Koha/api/v1/swagger/paths
Tomas Cohen Arazi 8083bc2ff0 Bug 22216: Make GET /patrons/{patron_id} staff only
This patch removes the possibility to access the patron object
identified by patron_id by the patron itself, or a guarantor.

It does so by removing the permissions from the spec. The tests are
adjusted to remove that use case.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/patrons.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-22 13:15:11 +00:00
..
acquisitions_vendors.json
cities.json Bug 22227: Make GET /cities staff only 2019-02-15 18:42:46 +00:00
holds.json
illrequests.json Bug 20600: (follow-up) Fix API spec 2019-02-19 16:36:43 +00:00
libraries.json Bug 16497: (follow-up) GET operations require staff access 2019-02-19 13:52:14 +00:00
oauth.json
patrons.json Bug 22216: Make GET /patrons/{patron_id} staff only 2019-02-22 13:15:11 +00:00
patrons_account.json
patrons_password.json Bug 17006: OpenAPI spec 2019-01-28 15:25:39 +00:00
public_patrons.json Bug 22061: (QA follow-up) Rename password_2 => password_repeated 2019-01-28 15:45:56 +00:00
rotas.json Bug 11897: Use 'stockrotation' permission for the endpoint 2018-10-09 15:46:06 +00:00