[Koha-bugs] [Bug 14868] REST API: Swagger2-driven permission checking
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Sep 1 23:01:59 CEST 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14868
Benjamin Rokseth <benjamin.rokseth at kul.oslo.kommune.no> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #55088|0 |1
is obsolete| |
--- Comment #54 from Benjamin Rokseth <benjamin.rokseth at kul.oslo.kommune.no> ---
Created attachment 55104
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=55104&action=edit
Bug 14868: (QA followup) Change permission check order
This patch changes the permission check order because haspermission
is the smaller check, and going through the patron/user and its guaranteed
before checking if it is (say) a staff member or even a superlibrarian doesn't
seem right.
Bonus: Remove unneeded C4::Auth import in Patron.pm
Signed-off-by: Tomas Cohen Arazi <tomascohen at theke.io>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth at kul.oslo.kommune.no>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list