Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
43880 commits 35 branches 612 tags 1.8 GiB
Commit graph

3 commits

Author SHA1 Message Date
Tomas Cohen Arazi
9c4a1b19aa Bug 27947: (QA follow-up) Clarify permissions 
Privileged routes need permissions defined. This patch adds the minimum
required permission until there are article request-specific permissions
in Koha: circulate: circulate_remaining_permissions

It is also clarified that interacting with an article request  from
another patron, but having your own patron_id in the path would return
404 instead of 403, as technically the resource (an article request from
the patron, identified.by the supplied id) doesn't exist.

Tests are tweaked.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
 2021-10-06 10:09:25 +02:00
Martin Renvoize
77506a474a Bug 27947: (QA follow-up) Update test to highlight issue 
This addition to the tests highlights a permissions/security check
error.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
 2021-10-06 10:09:25 +02:00
Tomas Cohen Arazi
b9b4cee4e9 Bug 27947: Add regression tests for routes 
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
 2021-10-06 10:09:25 +02:00