[Koha-bugs] [Bug 24609] Add routes for getting and setting checkout due date
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Mar 16 18:33:59 CET 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24609
--- Comment #10 from Tomás Cohen Arazi <tomascohen at gmail.com> ---
Hi I'm sorry for the delay to comment on this one.
As a general comment, our (current) controller/permissions logic doesn't allow
to specify complex conditions. We only check for permissions/ownership, before
we reach the controller. [1]
So the general rule is that any syspref check or combination of
permissions+sysprefs (that can be found in many places in our
codebase/templates) should be done either in a high level method (ModIssue?) or
the controller itself (e.g. that's why we stash the current user, accesible
through $c->stash('koha.user') so we can ask further questions about it. Any
authentication method stashes the user for that purpose.
That said, changing the date due on a checkout might be something worth having
a method in Koha::Checkout->update_due_date so any logic is encapsulated there
and, more importantly, the method can be used in other places.
Speaking of the current endpoint, we've been observant of the current
implementations on the UI to catch all the conditions and prevent misuses of
endpoints. This doesn't mean there were no mistakes, but speaking for my
contributions, I usually look at the .pl, the .tt and try to put all that logic
on the enpdoint.
[1] And I'm not sure we should add such a thing to our project as the API
hasn't been a target for the refactorings specifically, and so moving existing
logic into a (cool) new high level config layer on the spec would mean
maintaining two codebases right now.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list