Bug 20128: Add permission for advanced cataloging editor

To test: 1 - Have a borrower with edit_catalogue permission and one with editcatalogue top level 2 - Confirm they can both access the advanced editor from the 'Cataloguing' home page or from the basic editor 3 - Apply patch 4 - Update database 5 - Confirm borrower with 'edit_catalogue' has 'advanced_editor' permission 6 - Confirm borrowers can access advanced editor as above 7 - Remove 'advanced_editor' permission from borrower 8 - Ensure they cannot access the advanced editor 9 - Ensure links to 'Edit record' from search results go to basic editor Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
5 years ago · a2b057758d
6 changed files with 30 additions and 4 deletions
--- a/cataloguing/addbiblio.pl
+++ b/cataloguing/addbiblio.pl
@ -737,7 +737,7 @@ if ($frameworkcode eq 'FA'){
        'stickyduedate'      => $fa_stickyduedate,
        'duedatespec'        => $fa_duedatespec,
    );
-} elsif ( $op ne "delete" && C4::Context->preference('EnableAdvancedCatalogingEditor') && $input->cookie( 'catalogue_editor_' . $loggedinuser ) eq 'advanced' && !$breedingid ) {
+} elsif ( $op ne "delete" && C4::Context->preference('EnableAdvancedCatalogingEditor') && C4::Auth::haspermission($loggedinuser,{'editcatalogue'=>'advanced_editor'}) && $input->cookie( 'catalogue_editor_' . $loggedinuser ) eq 'advanced' && !$breedingid ) {
    # Only use the advanced editor for non-fast-cataloging.
    # breedingid is not handled because those would only come off a Z39.50
    # search initiated by the basic editor.
--- a/cataloguing/editor.pl
+++ b/cataloguing/editor.pl
@ -40,7 +40,12 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
        query           => $input,
        type            => 'intranet',
        authnotrequired => 0,
-        flagsrequired   => { editcatalogue => 'edit_catalogue' },
+        flagsrequired   => {
+            editcatalogue => {
+                'edit_catalogue'  => 1,
+                'advanced_editor' => 1
+            },
+        }
    }
 );

--- a/installer/data/mysql/atomicupdate/bug20128_add_permission_for_advanced_editor.perl
+++ b/installer/data/mysql/atomicupdate/bug20128_add_permission_for_advanced_editor.perl
@ -0,0 +1,16 @@
+$DBversion = 'XXX';
+if( CheckVersion( $DBversion ) ) {
+    $dbh->do(q{
+        INSERT IGNORE permissions (module_bit, code, description)
+        VALUES
+        (9,'advanced_editor','Use the advanced cataloging editor')
+    });
+    if( C4::Context->preference('EnableAdvancedCatalogingEditor') ){
+        $dbh->do(q{
+            INSERT INTO user_permissions (borrowernumber, module_bit, code)
+            SELECT borrowernumber, 9, 'advanced_editor' FROM borrowers WHERE borrowernumber IN (SELECT DISTINCT borrowernumber FROM user_permissions WHERE code = 'edit_catalogue');
+        });
+    }
+    SetVersion( $DBversion );
+    print "Upgrade to $DBversion done (Bug 20128: Add permission for Advanced Cataloging Editor)\n";
+}
--- a/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc
+++ b/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc
@ -271,6 +271,11 @@
            Edit catalog (Modify bibliographic/holdings data)
        </span>
        <span class="permissioncode">([% name | html %])</span>
+    [%- CASE 'advanced_editor' -%]
+        <span class="sub_permission advanced_editor_subpermission">
+            Use the advanced cataloging editor (requires edit_catalogue)
+        </span>
+        <span class="permissioncode">([% name | html %])</span>
    [%- CASE 'edit_items' -%]
        <span class="sub_permission edit_items_subpermission">
            Edit items
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/addbiblio.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/addbiblio.tt
@ -511,7 +511,7 @@ function Changefwk() {
    <div class="btn-group">
        <button class="btn btn-default dropdown-toggle" data-toggle="dropdown"><i class="fa fa-cog"></i> Settings <span class="caret"></span></button>
        <ul id="settings-menu" class="dropdown-menu">
-            [% IF Koha.Preference( 'EnableAdvancedCatalogingEditor' ) == 1 %]
+            [% IF Koha.Preference( 'EnableAdvancedCatalogingEditor' ) == 1 && CAN_user_editcatalogue_advanced_editor %]
                <li><a href="#" id="switcheditor">Switch to advanced editor</a></li>
            [% END %]
            [% IF marcflavour != 'NORMARC' AND NOT advancedMARCEditor %]
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/addbooks.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/addbooks.tt
@ -18,7 +18,7 @@

 [% IF ( CAN_user_editcatalogue_edit_catalogue ) %]
  <div id="toolbar" class="btn-toolbar">
-        [% IF Koha.Preference( 'EnableAdvancedCatalogingEditor' ) == 1 %]
+        [% IF Koha.Preference( 'EnableAdvancedCatalogingEditor' ) == 1 && CAN_user_editcatalogue_advanced_editor %]
            <a id="useadvanced" href="/cgi-bin/koha/cataloguing/editor.pl" class="btn btn-default"><i class="fa fa-pencil"></i> Advanced editor</a>
        [% END %]
        <div class="btn-group">