Bug 13417: Allow staff members to manage public lists

Currently a public list can only be deleted by its owner. This means lists can exist infinitely. This will introduce a new permission for list. With this permission, a staff member will be allow to delete any public lists. Test plan: 1/ Add the manage_shelves permission to a patron. 2/ Login with this patron 3/ Go on the public list view 4/ You should be able to edit all public lists Followed test plan. Works as expected. Signed-off-by: Marc Veron <veron@veron.ch> Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2014-12-05 12:30:08 +01:00 · 2014-12-05 12:30:08 +01:00 · 9c65bd8124
commit 9c65bd8124
parent a7da45099f
4 changed files with 27 additions and 2 deletions
--- a/C4/VirtualShelves.pm
+++ b/C4/VirtualShelves.pm
@ -21,8 +21,10 @@ use strict;
 use warnings;

 use Carp;
+use C4::Auth;
 use C4::Context;
 use C4::Debug;
+use C4::Members;

 use constant SHELVES_MASTHEAD_MAX => 10; #number under Lists button in masthead
 use constant SHELVES_COMBO_MAX => 10; #add to combo in search
@ -461,6 +463,12 @@ sub ShelfPossibleAction {

    return 0 unless defined($shelfnumber);

+    if ( $user > 0 ) {
+        my $borrower = C4::Members::GetMember( borrowernumber => $user );
+        return 1
+            if C4::Auth::haspermission( $borrower->{userid}, { shelves => 'manage_shelves' } );
+    }
+
    my $dbh = C4::Context->dbh;
    my $query = qq/
        SELECT COALESCE(owner,0) AS owner, category, allow_add, allow_delete_own, allow_delete_other, COALESCE(sh.borrowernumber,0) AS borrowernumber
--- a/installer/data/mysql/en/mandatory/userflags.sql
+++ b/installer/data/mysql/en/mandatory/userflags.sql
@ -17,4 +17,6 @@ INSERT INTO userflags (bit, flag, flagdesc, defaulton) VALUES
 (16,'reports','Allow access to the reports module',0),
 (17,'staffaccess','Allow staff members to modify permissions for other staff members',0),
 (18,'coursereserves','Course reserves',0),
-(19, 'plugins', 'Koha plugins', '0');
+(19, 'plugins', 'Koha plugins', '0'),
+(20, 'shelves', 'Virtual shelves', 0)
+;
--- a/installer/data/mysql/en/mandatory/userpermissions.sql
+++ b/installer/data/mysql/en/mandatory/userpermissions.sql
@ -71,5 +71,6 @@ INSERT INTO permissions (module_bit, code, description) VALUES
   (19, 'manage', 'Manage plugins ( install / uninstall )'),
   (19, 'tool', 'Use tool plugins'),
   (19, 'report', 'Use report plugins'),
-   (19, 'configure', 'Configure plugins')
+   (19, 'configure', 'Configure plugins'),
+   (20, 'manage_shelves', 'Manage shelves')
 ;
--- a/installer/data/mysql/updatedatabase.pl
+++ b/installer/data/mysql/updatedatabase.pl
@ -9759,6 +9759,20 @@ if ( CheckVersion($DBversion) ) {
    SetVersion ($DBversion);
 }

+$DBversion = "3.19.00.XXX";
+if ( CheckVersion($DBversion) ) {
+    $dbh->do(q|
+        INSERT INTO userflags (bit, flag, flagdesc, defaulton) VALUES
+        (20, 'shelves', 'Virtual shelves', 0)
+    |);
+    $dbh->do(q|
+        INSERT INTO permissions (module_bit, code, description) VALUES
+        (20, 'manage_shelves', 'Manage shelves')
+    |);
+    print "Upgrade to $DBversion done (Bug 13417: Add permission to manage shelves)\n";
+    SetVersion ($DBversion);
+}
+
 =head1 FUNCTIONS

 =head2 TableExists($table)