Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity

Bug 30230: Add new 'list_borrowers' permission

Browse source 
When a patron search is performed only a user with edit_borrowers
permission can search by name. Search can works only with cardnumber but
it makes searching less intuitive I think.

So, as mentioned in the discussion, I've added a new 'list_borrowers' permission,
completely independent of 'edit_borrowers', so that I can search for a member via the interface
and get the results. In addition to the permission to perform check in and checkouts, this no longer poses an obstacle to simple use.

Test plan:

1) Check with a user without 'edit_borrowers' permission that the patron search can only be performed with cardnumber
2) Apply this patch
3) Make the updatedatabase to add new 'list_borrowers' permissions
4) Set 'list_borrowers' permission on one user and see the difference

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Emmi Takkinen <emmi.takkinen@koha-suomi.fi>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This commit is contained in:
Thibaud Guillot 2023-11-30 15:14:42 +01:00 committed by Katrin Fischer
parent c1bf46d1e7
commit fc75a344b8
Signed by: kfischer
GPG key ID: 0EF6E2C03357A834
9 changed files with 32 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
api/v1/swagger/paths/patrons.yaml
View file

@ -397,6 +397,7 @@
- tools: "label_creator"
- serials: "routing"
- acquisition: "order_manage"
- borrowers: "list_borrowers"
post:
x-mojo-to: Patrons#add
operationId: addPatron

16
installer/data/mysql/atomicupdate/bug_30230_add-new-list-borrowers-permission.pl Executable file
View file

@ -0,0 +1,16 @@
use Modern::Perl;
return {
bug_number => "BUG_30230",
description => "Add new list_borrowers permission",
up => sub {
my ($args) = @_;
my ( $dbh, $out ) = @$args{qw(dbh out)};
$dbh->do(
"INSERT IGNORE INTO permissions (module_bit, code, description) VALUES (4, 'list_borrowers', 'Search and list patrons')"
);
say $out "Added new permission 'list_borrowers'";
},
};

1
installer/data/mysql/mandatory/userpermissions.sql
View file

@ -45,6 +45,7 @@ INSERT INTO permissions (module_bit, code, description) VALUES
( 3, 'manage_identity_providers', 'Manage identity providers'),
( 4, 'delete_borrowers', 'Delete patrons'),
( 4, 'edit_borrowers', 'Add, modify and view patron information'),
( 4, 'list_borrowers', 'Search and list patrons'),
( 4, 'view_borrower_infos_from_any_libraries', 'View patron infos from any libraries'),
( 6, 'place_holds', 'Place holds for patrons'),
( 6, 'modify_holds_priority', 'Modify holds priority'),

8
koha-tmpl/intranet-tmpl/prog/en/includes/patron-search-header.inc
View file

@ -14,9 +14,11 @@
[% END %]
</div><!-- /.tab-content -->
<ul class="nav nav-tabs" role="tablist">
<li role="presentation" class="active">
<a title="Search patrons" href="#patron_search" aria-controls="patron_search" role="tab" aria-expanded="true" data-toggle="tab" class="keep_text"><i class="fa fa-fw fa-id-card" aria-hidden="true"></i> <span class="tab-title">Search patrons</span></a>
</li>
[% IF ( CAN_user_circulate ) %]
<li role="presentation" class="active">
<a title="Search patrons" href="#patron_search" aria-controls="patron_search" role="tab" aria-expanded="true" data-toggle="tab" class="keep_text"><i class="fa fa-fw fa-id-card" aria-hidden="true"></i> <span class="tab-title">Search patrons</span></a>
</li>
[% END %]
[% IF ( CAN_user_circulate_circulate_remaining_permissions ) %]
<li role="presentation">
<a title="Check out" href="#circ_search" aria-controls="circ_search" role="tab" data-toggle="tab" class="keep_text"><i class="fa fa-fw fa-upload" aria-hidden="true"></i> <span class="tab-title"><span class="tab-title">Check out</span></span></a>

5
koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc
View file

@ -312,6 +312,11 @@
Add, modify and view patron information
</span>
<span class="permissioncode">([% name | html %])</span>
[%- CASE 'list_borrowers' -%]
<span class="sub_permission list_borrowers_subpermission">
Search and list patrons
</span>
<span class="permissioncode">([% name | html %])</span>
[%- CASE 'view_borrower_infos_from_any_libraries' -%]
<span class="sub_permission view_borrower_infos_from_any_libraries_subpermission">
View patron infos from any libraries. If not set the logged in user could only access patron infos from its own library or group of libraries.

2
koha-tmpl/intranet-tmpl/prog/en/modules/intranet-main.tt
View file

@ -64,7 +64,7 @@
</li>
[% END %]
[% IF CAN_user_borrowers_edit_borrowers %]
[% IF (CAN_user_borrowers_edit_borrowers) || (CAN_user_borrowers_list_borrowers) %]
<li>
<a class="icon_general icon_patrons" href="/cgi-bin/koha/members/members-home.pl"><i class="fa fa-fw fa-id-card"></i>Patrons</a>
</li>

2
members/member.pl
View file

@ -37,7 +37,7 @@ my ($template, $loggedinuser, $cookie)
= get_template_and_user({template_name => "members/member.tt",
query => $input,
type => "intranet",
flagsrequired => {borrowers => 'edit_borrowers'},
flagsrequired => { borrowers => ['edit_borrowers', 'list_borrowers'] },
});
my $theme = $input->param('theme') || "default";

2
members/members-home.pl
View file

@ -35,7 +35,7 @@ my ($template, $loggedinuser, $cookie, $flags)
= get_template_and_user({template_name => "members/member.tt",
query => $query,
type => "intranet",
flagsrequired => {borrowers => 'edit_borrowers'},
flagsrequired => { borrowers => ['edit_borrowers', 'list_borrowers'] },
});
my $no_add = 0;

2
members/moremember.pl
View file

@ -62,7 +62,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
template_name => $template_name,
query => $input,
type => "intranet",
flagsrequired => { borrowers => 'edit_borrowers' },
flagsrequired => { borrowers => ['edit_borrowers', 'list_borrowers'] },
}
);
my $borrowernumber = $input->param('borrowernumber');