Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Before this patch, the C4::Budgets::CanUserUseBudget assumed that
budget_owner_id was set if a restriction (budget_permission) exists.
see
&& $budget->{budget_owner_id}
&& $budget->{budget_owner_id} != $borrower->{borrowernumber}
Actually a restriction could exists on users and/or library without
being forced to define an owner.
Test plan:
Create a fund A without restriction
Create a fund B restricted to an owner
Create a fund C restricted to a non defined owner
Create a fund D restricted to owner and users (try defining/no
defining an owner and/or users)
Create a fund E restricted to owner, users and library (try
defining/no defined an owner and/or users)
With different logged in users, try to show/edit these differents funds.
The restriction should be correctly applied.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested various permission combinatons, visibility of funds is now ok.
- not superlibrarian, no buget_manage_all,
no owner, no users, no library, no restrictions on the fund
= visible
- changed: library = staff patron library,
restriction = Owner, users and library
= visible
- changed: library = not staff patron library
= invisible
- changed: budget_manage_all
= visible
- changed: owner = staff patron
no budget_manage_all
= visible
- changed: no owner, user = staff patron
= visible
- changed: no user, owner = another user, restriction = owner
= invisible
- changed: budget_manage_all
= visible
- changed: no budget_manage_all but superlibrarian
= visible
...
Passes tests and QA script, also t/Budgets/*
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
