old-git.evergreen-ils.org Git - evergreen/pines.git/commit

author	Kyle Huckins <khuckins@catalyte.io>
	Mon, 14 Jan 2019 22:22:40 +0000 (22:22 +0000)
committer	Galen Charlton <gmc@equinoxinitiative.org>
	Fri, 11 Sep 2020 19:51:31 +0000 (15:51 -0400)
commit	61e9cf88540fe9598b658a715c637578412b39f3
tree	981d90180be7752dbf3de4705a32d3afbb9791f1	tree
parent	79aa12062839db8a0b2bd8b4cc24267e14538e59	commit \| diff

lp1777677 Security tweaks

- Refactor test notification API to check if requestor
is user,and if not, then check if requestor has
permissions to view users at target user's home ou.
- Change event_def_type references to "hook"
- Separate out sendTestEmail and sendTestSMS functions
in frontend to prevent potential misuse of functionality.

Signed-off-by: Kyle Huckins <khuckins@catalyte.io>
Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org>
Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>

Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm		diff \| blob \| history
Open-ILS/src/templates/opac/myopac/prefs.tt2		diff \| blob \| history
Open-ILS/src/templates/opac/myopac/prefs_notify.tt2		diff \| blob \| history
Open-ILS/src/templates/staff/circ/patron/t_edit.tt2		diff \| blob \| history
Open-ILS/web/js/ui/default/opac/test_notification.js		diff \| blob \| history
Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js		diff \| blob \| history