From 9c65bd8124ad21a96672c76b0ef1e31f80d7f4f3 Mon Sep 17 00:00:00 2001 From: Jonathan Druart Date: Fri, 5 Dec 2014 12:30:08 +0100 Subject: [PATCH] Bug 13417: Allow staff members to manage public lists Currently a public list can only be deleted by its owner. This means lists can exist infinitely. This will introduce a new permission for list. With this permission, a staff member will be allow to delete any public lists. Test plan: 1/ Add the manage_shelves permission to a patron. 2/ Login with this patron 3/ Go on the public list view 4/ You should be able to edit all public lists Followed test plan. Works as expected. Signed-off-by: Marc Veron Signed-off-by: Chris Cormack Signed-off-by: Kyle M Hall Signed-off-by: Tomas Cohen Arazi --- C4/VirtualShelves.pm | 8 ++++++++ installer/data/mysql/en/mandatory/userflags.sql | 4 +++- .../data/mysql/en/mandatory/userpermissions.sql | 3 ++- installer/data/mysql/updatedatabase.pl | 14 ++++++++++++++ 4 files changed, 27 insertions(+), 2 deletions(-) diff --git a/C4/VirtualShelves.pm b/C4/VirtualShelves.pm index 0ae93615c6..f461d3ca70 100644 --- a/C4/VirtualShelves.pm +++ b/C4/VirtualShelves.pm @@ -21,8 +21,10 @@ use strict; use warnings; use Carp; +use C4::Auth; use C4::Context; use C4::Debug; +use C4::Members; use constant SHELVES_MASTHEAD_MAX => 10; #number under Lists button in masthead use constant SHELVES_COMBO_MAX => 10; #add to combo in search @@ -461,6 +463,12 @@ sub ShelfPossibleAction { return 0 unless defined($shelfnumber); + if ( $user > 0 ) { + my $borrower = C4::Members::GetMember( borrowernumber => $user ); + return 1 + if C4::Auth::haspermission( $borrower->{userid}, { shelves => 'manage_shelves' } ); + } + my $dbh = C4::Context->dbh; my $query = qq/ SELECT COALESCE(owner,0) AS owner, category, allow_add, allow_delete_own, allow_delete_other, COALESCE(sh.borrowernumber,0) AS borrowernumber diff --git a/installer/data/mysql/en/mandatory/userflags.sql b/installer/data/mysql/en/mandatory/userflags.sql index e727f9ecb8..c027b1d80d 100644 --- a/installer/data/mysql/en/mandatory/userflags.sql +++ b/installer/data/mysql/en/mandatory/userflags.sql @@ -17,4 +17,6 @@ INSERT INTO userflags (bit, flag, flagdesc, defaulton) VALUES (16,'reports','Allow access to the reports module',0), (17,'staffaccess','Allow staff members to modify permissions for other staff members',0), (18,'coursereserves','Course reserves',0), -(19, 'plugins', 'Koha plugins', '0'); +(19, 'plugins', 'Koha plugins', '0'), +(20, 'shelves', 'Virtual shelves', 0) +; diff --git a/installer/data/mysql/en/mandatory/userpermissions.sql b/installer/data/mysql/en/mandatory/userpermissions.sql index 65c4bb81a7..12768b777f 100644 --- a/installer/data/mysql/en/mandatory/userpermissions.sql +++ b/installer/data/mysql/en/mandatory/userpermissions.sql @@ -71,5 +71,6 @@ INSERT INTO permissions (module_bit, code, description) VALUES (19, 'manage', 'Manage plugins ( install / uninstall )'), (19, 'tool', 'Use tool plugins'), (19, 'report', 'Use report plugins'), - (19, 'configure', 'Configure plugins') + (19, 'configure', 'Configure plugins'), + (20, 'manage_shelves', 'Manage shelves') ; diff --git a/installer/data/mysql/updatedatabase.pl b/installer/data/mysql/updatedatabase.pl index dab1c62a71..b4d19538f2 100755 --- a/installer/data/mysql/updatedatabase.pl +++ b/installer/data/mysql/updatedatabase.pl @@ -9759,6 +9759,20 @@ if ( CheckVersion($DBversion) ) { SetVersion ($DBversion); } +$DBversion = "3.19.00.XXX"; +if ( CheckVersion($DBversion) ) { + $dbh->do(q| + INSERT INTO userflags (bit, flag, flagdesc, defaulton) VALUES + (20, 'shelves', 'Virtual shelves', 0) + |); + $dbh->do(q| + INSERT INTO permissions (module_bit, code, description) VALUES + (20, 'manage_shelves', 'Manage shelves') + |); + print "Upgrade to $DBversion done (Bug 13417: Add permission to manage shelves)\n"; + SetVersion ($DBversion); +} + =head1 FUNCTIONS =head2 TableExists($table)