projects / koha.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1ea55ac) | patch
Bug 27117: Only place_holds permission is needed to adjust pickup locations
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Tue, 1 Dec 2020 10:44:04 +0000 (11:44 +0100)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Mon, 21 Dec 2020 09:07:49 +0000 (10:07 +0100)
commit69c01ee0f2dccd04cfbe8201ba580a15727f5280
treea22526ab290a8d77dbdce2a134ff3ef435c1e66ctree | snapshot
parent1ea55acd0c997b96039a2a1a4a9f9941d2558bdacommit | diff
Bug 27117: Only place_holds permission is needed to adjust pickup locations

The GET /pickup_locations route is requesting the whole reserveforothers
permission whereas only the subpermission place_holds is needed.

Test plan:
0. Don't apply this patch
1. Set the subpermission place_holds but modify_holds_priority
2. Edit a hold and click the pickup library dropdown list
3. You get a JS alert and log displays
  GET /api/v1/app.pl/api/v1/holds/5/pickup_locations
  403 Forbidden
4. Apply this patch
5. Reload the page, click the dropdown list, modify the pickup location
and save
=> Success!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
api/v1/swagger/paths/holds.json diff | blob | history
t/db_dependent/api/v1/holds.t diff | blob | history
Main Koha release repository