Tomas Cohen Arazi
8083bc2ff0
This patch removes the possibility to access the patron object identified by patron_id by the patron itself, or a guarantor. It does so by removing the permissions from the spec. The tests are adjusted to remove that use case. To test: - Apply this patch - Run: $ kshell k$ prove t/db_dependent/api/v1/patrons.t => SUCCESS: Tests pass! - Sign off :-D Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> |
||
---|---|---|
.. | ||
v1 |