projects / working / Evergreen.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fe98025) | patch
lp1777677 Security tweaks user/khuckins/lp1777677-test-notification-method
authorKyle Huckins <khuckins@catalyte.io>
Mon, 14 Jan 2019 22:22:40 +0000 (22:22 +0000)
committerKyle Huckins <khuckins@catalyte.io>
Tue, 15 Jan 2019 18:45:10 +0000 (18:45 +0000)
commitca62246564d9c53453dc8d246ab9e68b3d615d03
treea44adae3440d6f942b469ee0fa6104efee416a78tree
parentfe9802549d840ffd13ac4f88c54016b4a309d0a1commit | diff
lp1777677 Security tweaks

- Refactor test notification API to check if requestor
is user,and if not, then check if requestor has
permissions to view users at target user's home ou.
- Change event_def_type references to "hook"
- Separate out sendTestEmail and sendTestSMS functions
in frontend to prevent potential misuse of functionality.

Signed-off-by: Kyle Huckins <khuckins@catalyte.io>
 Changes to be committed:
modified:   Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
modified:   Open-ILS/src/templates/opac/myopac/prefs.tt2
modified:   Open-ILS/src/templates/opac/myopac/prefs_notify.tt2
modified:   Open-ILS/src/templates/staff/circ/patron/t_edit.tt2
modified:   Open-ILS/web/js/ui/default/opac/test_notification.js
modified:   Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm diff | blob | history
Open-ILS/src/templates/opac/myopac/prefs.tt2 diff | blob | history
Open-ILS/src/templates/opac/myopac/prefs_notify.tt2 diff | blob | history
Open-ILS/src/templates/staff/circ/patron/t_edit.tt2 diff | blob | history
Open-ILS/web/js/ui/default/opac/test_notification.js diff | blob | history
Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js diff | blob | history
Evergreen ILS