Evergreen

CSS From Library Setting Needs to have permissions

Bug #1849683 reported by Rogan Hamby
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Evergreen
Fix Released
Medium
Unassigned
Evergreen 3.5.0

Bug Description

This is a follow up to #1849152. I will post a patch shortly to add permissions for it.

Revision history for this message
Rogan Hamby (rogan-hamby) wrote :

Patch available here:

08ebe0c801299262b27c514e2cedb3dc83223dbf

https://git.evergreen-ils.org/?p=working/Evergreen.git;a=commit;h=08ebe0c801299262b27c514e2cedb3dc83223dbf

This adds an view and update permission as well as updates the release notes to mention them.

Changed in evergreen:
assignee: Rogan Hamby (rogan-hamby) → nobody
tags: added: pullrequest
Revision history for this message
Jeff Godin (jgodin) wrote :

Thanks, Rogan!

My initial reaction was that we only need an update perm for this org unit setting.

Under what circumstances can you see wanting to require a specific permission to view the value?

Also, since bug 1849152 has already been committed to master and the database upgrade script given a number, I think a different approach will be required for the database changes in this followup work.

I don't know that we have that explicitly documented, but give a shout on irc or the dev list if you need advice there (and this wasn't just a simple oversight).

Revision history for this message
Rogan Hamby (rogan-hamby) wrote :

I can see arguments for combining versus doing separate. At this point it's so close in time I think it would be easier to encapsulate it though if the core committers feel it's better to stick to separate on principle (or this drags in being tested) doing it separate isn't a big deal.

https://git.evergreen-ils.org/?p=working/Evergreen.git;a=commit;h=20253abae3dd4e21f8bbc2db8568bef27834a78c

Revision history for this message
Galen Charlton (gmc) wrote :

I see no reason for a separate view permission; protecting update is sufficient IMO. Also, it does indeed need to be a separate patch rather than updating the existing schema update script.

Revision history for this message
Rogan Hamby (rogan-hamby) wrote :

patch with just update permission https://git.evergreen-ils.org/?p=working/Evergreen.git;a=commit;h=ef47a41ef29520d46290989ed1d338a070fe2587

Revision history for this message
Jason Boyer (jboyer) wrote :

I've tested this and it works as expected, signoff branch is here: https://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/jboyer/lp1849683_permission_signoff / working/user/jboyer/lp1849683_permission_signoff

tags: added: signedoff
Revision history for this message
Dan Wells (dbw2) wrote :

Just a note, the INSERT into config.org_unit_setting_type in the seed file still needs the translation wrapper for those strings. Check out examples starting on or around line 15291.

Revision history for this message
Jason Boyer (jboyer) wrote :

Thanks for the catch Dan, I've force-pushed an update to that branch that addresses that and a couple other issues.

Revision history for this message
Jason Boyer (jboyer) wrote :

In the interest of getting this in before 3.5.0 is released I've pushed this patch with changes based on Dan's feedback (and a formatting change for the release notes) to master. Thanks everyone!

Jane Sandberg (sandbergja)
Changed in evergreen:
status: New → Fix Released
Revision history for this message
Jane Sandberg (sandbergja) wrote :

This was released in 3.5.0. I don't know how to target this to a past release, though.

Jane Sandberg (sandbergja)
Changed in evergreen:
milestone: none → 3.5.0
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.