]> git.koha-community.org Git - koha.git/commit
Bug 29541: Prevent users from another group to access patron's images
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Mon, 6 Dec 2021 12:58:25 +0000 (13:58 +0100)
committerFridolin Somers <fridolin.somers@biblibre.com>
Thu, 3 Feb 2022 07:05:29 +0000 (21:05 -1000)
commit2c3a11f138247c53df306667f421857ef2a3977a
tree73e946d74ca5b8cac301b9dca44c55fe092c59b6
parent7f50439cb2cf7d9a6d84e49eaf1cd8330b0995f0
Bug 29541: Prevent users from another group to access patron's images

We should respect group restrictions here.

Test plan:
Create a patron from another group of libraries and don't let them
access info from patrons outside of this group.
Access the following link and confirm that you can see the image only
for patrons from their group
  /cgi-bin/koha/members/patronimage.pl?borrowernumber=XX

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
members/patronimage.pl