http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5974
Bug #: 5974
Summary: Bogus auth check for "StaffMember" role
Classification: Unclassified
Change sponsored?: ---
Product: Koha
Version: unspecified
Platform: All
OS/Version: All
Status: ASSIGNED
Severity: minor
Priority: P5
Component: Patrons
AssignedTo: [email protected]
ReportedBy: [email protected]
QAContact: [email protected]
CC: [email protected]
In circ-toolbar.inc:
<!-- TMPL_IF NAME="StaffMember" -->
<!-- TMPL_IF NAME="CAN_user_staffaccess" -->
new YAHOO.widget.Button("changepassword");
<!-- /TMPL_IF-->
<!-- TMPL_ELSE-->
new YAHOO.widget.Button("changepassword");
<!-- /TMPL_IF -->
Besides being pointless, this refers to a "StaffMember" variable which is only
defined in one place, moremember.pl, based only on the patron category. A
remnant of a time before granular permissions?
--
Configure bugmail:
http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
_______________________________________________
Koha-bugs mailing list
[email protected]
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
