Bug 23102: 404 errors on page causes SCI user to be logged out

To test:
 1 - Have something on the SCO page that won't load
     Add to SCOUserJS:
        </script>
        <img src="http://localhost:8080/silk/famfamfam.png"/>
        <script>
 2 - Enable the SCO and SCI system preferences:
     WebBasedSelfCheck: Enable
     SelfCheckInModuke: Enable
     AutoSelfCheckAllowed: Allow
     AutoSelfCheckID / AutoSelfCheckPass to a valid user with permissions
 3 - Add the self_checkin_module and self_checkout_module permissions to the AutoSelfCheck user
 4 - Access the selfcheckout module https://yoursite.org/cgi-bin/koha/sco/sco-main.pl
 5 - Sign in using a patron
 6 - Enter an unkown barcode, I used "DONTMATTER"
 7 - If not logged out, click to 'Return to account summary'
 8 - You are asked to sign in again
 9 - Repeat with the SCI module
10 - Apply patch
11 - Repeat, but this time you can return to account

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5bab87f76b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This commit is contained in:
Nick Clemens 2019-06-12 11:43:48 +00:00 committed by Fridolin Somers
parent 1d21a2da67
commit 240f526d06

View file

@ -238,7 +238,7 @@ sub get_template_and_user {
# If the user logged in is the SCI user and they try to go out of the SCI module,
# kick them out unless it is SCO with a valid permission
# or they are a superlibrarian
$in->{template_name} !~ m|sci/|
$in->{template_name} !~ m|sci/| && $in->{template_name} !~ m|errors/errorpage.tt|
&& haspermission( $user, { self_check => 'self_checkin_module' } )
&& !(
$in->{template_name} =~ m|sco/| && haspermission(