4 Jan
2023
4 Jan
'23
12:58 a.m.
Hi all, I just noticed the following error while testing the REST API: {"error":"Authorization failure. Missing required permission(s).","required_permissions":{"borrowers":"1"}} It seems to me that we should just stop at "Authorization failure". While it might be helpful for a dev to know what the required permissions are, I think it would also be overly helpful for an attacker to know what permissions are required too, no? I suppose Koha is open source, so it wouldn't be hard for them to look them up anyway, but it just seems odd? David Cook Senior Software Engineer Prosentient Systems Suite 7.03 6a Glen St Milsons Point NSW 2061 Australia Office: 02 9212 0899 Online: 02 8005 0595