does. Having it in the controller feels haphazard and prone to omission, having it a required part of the route spec would be better. But how you would go about defining a way for any arbitrary logic to be specified in a json file would need some thought. Anyway, it feels like this is a question that's bigger than just the addition of this route, do you agree? -- You are receiving this mail because: You are watching all bug changes.