old-git.evergreen-ils.org Git - working/Evergreen.git/commit

author	Kyle Huckins <khuckins@catalyte.io>
	Mon, 14 Jan 2019 22:22:40 +0000 (22:22 +0000)
committer	Kyle Huckins <khuckins@catalyte.io>
	Thu, 21 Jan 2021 20:38:31 +0000 (20:38 +0000)
commit	30c3c3fa8a917e3b17ca6035233c6a446487bfa3
tree	175f555cd6fa8d34ac4720879eaf02c6813c1cdc	tree
parent	ec7dbe8c6e9f70a70aedbd12249a82f79d238939	commit \| diff

lp1777677 Security tweaks

- Refactor test notification API to check if requestor
is user,and if not, then check if requestor has
permissions to view users at target user's home ou.
- Change event_def_type references to "hook"
- Separate out sendTestEmail and sendTestSMS functions
in frontend to prevent potential misuse of functionality.

Signed-off-by: Kyle Huckins <khuckins@catalyte.io>
Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org>
Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>

Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm		diff \| blob \| history
Open-ILS/src/templates/opac/myopac/prefs.tt2		diff \| blob \| history
Open-ILS/src/templates/opac/myopac/prefs_notify.tt2		diff \| blob \| history
Open-ILS/src/templates/staff/circ/patron/t_edit.tt2		diff \| blob \| history
Open-ILS/web/js/ui/default/opac/test_notification.js		diff \| blob \| history
Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js		diff \| blob \| history