old-git.evergreen-ils.org Git - working/Evergreen.git/commit

author	Kyle Huckins <khuckins@catalyte.io>
	Mon, 14 Jan 2019 22:22:40 +0000 (22:22 +0000)
committer	Galen Charlton <gmc@equinoxinitiative.org>
	Tue, 21 Jul 2020 20:41:36 +0000 (16:41 -0400)
commit	3c5d1e7df1a43e0b4cb258c261f5b1bb3e321906
tree	8bac754383c34a35c3866a2f7f27067e9b2c59f7	tree
parent	cfbccf625a6ac2e23cefd01c75b5c2766f34116d	commit \| diff

lp1777677 Security tweaks

- Refactor test notification API to check if requestor
is user,and if not, then check if requestor has
permissions to view users at target user's home ou.
- Change event_def_type references to "hook"
- Separate out sendTestEmail and sendTestSMS functions
in frontend to prevent potential misuse of functionality.

Signed-off-by: Kyle Huckins <khuckins@catalyte.io>
Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org>
Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>

Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm		diff \| blob \| history
Open-ILS/src/templates/opac/myopac/prefs.tt2		diff \| blob \| history
Open-ILS/src/templates/opac/myopac/prefs_notify.tt2		diff \| blob \| history
Open-ILS/src/templates/staff/circ/patron/t_edit.tt2		diff \| blob \| history
Open-ILS/web/js/ui/default/opac/test_notification.js		diff \| blob \| history
Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js		diff \| blob \| history