Browse Source
At the moment the pages falsely check for parameters_remaining_permissions, but they should check the specific manage_accounts permission. To test: - Create a new staff user with only catalog and manage_acccounts permissions - Log in with this staff user and go to the admin page - You will see the debit and credit type sections, but won't be able to access them - Apply the patch - Veriy the links still show, but pages are now accessible Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>20.11.x
2 changed files with 2 additions and 2 deletions
Loading…
Reference in new issue