https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=32502 Tomás Cohen Arazi <tomascohen@gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|Passed QA |In Discussion --- Comment #4 from Tomás Cohen Arazi <tomascohen@gmail.com> --- I'm not sure I agree with this patch. Our permissions schema is obfuscated, but view_borrower_infos_from_any_libraries goes too far as well. We really need something like 'view_borrowers', and let Koha::Patrons->search_limited take care of which patrons can actually be seen. Something like: my $patron = Koha::Patrons->search_limited; unless ($patron) { # return 404 } return $patron->to_api; -- You are receiving this mail because: You are watching all bug changes.