Details
-
Bug
-
Status: Closed (View Workflow)
-
P4
-
Resolution: Duplicate
-
13.1.1
-
None
-
-
Prokopovych
Description
The PUT method of the /inventory/items/{itemId} endpoint has the following set of module permissions assigned in the module descriptor:
"modulePermissions": [
"inventory-storage.items.item.put",
"users.item.get"
]
Unfortunately, this is insufficient to successfully update an item using this endpoint, because mod-inventory then needs to GET the updated item to display it back to the client. That requires further module permissions, presumably all those assigned to the GET method:
"modulePermissions": [
"inventory-storage.items.item.get",
"inventory-storage.material-types.item.get",
"inventory-storage.material-types.collection.get",
"inventory-storage.loan-types.item.get",
"inventory-storage.loan-types.collection.get",
"inventory-storage.locations.item.get",
"inventory-storage.locations.collection.get",
"inventory-storage.holdings.collection.get",
"inventory-storage.holdings.item.get",
"inventory-storage.instances.collection.get",
"inventory-storage.instances.item.get"
]
Unless this is corrected in the module descriptor, assigning the permissionSet inventory.items.item.put is actually not enough to allow a user to use the PUT method on this endpoint.
TestRail: Results
Attachments
Issue Links
- duplicates
-
MODINV-356
Extend list of item statuses, allow users to change items to those statuses
-
- Closed
-