[Koha-bugs] [Bug 21198] authenticate_api_request should stash the reason access is granted
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Jan 7 14:35:50 CET 2019
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=21198
Tomás Cohen Arazi <tomascohen at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |Needs Signoff
--- Comment #3 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
When I thought about this, I was writing the /patrons/:patron_id/password
endpoint, which was an hybrid endpoint: it was intended for the user to change
its own password, and also an admin user to change a patron's password. It
required the controller to check what was the reason to grant access to the
resource.
We decided to create a /public namespace for endpoints that would be used by
unprivileged users instead.
I decided to still submit this, because
- We might need it
- People writing endpoints through plugins could take advantage of this
I hope you'll agree with this enhancement.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list