[Koha-bugs] [Bug 26023] Incorrect permissions handling for cashup actions on the library level registers summary page
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Aug 21 01:10:17 CEST 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=26023
Katrin Fischer <katrin.fischer at bsz-bw.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #108172|0 |1
is obsolete| |
--- Comment #12 from Katrin Fischer <katrin.fischer at bsz-bw.de> ---
Created attachment 108773
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=108773&action=edit
Bug 26023: Properly secure the cashup and refund actions
The cash register summary page for cash management is available for users
with the 'anonymous_refund' or 'cashup' permission and the actions available
are appropriately displayed.
However, the actions are not yet correctly tested for at the server and
so a user may force submit to accomplish the action.
Signed-off-by: Nick Clemens <nick at bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83 at web.de>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list