[Koha-bugs] [Bug 23108] staffaccess permission can be easily circumvented
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon May 4 16:53:14 CEST 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23108
--- Comment #4 from Andrew Fuerste-Henry <andrew at bywatersolutions.com> ---
Verified that this is still an issue in Master.
I suggest we fix this by making StaffAccess required in order to change the
borrower category of a borrower in a staff category. This is complicated by the
fact that patron category is included in batch patron modification, unlike
everything currently covered by StaffAccess, so we'd have to figure out how we
want Koha to behave and report there.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list