Bug 29889: Incorrect library check in patron message deletion logic
This patch corrects the logic controlling whether a patron message on
the circulation or patron details page has a "Delete" link. An error in
the logic prevented messages from being removed by staff who should have
been authorized to do so.
To reproduce the bug, check that your AllowAllMessageDeletion preference
is disabled.
- In the staff client, check out to a patron whose home library doesn't
match the library you're logged in at.
- Add a message to the patron's account.
- You should see no "Delete" link next to the newly-added message.
- If you edit the patron so that their home library matches the
library you're logged in at the delete link will appear.
To test, apply the patch and follow the steps above. The delete link
should aways appear if the message was left by someone logged in at the
same library.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This commit is contained in:
parent
20366164af
commit
2c60281ab4
1 changed files with 1 additions and 1 deletions
|
|
@ -217,7 +217,7 @@
|
|||
[% END %]
|
||||
<em>"[% patron_message.message | html %]"</em>
|
||||
</span>
|
||||
[% IF patron_message.branchcode == patron.branchcode OR Koha.Preference('AllowAllMessageDeletion') %]
|
||||
[% IF patron_message.branchcode == Branches.GetLoggedInBranchcode OR Koha.Preference('AllowAllMessageDeletion') %]
|
||||
<a class="btn btn-link" href="/cgi-bin/koha/circ/del_message.pl?message_id=[% patron_message.message_id | html %]&borrowernumber=[% patron_message.borrowernumber | html %]&from=moremember" onclick='return confirm(_("Are you sure you want to delete this message? This cannot be undone."));'><i class="fa fa-trash"></i> Delete</a>
|
||||
[% END %]
|
||||
</li>
|
||||
|
|
|
|||
Loading…
Reference in a new issue