Browse Source

Bug 18403: Update permissions - borrowers => 1|* becomes borrowers => 'edit_borrowers'

Test plan:
Login with a patron that only have the 'edit_borrowers' permission.
You should be able to access patron's information of patrons inside of your group.

Technical note:
Before this patchset the borrowers permission module contains only 1 permission 'edit_borrowers'.
That meant
  borrowers => 1
and
  borrowers => '*'
had the same behavior.
Moreover, now that we have 2 permissions, 'CAN_user_borrowers' is set when all
permissions of 'borrowers' are set.
We need to update the different occurrences of these tests.

Signed-off-by: Signed-off-by: Jon McGowan <jon.mcgowan@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
18.05.x
Jonathan Druart 6 years ago
parent
commit
4bc92169dc
  1. 2
      circ/add_message.pl
  2. 2
      circ/del_message.pl
  3. 2
      edithelp.pl
  4. 4
      koha-tmpl/intranet-tmpl/prog/en/includes/adv-search.inc
  5. 6
      koha-tmpl/intranet-tmpl/prog/en/includes/borrower_debarments.inc
  6. 16
      koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc
  7. 2
      koha-tmpl/intranet-tmpl/prog/en/includes/header.inc
  8. 4
      koha-tmpl/intranet-tmpl/prog/en/includes/home-search.inc
  9. 2
      koha-tmpl/intranet-tmpl/prog/en/includes/members-menu.inc
  10. 16
      koha-tmpl/intranet-tmpl/prog/en/includes/members-toolbar.inc
  11. 2
      koha-tmpl/intranet-tmpl/prog/en/modules/circ/circulation.tt
  12. 8
      koha-tmpl/intranet-tmpl/prog/en/modules/intranet-main.tt
  13. 4
      koha-tmpl/intranet-tmpl/prog/en/modules/members/files.tt
  14. 2
      koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt
  15. 6
      koha-tmpl/intranet-tmpl/prog/en/modules/members/memberentrygen.tt
  16. 2
      labels/label-item-search.pl
  17. 2
      members/boraccount.pl
  18. 2
      members/default_messageprefs.pl
  19. 4
      members/deletemem.pl
  20. 2
      members/discharge.pl
  21. 2
      members/discharges.pl
  22. 2
      members/files.pl
  23. 2
      members/guarantor_search.pl
  24. 2
      members/housebound.pl
  25. 4
      members/mancredit.pl
  26. 4
      members/maninvoice.pl
  27. 5
      members/member-password.pl
  28. 2
      members/member.pl
  29. 2
      members/memberentry.pl
  30. 2
      members/members-home.pl
  31. 2
      members/members-update-do.pl
  32. 2
      members/members-update.pl
  33. 2
      members/mod_debarment.pl
  34. 4
      members/moremember.pl
  35. 2
      members/nl-search.pl
  36. 2
      members/notices.pl
  37. 2
      members/pay.pl
  38. 2
      members/paycollect.pl
  39. 2
      members/printfeercpt.pl
  40. 2
      members/printinvoice.pl
  41. 2
      members/purchase-suggestions.pl
  42. 2
      members/readingrec.pl
  43. 2
      members/setstatus.pl
  44. 2
      members/statistics.pl
  45. 2
      members/update-child.pl
  46. 2
      opac/opac-overdrive-search.pl
  47. 2
      svc/checkouts
  48. 2
      svc/members/search

2
circ/add_message.pl

@ -32,7 +32,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
circ/del_message.pl

@ -32,7 +32,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
edithelp.pl

@ -49,7 +49,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
catalogue => 1,
circulate => 1,
parameters => 1,
borrowers => 1,
borrowers => 'edit_borrowers',
permissions => 1,
reserveforothers => 1,
reserveforself => 1,

4
koha-tmpl/intranet-tmpl/prog/en/includes/adv-search.inc

@ -21,7 +21,7 @@
</div>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
<div id="patron_search" class="residentsearch">
<p class="tip">Enter patron card number or partial name:</p>
<form action="/cgi-bin/koha/members/member.pl" method="post">
@ -42,7 +42,7 @@
[% IF ( CAN_user_circulate_circulate_remaining_permissions ) %]
<li><a class="keep_text" href="#renew_search">Renew</a></li>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
<li><a class="keep_text" href="#patron_search">Search patrons</a></li>
[% END %]
</ul>

6
koha-tmpl/intranet-tmpl/prog/en/includes/borrower_debarments.inc

@ -37,7 +37,7 @@
<th>Comment</th>
<th>Expiration</th>
<th>Created</th>
[% IF CAN_user_borrowers && CAN_user_circulate_manage_restrictions %]
[% IF CAN_user_borrowers_edit_borrowers && CAN_user_circulate_manage_restrictions %]
<th>&nbsp;</th>
[% END %]
</tr>
@ -66,7 +66,7 @@
</td>
<td>[% IF d.expiration %] [% d.expiration | $KohaDates %] [% ELSE %] <i>Indefinite</i> [% END %]</td>
<td>[% d.created | $KohaDates %]</td>
[% IF CAN_user_borrowers && CAN_user_circulate_manage_restrictions %]
[% IF CAN_user_borrowers_edit_borrowers && CAN_user_circulate_manage_restrictions %]
<td>
<a class="remove_restriction btn btn-default btn-xs" href="/cgi-bin/koha/members/mod_debarment.pl?borrowernumber=[% borrowernumber %]&amp;borrower_debarment_id=[% d.borrower_debarment_id %]&amp;action=del">
<i class="fa fa-trash"></i> Remove
@ -78,7 +78,7 @@
</tbody>
</table>
[% END %]
[% IF CAN_user_borrowers && CAN_user_circulate_manage_restrictions %]
[% IF CAN_user_borrowers_edit_borrowers && CAN_user_circulate_manage_restrictions %]
<p><a href="#" id="add_manual_restriction"><i class="fa fa-plus"></i> Add manual restriction</a></p>
<form method="post" action="/cgi-bin/koha/members/mod_debarment.pl" class="clearfix">
<input type="hidden" name="borrowernumber" value="[% borrowernumber %]" />

16
koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc

@ -74,7 +74,7 @@
[% IF ( batch_checkout_view ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/circ/circulation.pl?borrowernumber=[% borrowernumber %]&amp;batch=1">Batch check out</a></li>
[% END %]
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( detailview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% borrowernumber %]">Details</a></li>
[% END %]
[% IF ( CAN_user_updatecharges ) %]
@ -83,12 +83,12 @@
[% IF ( CAN_user_circulate_circulate_remaining_permissions ) %]
[% IF Koha.Preference("RoutingSerials") %][% IF ( routinglistview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/routing-lists.pl?borrowernumber=[% borrowernumber %]">Routing lists</a></li>[% END %]
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( intranetreadinghistory ) %]
[% IF ( readingrecordview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/readingrec.pl?borrowernumber=[% borrowernumber %]">Circulation history</a></li>
[% END %]
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( intranetreadinghistory ) %]
[% IF ( holdshistoryview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/holdshistory.pl?borrowernumber=[% borrowernumber %]">Holds history</a></li>
[% END %]
@ -96,22 +96,22 @@
[% IF ( CAN_user_parameters ) %]
[% IF ( logview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/tools/viewlog.pl?do_it=1&amp;modules=MEMBERS&amp;modules=circulation&amp;object=[% borrowernumber %]&amp;src=circ">Modification log</a></li>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( sentnotices ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/notices.pl?borrowernumber=[% borrowernumber %]">Notices</a></li>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( statisticsview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/statistics.pl?borrowernumber=[% borrowernumber %]">Statistics</a></li>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( EnableBorrowerFiles ) %]
[% IF ( borrower_files ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/files.pl?borrowernumber=[% borrowernumber %]">Files</a></li>
[% END %]
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( suggestionsview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/purchase-suggestions.pl?borrowernumber=[% borrowernumber %]">Purchase suggestions</a></li>
[% END %]
[% IF CAN_user_borrowers && useDischarge %]
[% IF CAN_user_borrowers_edit_borrowers && useDischarge %]
[% IF dischargeview %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/discharge.pl?borrowernumber=[% borrowernumber %]">Discharges</a></li>
[% END %]
[% IF Koha.Preference('HouseboundModule') %]

2
koha-tmpl/intranet-tmpl/prog/en/includes/header.inc

@ -3,7 +3,7 @@
<div class="container-fluid">
<ul id="toplevelmenu" class="nav navbar-nav">
[% IF ( CAN_user_circulate_circulate_remaining_permissions ) %]<li><a href="/cgi-bin/koha/circ/circulation-home.pl">Circulation</a></li>[% END %]
[% IF ( CAN_user_borrowers ) %]<li><a href="/cgi-bin/koha/members/members-home.pl">Patrons</a></li>[% END %]
[% IF CAN_user_borrowers_edit_borrowers %]<li><a href="/cgi-bin/koha/members/members-home.pl">Patrons</a></li>[% END %]
<li class="dropdown">
<a href="/cgi-bin/koha/catalogue/search.pl" class="dropdown-toggle" data-toggle="dropdown">Search <b class="caret"></b></a>
<ul class="dropdown-menu">

4
koha-tmpl/intranet-tmpl/prog/en/includes/home-search.inc

@ -21,7 +21,7 @@
</div>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
<div id="patron_search" class="residentsearch">
<p class="tip">Enter patron card number or partial name:</p>
<form action="/cgi-bin/koha/members/member.pl" method="post">
@ -44,7 +44,7 @@
[% IF ( CAN_user_circulate_circulate_remaining_permissions ) %]<li><a class="keep_text" href="#circ_search">Check out</a></li>[% END %]
[% IF ( CAN_user_circulate_circulate_remaining_permissions ) %]<li><a class="keep_text" href="#checkin_search">Check in</a></li>[% END %]
[% IF ( CAN_user_circulate_circulate_remaining_permissions ) %]<li><a class="keep_text" href="#renew_search">Renew</a></li>[% END %]
[% IF ( CAN_user_borrowers ) %]<li><a class="keep_text" href="#patron_search">Search patrons</a></li>[% END %]
[% IF CAN_user_borrowers_edit_borrowers %]<li><a class="keep_text" href="#patron_search">Search patrons</a></li>[% END %]
[% IF ( CAN_user_catalogue ) %]<li><a class="keep_text" href="#catalog_search">Search the catalog</a></li>[% END %]
</ul>

2
koha-tmpl/intranet-tmpl/prog/en/includes/members-menu.inc

@ -17,7 +17,7 @@
[% IF EnableBorrowerFiles %]
[% IF ( borrower_files ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/files.pl?borrowernumber=[% borrowernumber %]">Files</a></li>
[% END %]
[% IF CAN_user_borrowers && useDischarge %]
[% IF CAN_user_borrowers_edit_borrowers && useDischarge %]
[% IF dischargeview %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/discharge.pl?borrowernumber=[% borrowernumber %]">Discharge</a></li>
[% END %]
[% IF Koha.Preference('HouseboundModule') %]

16
koha-tmpl/intranet-tmpl/prog/en/includes/members-toolbar.inc

@ -6,7 +6,7 @@
<script type="text/javascript">
//<![CDATA[
$(document).ready(function(){
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( NorwegianPatronDBEnable == 1 ) %]
$("#deletepatronlocal").click(function(){
confirm_local_deletion();
@ -132,7 +132,7 @@ function searchToHold(){
</script>
<div id="toolbar" class="btn-toolbar">
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( guarantor ) %]
<a id="editpatron" class="btn btn-default btn-sm" href="/cgi-bin/koha/members/memberentry.pl?op=modify&amp;destination=circ&amp;borrowernumber=[% borrowernumber %]&amp;guarantorid=[% guarantor.borrowernumber %]&amp;categorycode=[% categorycode %]">
[% ELSE %]
@ -141,11 +141,11 @@ function searchToHold(){
<i class="fa fa-pencil"></i> Edit</a>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF adultborrower AND Koha.Preference("borrowerRelationship") %]
<a id="addchild" class="btn btn-default btn-sm" href="/cgi-bin/koha/members/memberentry.pl?op=add&amp;guarantorid=[% borrowernumber %]"><i class="fa fa-plus"></i> Add child</a>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
<a id="changepassword" class="btn btn-default btn-sm" href="/cgi-bin/koha/members/member-password.pl?member=[% borrowernumber %]"><i class="fa fa-lock"></i> Change password</a>
[% END %]
<a id="duplicate" class="btn btn-default btn-sm" href="/cgi-bin/koha/members/memberentry.pl?op=duplicate&amp;borrowernumber=[% borrowernumber %]&amp;categorycode=[% categorycode %]"><i class="fa fa-copy"></i> Duplicate</a>
@ -154,7 +154,7 @@ function searchToHold(){
<div class="btn-group">
<button class="btn btn-default btn-sm dropdown-toggle" data-toggle="dropdown"><i class="fa fa-print"></i> Print <span class="caret"></span></button>
<ul class="dropdown-menu">
[% IF ( CAN_user_borrowers ) %]<li><a id="printsummary" href="#">Print summary</a></li>[% END %]
[% IF CAN_user_borrowers_edit_borrowers %]<li><a id="printsummary" href="#">Print summary</a></li>[% END %]
<li><a id="printslip" href="#">Print slip</a></li>
<li><a id="printquickslip" href="#">Print quick slip</a></li>
[% IF Borrowers.HasOverdues( borrowernumber ) %]
@ -172,7 +172,7 @@ function searchToHold(){
<div class="btn-group">
<button class="btn btn-default btn-sm dropdown-toggle" data-toggle="dropdown">More <span class="caret"></span></button>
<ul class="dropdown-menu">
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
<li><a id="renewpatron" href="/cgi-bin/koha/members/setstatus.pl?borrowernumber=[% borrowernumber %]&amp;destination=[% destination %]&amp;reregistration=y">Renew patron</a></li>
[% ELSE %]
<li class="disabled"><a data-toggle="tooltip" data-placement="left" title="You are not authorized to renew patrons" id="renewpatron" href="#">Renew patron</a></li>
@ -182,10 +182,10 @@ function searchToHold(){
[% ELSE %]
<li class="disabled"><a data-toggle="tooltip" data-placement="left" title="You are not authorized to set permissions" id="patronflags" href="#">Set permissions</a></li>
[% END %]
[% IF CAN_user_borrowers && useDischarge %]
[% IF CAN_user_borrowers_edit_borrowers && useDischarge %]
<li><a href="/cgi-bin/koha/members/discharge.pl?borrowernumber=[% borrowernumber %]">Discharge</a></li>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF ( NorwegianPatronDBEnable == 1 ) %]
<li><a id="deletepatronlocal" href="#">Delete local</a></li>
<li><a id="deletepatronremote" href="#">Delete remote</a></li>

2
koha-tmpl/intranet-tmpl/prog/en/modules/circ/circulation.tt

@ -772,7 +772,7 @@ No patron matched <span class="ex">[% message | html %]</span>
[% IF ( has_modifications ) %]
<li><span class="circ-hlt">Pending modifications:</span> Patron has pending modifications.
[% IF CAN_user_borrowers && ( !Koha.Preference('IndependentBranchesPatronModifications') || borrower.branch == branch ) %]
[% IF CAN_user_borrowers_edit_borrowers && ( !Koha.Preference('IndependentBranchesPatronModifications') || borrower.branch == branch ) %]
<a href="/cgi-bin/koha/members/members-update.pl">View all pending patron modifications</a>
[% END %]
</li>

8
koha-tmpl/intranet-tmpl/prog/en/modules/intranet-main.tt

@ -50,7 +50,7 @@
</li>
[% END %]
[% IF ( CAN_user_borrowers ) %]
[% IF CAN_user_borrowers_edit_borrowers %]
<li>
<a class="icon_general icon_patrons" href="/cgi-bin/koha/members/members-home.pl">Patrons</a>
</li>
@ -131,7 +131,7 @@
<div class="row">
<div class="col-sm-12">
[%# Following statement must be in one line for translatability %]
[% IF ( ( CAN_user_tools_moderate_comments && pendingcomments ) || ( CAN_user_tools_moderate_tags && pendingtags ) || ( CAN_user_borrowers && pending_borrower_modifications ) || ( CAN_user_acquisition && pendingsuggestions ) || ( CAN_user_borrowers && pending_discharge_requests ) || pending_article_requests) %]
[% IF ( ( CAN_user_tools_moderate_comments && pendingcomments ) || ( CAN_user_tools_moderate_tags && pendingtags ) || ( CAN_user_borrowers_edit_borrowers && pending_borrower_modifications ) || ( CAN_user_acquisition && pendingsuggestions ) || ( CAN_user_borrowers_edit_borrowers && pending_discharge_requests ) || pending_article_requests) %]
<div id="area-pending">
[% IF pending_article_requests %]
<div class="pending-info" id="article_requests_pending">
@ -164,14 +164,14 @@
[% END %]
[% IF ( CAN_user_borrowers && pending_borrower_modifications ) %]
[% IF ( CAN_user_borrowers_edit_borrowers && pending_borrower_modifications ) %]
<div class="pending-info" id="patron_updates_pending">
<a href="/cgi-bin/koha/members/members-update.pl">Patrons requesting modifications</a>:
<span class="pending-number-link">[% pending_borrower_modifications %]</span>
</div>
[% END %]
[% IF CAN_user_borrowers && pending_discharge_requests %]
[% IF CAN_user_borrowers_edit_borrowers && pending_discharge_requests %]
<div class="pending-info" id="patron_discharges_pending">
<a href="/cgi-bin/koha/members/discharges.pl">Discharge requests pending</a>:
<span class="pending-number-link">[% pending_discharge_requests %]</span>

4
koha-tmpl/intranet-tmpl/prog/en/modules/members/files.tt

@ -46,7 +46,7 @@
<th>Type</th>
<th>Description</th>
<th>Uploaded</th>
[% IF CAN_user_borrowers %]<th>&nbsp;</th>[% END %]
[% IF CAN_user_borrowers_edit_borrowers %]<th>&nbsp;</th>[% END %]
</tr>
</thead>
@ -57,7 +57,7 @@
<td>[% f.file_type %]</td>
<td>[% f.file_description %]</td>
<td>[% f.date_uploaded | $KohaDates %]</td>
[% IF CAN_user_borrowers %]<td><a class="btn btn-default btn-xs confirmdelete" href="?borrowernumber=[% borrowernumber %]&amp;op=delete&amp;file_id=[% f.file_id %]"><i class="fa fa-trash"></i> Delete</a></td>[% END %]
[% IF CAN_user_borrowers_edit_borrowers %]<td><a class="btn btn-default btn-xs confirmdelete" href="?borrowernumber=[% borrowernumber %]&amp;op=delete&amp;file_id=[% f.file_id %]"><i class="fa fa-trash"></i> Delete</a></td>[% END %]
</tr>
[% END %]
</tbody>

2
koha-tmpl/intranet-tmpl/prog/en/modules/members/member.tt

@ -348,7 +348,7 @@ function filterByFirstLetterSurname(letter) {
[% END %]
</div>
[% IF ( CAN_user_borrowers && pending_borrower_modifications ) %]
[% IF CAN_user_borrowers_edit_borrowers && pending_borrower_modifications %]
<div class="pending-info" id="patron_updates_pending">
<a href="/cgi-bin/koha/members/members-update.pl">Patrons requesting modifications</a>:
<span class="number_box"><a href="/cgi-bin/koha/members/members-update.pl">[% pending_borrower_modifications %]</a></span>

6
koha-tmpl/intranet-tmpl/prog/en/modules/members/memberentrygen.tt

@ -1041,7 +1041,7 @@ $(document).ready(function() {
<th>Comment</th>
<th>Expiration</th>
<th>Created</th>
[% IF CAN_user_borrowers && CAN_user_circulate_manage_restrictions %]
[% IF CAN_user_borrowers_edit_borrowers && CAN_user_circulate_manage_restrictions %]
<th>Remove?</th>
[% END %]
</tr>
@ -1060,7 +1060,7 @@ $(document).ready(function() {
</td>
<td>[% IF d.expiration %] [% d.expiration | $KohaDates %] [% ELSE %] <i>Indefinite</i> [% END %]</td>
<td>[% d.created | $KohaDates %]</td>
[% IF CAN_user_borrowers && CAN_user_circulate_manage_restrictions %]
[% IF CAN_user_borrowers_edit_borrowers && CAN_user_circulate_manage_restrictions %]
<td>
<input type="checkbox" id="debarment_[% d.borrower_debarment_id %]" name="remove_debarment" value="[% d.borrower_debarment_id %]" />
</td>
@ -1073,7 +1073,7 @@ $(document).ready(function() {
<p>Patron is currently unrestricted.</p>
[% END %]
[% IF CAN_user_borrowers && CAN_user_circulate_manage_restrictions %]
[% IF CAN_user_borrowers_edit_borrowers && CAN_user_circulate_manage_restrictions %]
<p><a href="#" id="add_manual_restriction">Add manual restriction</a></p>
<fieldset id="manual_restriction_form">
<input type="hidden" id="add_debarment" name="add_debarment" value="0" />

2
labels/label-item-search.pl

@ -160,7 +160,7 @@ if ($show_results) {
query => $query,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
flagsrequired => { catalogue => 1 },
debug => 1,
}

2
members/boraccount.pl

@ -42,7 +42,7 @@ my ($template, $loggedinuser, $cookie) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1,
flagsrequired => { borrowers => 'edit_borrowers',
updatecharges => 'remaining_permissions'},
debug => 1,
}

2
members/default_messageprefs.pl

@ -27,7 +27,7 @@ use C4::Form::MessagingPreferences;
# update the prefs if operator is creating a new patron and has
# changed the patron category from its original value.
my ($query, $response) = C4::Service->init(borrowers => 1);
my ($query, $response) = C4::Service->init(borrowers => 'edit_borrowers');
my ($categorycode) = C4::Service->require_params('categorycode');
C4::Form::MessagingPreferences::set_form_values({ categorycode => $categorycode }, $response);
C4::Service->return_success( $response );

4
members/deletemem.pl

@ -43,7 +43,7 @@ my ($template, $borrowernumber, $cookie)
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => {borrowers => 1},
flagsrequired => {borrowers => 'edit_borrowers'},
debug => 1,
});
@ -89,7 +89,7 @@ if ($patron->category->category_type eq "S") {
exit 0; # Exit without error
}
} else {
unless(C4::Auth::haspermission($userenv->{'id'},{'borrowers'=>1})) {
unless(C4::Auth::haspermission($userenv->{'id'},{'borrowers'=>'edit_borrowers'})) {
print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member&error=CANT_DELETE");
exit 0; # Exit without error
}

2
members/discharge.pl

@ -48,7 +48,7 @@ my ( $template, $loggedinuser, $cookie, $flags ) = get_template_and_user({
query => $input,
type => 'intranet',
authnotrequired => 0,
flagsrequired => { 'borrowers' => '*' },
flagsrequired => { 'borrowers' => 'edit_borrowers' },
});
my $borrowernumber = $input->param('borrowernumber');

2
members/discharges.pl

@ -33,7 +33,7 @@ my ( $template, $loggedinuser, $cookie, $flags ) = get_template_and_user({
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
});
my $branchcode =

2
members/files.pl

@ -39,7 +39,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $cgi,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
members/guarantor_search.pl

@ -35,7 +35,7 @@ my ( $template, $loggedinuser, $cookie, $staff_flags ) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
}
);

2
members/housebound.pl

@ -47,7 +47,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => 'intranet',
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
}
);

4
members/mancredit.pl

@ -37,7 +37,7 @@ use Koha::Patrons;
use Koha::Patron::Categories;
my $input=new CGI;
my $flagsrequired = { borrowers => 1, updatecharges => 1 };
my $flagsrequired = { borrowers => 'edit_borrowers', updatecharges => 1 };
my $borrowernumber=$input->param('borrowernumber');
@ -70,7 +70,7 @@ if ($add){
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1,
flagsrequired => { borrowers => 'edit_borrowers',
updatecharges => 'remaining_permissions' },
debug => 1,
}

4
members/maninvoice.pl

@ -37,7 +37,7 @@ use Koha::Patrons;
use Koha::Patron::Categories;
my $input=new CGI;
my $flagsrequired = { borrowers => 1 };
my $flagsrequired = { borrowers => 'edit_borrowers' };
my $borrowernumber=$input->param('borrowernumber');
@ -88,7 +88,7 @@ if ($add){
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1,
flagsrequired => { borrowers => 'edit_borrowers',
updatecharges => 'remaining_permissions' },
debug => 1,
});

5
members/member-password.pl

@ -32,14 +32,11 @@ my ( $template, $loggedinuser, $cookie, $staffflags ) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);
my $flagsrequired;
$flagsrequired->{borrowers} = 1;
my $member = $input->param('member');
my $cardnumber = $input->param('cardnumber');
my $destination = $input->param('destination');

2
members/member.pl

@ -38,7 +38,7 @@ my ($template, $loggedinuser, $cookie)
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => {borrowers => 1},
flagsrequired => {borrowers => 'edit_borrowers'},
});
my $theme = $input->param('theme') || "default";

2
members/memberentry.pl

@ -71,7 +71,7 @@ my ($template, $loggedinuser, $cookie)
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => {borrowers => 1},
flagsrequired => {borrowers => 'edit_borrowers'},
debug => ($debug) ? 1 : 0,
});

2
members/members-home.pl

@ -35,7 +35,7 @@ my ($template, $loggedinuser, $cookie, $flags)
query => $query,
type => "intranet",
authnotrequired => 0,
flagsrequired => {borrowers => 1},
flagsrequired => {borrowers => 'edit_borrowers'},
debug => 1,
});

2
members/members-update-do.pl

@ -33,7 +33,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $query,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
members/members-update.pl

@ -38,7 +38,7 @@ my ( $template, $loggedinuser, $cookie, $flags ) = get_template_and_user(
query => $query,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
members/mod_debarment.pl

@ -27,7 +27,7 @@ use Koha::Patron::Debarments;
my $cgi = new CGI;
my ( $loggedinuser, $cookie, $sessionID ) = checkauth( $cgi, 0, { borrowers => 1 }, 'intranet' );
my ( $loggedinuser, $cookie, $sessionID ) = checkauth( $cgi, 0, { borrowers => 'edit_borrowers' }, 'intranet' );
my $borrowernumber = $cgi->param('borrowernumber');
my $action = $cgi->param('action');

4
members/moremember.pl

@ -100,10 +100,10 @@ if (defined $print and $print eq "page") {
$flagsrequired = { circulate => "circulate_remaining_permissions" };
} elsif (defined $print and $print eq "brief") {
$template_name = "members/moremember-brief.tt";
$flagsrequired = { borrowers => 1 };
$flagsrequired = { borrowers => 'edit_borrowers' };
} else {
$template_name = "members/moremember.tt";
$flagsrequired = { borrowers => 1 };
$flagsrequired = { borrowers => 'edit_borrowers' };
}
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(

2
members/nl-search.pl

@ -57,7 +57,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $cgi,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
members/notices.pl

@ -44,7 +44,7 @@ my ($template, $loggedinuser, $cookie)
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => {borrowers => 1},
flagsrequired => {borrowers => 'edit_borrowers'},
debug => 1,
});

2
members/pay.pl

@ -53,7 +53,7 @@ our ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => 'intranet',
authnotrequired => 0,
flagsrequired => { borrowers => 1, updatecharges => $updatecharges_permissions },
flagsrequired => { borrowers => 'edit_borrowers', updatecharges => $updatecharges_permissions },
debug => 1,
}
);

2
members/paycollect.pl

@ -42,7 +42,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => 'intranet',
authnotrequired => 0,
flagsrequired => { borrowers => 1, updatecharges => $updatecharges_permissions },
flagsrequired => { borrowers => 'edit_borrowers', updatecharges => $updatecharges_permissions },
debug => 1,
}
);

2
members/printfeercpt.pl

@ -41,7 +41,7 @@ my ($template, $loggedinuser, $cookie)
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => {borrowers => 1, updatecharges => 'remaining_permissions'},
flagsrequired => {borrowers => 'edit_borrowers', updatecharges => 'remaining_permissions'},
debug => 1,
});

2
members/printinvoice.pl

@ -39,7 +39,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1, updatecharges => 'remaining_permissions' },
flagsrequired => { borrowers => 'edit_borrowers', updatecharges => 'remaining_permissions' },
debug => 1,
}
);

2
members/purchase-suggestions.pl

@ -35,7 +35,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
members/readingrec.pl

@ -45,7 +45,7 @@ my ($template, $loggedinuser, $cookie)= get_template_and_user({template_name =>
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => {borrowers => 1},
flagsrequired => {borrowers => 'edit_borrowers'},
debug => 1,
});

2
members/setstatus.pl

@ -34,7 +34,7 @@ use Koha::Patrons;
my $input = new CGI;
checkauth($input, 0, { borrowers => 1 }, 'intranet');
checkauth($input, 0, { borrowers => 'edit_borrowers' }, 'intranet');
my $destination = $input->param("destination") || '';
my $borrowernumber=$input->param('borrowernumber');

2
members/statistics.pl

@ -40,7 +40,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
members/update-child.pl

@ -46,7 +46,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 },
flagsrequired => { borrowers => 'edit_borrowers' },
debug => 1,
}
);

2
opac/opac-overdrive-search.pl

@ -33,7 +33,7 @@ my ($template, $loggedinuser, $cookie)
query => $cgi,
type => "opac",
authnotrequired => 1,
flagsrequired => {borrowers => 1},
flagsrequired => {borrowers => 'edit_borrowers'},
debug => 1,
});

2
svc/checkouts

@ -41,7 +41,7 @@ my $session = get_session($sessionID);
my $userid = $session->param('id');
unless (haspermission($userid, { circulate => 'circulate_remaining_permissions' })
|| haspermission($userid, { borrowers => '*' })) {
|| haspermission($userid, { borrowers => 'edit_borrowers' })) {
exit 0;
}

2
svc/members/search

@ -36,7 +36,7 @@ my ($template, $user, $cookie) = get_template_and_user({
query => $input,
type => "intranet",
authnotrequired => 0,
flagsrequired => { borrowers => 1 }
flagsrequired => { borrowers => 'edit_borrowers' }
});
my $searchmember = $input->param('searchmember');

Loading…
Cancel
Save