https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402 --- Comment #16 from Tomás Cohen Arazi <tomascohen@gmail.com> --- (In reply to Julian Maurice from comment #15)
(In reply to Tomás Cohen Arazi from comment #14)
- I think the way scopes are defined needs more thinking, also its relation to permissions. The patchset adds patrons.read but I'm sure we need a spec on how this are defined and documented. I agree. It looks like OpenAPI spec covers that (https://github.com/OAI/OpenAPI-Specification/blob/master/versions/2.0. md#securityDefinitionsObject) but I'm not sure if we can and should use this.
About relation to permissions, do you think we should have 1:1 relationship between scopes and permissions ?
I think our permissions granularity is not enough for that. But I would like to see a spec to discuss about how scopes would be defined, having a catalog of them, etc. -- You are receiving this mail because: You are watching all bug changes.