Bug 27716: Update permissions for patroncards creator

The various subpages of the label creator tool we're under the 'catalogue' permission. There is however a 'label_creator' subpermission of tools which is more appropriate. Test plan 1/ Setup a user with just the 'catelogue' permission (to enable logging into the staff interface) 2/ With the patch applied you should not be able to access the following pages (either via navigation in the UI or by typing them into the browser address bar directly) - /patroncards/add_user_search.pl - /patroncards/edit-batch.pl - /patroncards/edit-layout.pl - /patroncards/edit-profile.pl - /patroncards/edit-template.pl - /patroncards/home.pl - /patroncards/image-manage.pl - /patroncards/manage.pl - /patroncards/print.pl 3/ Signoff Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
3 年前 · bc5decc913
--- a/patroncards/add_user_search.pl
+++ b/patroncards/add_user_search.pl
@ -34,7 +34,7 @@ my ( $template, $loggedinuser, $cookie, $staff_flags ) = get_template_and_user(
    {   template_name   => "common/patron_search.tt",
        query           => $input,
        type            => "intranet",
-        flagsrequired   => { catalogue => 1 },
+        flagsrequired   => { tools => 'label_creator' },
    }
 );

--- a/patroncards/edit-batch.pl
+++ b/patroncards/edit-batch.pl
@ -37,7 +37,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
        template_name   => "patroncards/edit-batch.tt",
        query           => $cgi,
        type            => "intranet",
-        flagsrequired   => { catalogue => 1 },
+        flagsrequired   => { tools => 'label_creator' },
        debug           => 1,
    }
 );
--- a/patroncards/edit-layout.pl
+++ b/patroncards/edit-layout.pl
@ -36,7 +36,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
        template_name   => "patroncards/edit-layout.tt",
        query           => $cgi,
        type            => "intranet",
-        flagsrequired   => { catalogue => 1 },
+        flagsrequired   => { tools => 'label_creator' },
        debug           => 1,
    }
 );
--- a/patroncards/edit-profile.pl
+++ b/patroncards/edit-profile.pl
@ -33,7 +33,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
        template_name   => "patroncards/edit-profile.tt",
        query           => $cgi,
        type            => "intranet",
-        flagsrequired   => { catalogue => 1 },
+        flagsrequired   => { tools => 'label_creator' },
        debug           => 1,
    }
 );
--- a/patroncards/edit-template.pl
+++ b/patroncards/edit-template.pl
@ -34,7 +34,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
        template_name   => "patroncards/edit-template.tt",
        query           => $cgi,
        type            => "intranet",
-        flagsrequired   => { catalogue => 1 },
+        flagsrequired   => { tools => 'label_creator' },
        debug           => 1,
    }
 );
--- a/patroncards/home.pl
+++ b/patroncards/home.pl
@ -31,7 +31,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
        template_name   => "patroncards/home.tt",
        query           => $cgi,
        type            => "intranet",
-        flagsrequired   => { catalogue => 1 },
+        flagsrequired   => { tools => 'label_creator' },
        debug           => 1,
    }
 );
--- a/patroncards/image-manage.pl
+++ b/patroncards/image-manage.pl
@ -19,7 +19,7 @@ my ($template, $loggedinuser, $cookie) = get_template_and_user({
                    template_name       => "patroncards/image-manage.tt",
                    query               => $cgi,
                    type                => "intranet",
-                    flagsrequired       => {tools => 'batch_upload_patron_images'}, # FIXME: establish flag for patron card creator
+                    flagsrequired       => {tools => 'label_creator'},
                    debug               => 0,
                    });

--- a/patroncards/manage.pl
+++ b/patroncards/manage.pl
@ -37,7 +37,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
        template_name   => "patroncards/manage.tt",
        query           => $cgi,
        type            => "intranet",
-        flagsrequired   => { catalogue => 1 },
+        flagsrequired   => { tools => 'label_creator' },
        debug           => 1,
    }
 );
--- a/patroncards/print.pl
+++ b/patroncards/print.pl
@ -33,7 +33,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
        template_name   => "patroncards/print.tt",
        query           => $cgi,
        type            => "intranet",
-        flagsrequired   => { catalogue => 1 },
+        flagsrequired   => { tools => 'label_creator' },
        debug           => 1,
    }
 );