Bug 34478: Rename action with op - mod_debarment

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-01-31 10:51:49 +01:00 · 2024-01-31 10:51:49 +01:00 · c790129c7d
commit c790129c7d
parent 48c2364f67
2 changed files with 12 additions and 8 deletions
--- a/koha-tmpl/intranet-tmpl/prog/en/includes/patron-restrictions-tab.inc
+++ b/koha-tmpl/intranet-tmpl/prog/en/includes/patron-restrictions-tab.inc
@ -41,9 +41,13 @@
                    <td>[% restriction.created | $KohaDates %]</td>
                    [% IF CAN_user_borrowers_edit_borrowers && CAN_user_circulate_manage_restrictions %]
                        <td>
-                            <a class="remove_restriction btn btn-default btn-xs" href="/cgi-bin/koha/members/mod_debarment.pl?borrowernumber=[% patron.borrowernumber | html %]&amp;borrower_debarment_id=[% restriction.borrower_debarment_id | html %]&amp;action=del">
-                                <i class="fa fa-trash-can"></i> Remove
-                            </a>
+                            <form method="post" action="/cgi-bin/koha/members/mod_debarment.pl">
+                                [% INCLUDE 'csrf-token.inc' %]
+                                <input type="hidden" name="op" value="cud-del" />
+                                <input type="hidden" name="borrowernumber" value="[% patron.borrowernumber | uri %]" />
+                                <input type="hidden" name="borrower_debarment_id" value="[% restriction.borrower_debarment_id | uri %]" />
+                                <button type="submit" class="remove_restriction btn btn-default btn-xs"><i class="fa fa-trash-can"></i> Remove</button>
+                            </form>
                        </td>
                    [% END %]
                </tr>
@ -56,7 +60,7 @@
    <form method="post" action="/cgi-bin/koha/members/mod_debarment.pl" class="clearfix">
        [% INCLUDE 'csrf-token.inc' %]
        <input type="hidden" name="borrowernumber" value="[% patron.borrowernumber | html %]" />
-        <input type="hidden" name="action" value="add" />
+        <input type="hidden" name="op" value="cud-add" />
        <fieldset class="rows" id="manual_restriction_form">
            <legend>Add manual restriction</legend>
            <ol>
--- a/members/mod_debarment.pl
+++ b/members/mod_debarment.pl
@ -30,7 +30,7 @@ my $cgi = CGI->new;
 my ( $loggedinuserid, $cookie, $sessionID ) = checkauth( $cgi, 0, { borrowers => 'edit_borrowers' }, 'intranet' );

 my $borrowernumber = $cgi->param('borrowernumber');
-my $action         = $cgi->param('action');
+my $op             = $cgi->param('op');

 my $logged_in_user = Koha::Patrons->find( { userid => $loggedinuserid } );
 my $patron         = Koha::Patrons->find($borrowernumber);
@ -38,11 +38,11 @@ my $patron         = Koha::Patrons->find($borrowernumber);
 # Ideally we should display a warning on the interface if the patron is not allowed
 # to modify a debarment
 # But a librarian is not supposed to hack the system
-$action = '' unless $logged_in_user->can_see_patron_infos( $patron );
+$op = '' unless $logged_in_user->can_see_patron_infos( $patron );

-if ( $action eq 'cud-del' ) {
+if ( $op eq 'cud-del' ) {
    DelDebarment( scalar $cgi->param('borrower_debarment_id') );
-} elsif ( $action eq 'cud-add' ) {
+} elsif ( $op eq 'cud-add' ) {
    my $expiration = $cgi->param('expiration');
    my $type = $cgi->param('debarred_type') // 'MANUAL';
    if ($expiration) {