[Koha-bugs] [Bug 17445] REST API: Generic handling of malformed query parameters

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17445

Tomás Cohen Arazi <tomascohen at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #56636|0                           |1
        is obsolete|                            |

--- Comment #14 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
Created attachment 56661
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=56661&action=edit
Bug 17445: Move the params check after the authentication check

If the user is not authorised to call this route, we would prefer to
raise a 403 instead of 400

Note that we wanted to submit tests for this change but the city code
does not let use do that (we are allowed to list/show cities even
without any permissions). The patrons.t is not complete enought and the
holds.t tests do not pass...

Tomas plans to submit tests but we reach the end of the hackfest ;)

Signed-off-by: Josef Moravec <josef.moravec at gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen at theke.io>

-- 
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.