[Koha-bugs] [Bug 17424] REST API: Preference to control access to own objects without permission
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Nov 17 18:52:31 CET 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17424
Tomás Cohen Arazi <tomascohen at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tomascohen at gmail.com
Status|Patch doesn't apply |In Discussion
--- Comment #8 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
(In reply to Lari Taskula from comment #1)
> One problem with preference-approach is that it will create a mismatch
> between Swagger documentation and value of the preference if disabled. If
> the preference is being used to disable OPAC-like API operations, Swagger
> spec says they should still be possible. In this case, maybe it is enough to
> simply return an error message?
I think we need a more flexible approach: we need a configuration page in which
users can select if they allow (or not) access to own (and relative's) objects,
FOR EACH resource.
The OpenAPI docs can be adjusted to say it will depend on local configurations.
And API consumers will notice anyway.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list