https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=43030 --- Comment #9 from Martin Renvoize (ashimema) <martin.renvoize@openfifth.co.uk> --- Created attachment 201754 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=201754&action=edit Bug 43030: Allow self-access to /patrons and /patrons/{patron_id} Adds allow-owner to the GET /patrons collection and GET/PUT /patrons/{patron_id} endpoints, so a staff member without list_borrowers/edit_borrowers can still view/edit their own patron record, scoped automatically to just themselves on the collection. update() now fetches via objects.find_rs (Koha::Patrons->new, not ->search_limited) so it goes through the new ownership check without also picking up the unrelated branch-visibility restriction that search_limited applies to get()/list() -- update never had that restriction and picking it up would silently break staff who hold edit_borrowers but not view_borrower_infos_from_any_libraries. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.