http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5974 Bug #: 5974 Summary: Bogus auth check for "StaffMember" role Classification: Unclassified Change sponsored?: --- Product: Koha Version: unspecified Platform: All OS/Version: All Status: ASSIGNED Severity: minor Priority: P5 Component: Patrons AssignedTo: oleonard@myacpl.org ReportedBy: oleonard@myacpl.org QAContact: koha-bugs@lists.koha-community.org CC: gmcharlt@gmail.com In circ-toolbar.inc: <!-- TMPL_IF NAME="StaffMember" --> <!-- TMPL_IF NAME="CAN_user_staffaccess" --> new YAHOO.widget.Button("changepassword"); <!-- /TMPL_IF--> <!-- TMPL_ELSE--> new YAHOO.widget.Button("changepassword"); <!-- /TMPL_IF --> Besides being pointless, this refers to a "StaffMember" variable which is only defined in one place, moremember.pl, based only on the patron category. A remnant of a time before granular permissions? -- Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA Contact for the bug.