Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 29541: Restrict access to patron's image to borrowers => * and circulate => *

Browse source 
The patron images is displayed on the 'circulation' and 'members'
modules.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This commit is contained in:
Jonathan Druart 2021-11-22 15:29:58 +01:00 committed by Fridolin Somers
parent b8088051e9
commit 7f50439cb2
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
members/patronimage.pl
View file

@ -47,7 +47,7 @@ This script, when called from within HTML and passed a valid patron borrowernumb
=cut
my ($status, $cookie, $sessionID) = check_api_auth($query, { catalogue => 1 } );
my ($status, $cookie, $sessionID) = check_api_auth($query, [ { borrowers => '*' }, { circulate => '*' } ] );
unless ( $status eq 'ok' ) {
print $query->header(-type => 'text/plain', -status => '403 Forbidden');