]> git.koha-community.org Git - koha.git/commit
Bug 27947: (QA follow-up) Clarify permissions
authorTomas Cohen Arazi <tomascohen@theke.io>
Fri, 17 Sep 2021 18:39:17 +0000 (15:39 -0300)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Wed, 6 Oct 2021 08:09:25 +0000 (10:09 +0200)
commit9c4a1b19aa86b246ea2528a6f1a33401d1007fae
tree1089a381a0f3693e896ebf7a93688ff5b1611b7d
parent77506a474a799928779c14620666bc9b27ffd697
Bug 27947: (QA follow-up) Clarify permissions

Privileged routes need permissions defined. This patch adds the minimum
required permission until there are article request-specific permissions
in Koha: circulate: circulate_remaining_permissions

It is also clarified that interacting with an article request  from
another patron, but having your own patron_id in the path would return
404 instead of 403, as technically the resource (an article request from
the patron, identified.by the supplied id) doesn't exist.

Tests are tweaked.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Koha/REST/V1/ArticleRequests.pm
api/v1/swagger/paths/article_requests.yaml
t/db_dependent/api/v1/article_requests.t