Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/basket.tt
Galen Charlton 14a1bd0e42 Bug 10258: offer to create basket group only when staff user has correct permission 
If the staff user does not have the group_manage acquisition permission,
do not offer to create a new basket group when closing an order basket.

This avoids a situation where if a staff member without that permission tries
to close a basket and chose the option to create a bakset group, they would
be redirected to the login page.

To test:

[1] Log in as a staff user that does not have
    the acquisition/group_manage permission.
[2] Create a new order basket, attach at least one
    order line to it, then close it.
[3] Verify that the confirmation page does not
    offer to create a basket group with the
    same name as the order basket.
[4] Log in as a staff user that has the
    acquisition/group_manage permission.
[5] Create and close an order basket.
[6] Verify that this time, the confirmation page
    *does* offer to create a basket group.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-07-15 16:15:01 +00:00

487 lines
26 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[% USE KohaDates %]
[% INCLUDE 'doc-head-open.inc' %]
<title>Koha &rsaquo; Acquisitions &rsaquo; [% UNLESS ( basketno ) %]New [% END %][% IF ( delete_confirm ) %]Delete [% END %]Basket [% basketname|html %] ([% basketno %]) for [% name|html %]</title>
<link rel="stylesheet" type="text/css" href="[% themelang %]/css/datatables.css" />
[% INCLUDE 'doc-head-close.inc' %]
<script type="text/javascript" src="[% themelang %]/lib/jquery/plugins/jquery.dataTables.min.js"></script>
[% INCLUDE 'datatables-strings.inc' %]
<script type="text/javascript" src="[% themelang %]/js/datatables.js"></script>
<script type="text/javascript">
//<![CDATA[
function updateColumnsVisibility(visible) {
if ( visible ) {
$("table .gste, .gsti").show();
} else {
[% IF ( listincgst ) %]
$("table .gste").hide();
[% ELSE %]
$("table .gsti").hide();
[% END %]
}
}
$(document).ready(function() {
$("#show_all_details").click(function(){
updateColumnsVisibility($(this+":checked").val());
});
$("#show_all_details").attr('checked', false);
updateColumnsVisibility(false);
});
//]]>
</script>
[% UNLESS ( closedate ) %]
<script type="text/javascript">
//<![CDATA[
function confirm_close() {
var is_confirmed = confirm(_("Are you sure you want to close this basket?"));
if (is_confirmed) {
window.location = "[% script_name %]?op=close&basketno=[% basketno %]";
}
}
function confirm_deletion() {
var is_confirmed = confirm(_("Are you sure you want to delete this basket?"));
if (is_confirmed) {
window.location = "[% script_name %]?op=delete_confirm&basketno=[% basketno %]&booksellerid=[% booksellerid %]";
}
}
function confirm_delete_item(ordernumber, biblionumber) {
var is_confirmed = confirm(_("Are you sure you want to delete this order ?"));
if (is_confirmed) {
window.location = "addorder.pl?ordernumber="+ordernumber+"&basketno=[% basketno %]&quantity=0&biblionumber="+biblionumber;
}
}
function confirm_delete_biblio(ordernumber, biblionumber) {
var is_confirmed = confirm(_("Are you sure you want to delete this catalog record and order ?"));
if (is_confirmed) {
window.location = "addorder.pl?ordernumber="+ordernumber+"&basketno=[% basketno %]&quantity=0&biblionumber="+biblionumber+"&delbiblio=1";
}
}
//]]>
</script>
[% ELSE %]
<script type="text/javascript">
//<![CDATA[
$(document).ready(function(){
$("#basketgroupid").change(function(){
if($(this).val() == "new"){
location.href="/cgi-bin/koha/acqui/basketgroup.pl?op=add&booksellerid=[% booksellerid %]";
}
});
});
//]]>
</script>
[% UNLESS ( grouped ) %]
<script type="text/javascript">
//<![CDATA[
function confirm_reopen() {
var skip = [% IF ( skip_confirm_reopen ) %] 1 [% ELSE %] 0 [% END %];
var is_confirmed = skip || confirm(_("Are you sure you want to reopen this basket?"));
if (is_confirmed) {
window.location = "[% script_name %]?op=reopen&basketno=[% basketno %]";
}
}
//]]>
</script>
[% END %]
[% END %]
<script type="text/javascript">
//<![CDATA[
$(document).ready(function() {
var orderst = $("#orders").dataTable($.extend(true, {}, dataTablesDefaults, {
"sPaginationType": "four_button",
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
"aoColumnDefs": [
{ "aTargets": [ -1, -2 ], "bSortable": false, "bSearchable": false },
],
[% END %]
[% END %]
} ) );
var cancelledorderst = $("#cancelledorderst").dataTable($.extend(true, {}, dataTablesDefaults, {
"sPaginationType": "four_button"
} ) );
$("#delbasketbutton").on("click",function(e){
e.preventDefault();
confirm_deletion();
});
$("#reopenbutton").on("click",function(e){
e.preventDefault();
confirm_reopen();
});
});
//]]>
</script>
<style type="text/css">
.sortmsg {font-size: 80%;}
</style>
</head>
<body id="acq_basket" class="acq">
[% INCLUDE 'header.inc' %]
[% INCLUDE 'acquisitions-search.inc' %]
<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> &rsaquo; <a href="/cgi-bin/koha/acqui/acqui-home.pl">Acquisitions</a> &rsaquo; <a href="/cgi-bin/koha/acqui/supplier.pl?booksellerid=[% booksellerid %]">[% name|html %]</a> &rsaquo; [% UNLESS ( basketno ) %]New [% END %][% IF ( delete_confirm ) %]Delete [% END %]Basket [% basketname|html %] ([% basketno %]) for [% name|html %]</div>
<div id="doc3" class="yui-t2">
<div id="bd">
<div id="yui-main">
<div class="yui-b">
[% UNLESS ( confirm_close ) %]
[% UNLESS ( selectbasketg ) %]
[% UNLESS ( closedate ) %]
<div id="toolbar" class="btn-toolbar">
<div class="btn-group"><a href="basketheader.pl?booksellerid=[% booksellerid %]&amp;basketno=[% basketno %]&amp;op=add_form" class="btn btn-small" id="basketheadbutton"><i class="icon-pencil"></i> Edit basket</a></div>
<div class="btn-group"><a href="#" class="btn btn-small" id="delbasketbutton"><i class="icon-remove"></i> Delete this basket</a></div>
[% IF ( unclosable ) %]
[% ELSIF ( uncertainprices ) %]
<div class="btn-group"><a href="/cgi-bin/koha/acqui/uncertainprice.pl?booksellerid=[% booksellerid %]&amp;owner=1" class="btn btn-small" id="uncertpricesbutton">Uncertain prices</a></div>
[% ELSE %]
<div class="btn-group">
<a href="[% script_name %]?op=close&amp;basketno=[% basketno %]&amp;booksellerid=[% booksellerid %]" class="btn btn-small" id="closebutton"><i class="icon-remove-sign"></i> Close this basket</a>
</div>
[% END %]
<div class="btn-group"><a href="[% script_name %]?op=export&amp;basketno=[% basketno %]&amp;booksellerid=[% booksellerid %]" class="btn btn-small" id="exportbutton"><i class="icon-download"></i> Export this basket as CSV</a></div>
</div>
[% ELSE %]
[% UNLESS ( grouped ) %]
<div id="toolbar" class="btn-toolbar">
<div class="btn-group"><a href="#" class="btn btn-small" id="reopenbutton"><i class="icon-refresh"></i> Reopen this basket</a></div>
<div class="btn-group"><a href="[% script_name %]?op=export&amp;basketno=[% basketno %]&amp;booksellerid=[% booksellerid %]" class="btn btn-small" id="exportbutton"><i class="icon-download"></i> Export this basket as CSV</a></div>
</div>
[% END %]
[% END %]
[% END %]
[% IF ( NO_BOOKSELLER ) %]
<h2>Vendor not found</h2>
[% ELSE %]
[% IF ( delete_confirmed ) %]
<h3>Basket deleted</h3>
<META HTTP-EQUIV=Refresh CONTENT="0; url=booksellers.pl">
[% ELSE %]
<h1>[% UNLESS ( basketno ) %]New [% END %][% IF ( delete_confirm ) %]Delete [% END %]Basket [% basketname|html %] ([% basketno %]) for <a href="supplier.pl?booksellerid=[% booksellerid %]">[% name|html %]</a></h1>
[% IF ( delete_confirm ) %]
<h2>
<span class="yui-button yui-link-button">
<em class="first-child">
<a href="[% script_name %]?op=delete_confirm&amp;basketno=[% basketno %]&amp;booksellerid=[% booksellerid %]" class="yui-link-button">Yes, delete this basket!</a>
</em>
</span>
<span class="yui-button yui-link-button">
<em class="first-child">
<a href="[% script_name %]?basketno=[% basketno %]" class="yui-link-button">Cancel</a>
</em>
</span>
</h2>
[% END %]
[% IF ( basketno ) %]
<div id="acqui_basket_summary" class="yui-g">
<div class="rows">
<div class="yui-u first">
<ol>
[% IF ( basketnote ) %]<li><span class="label">Internal note:</span> [% basketnote %]</li>[% END %]
[% IF ( basketbooksellernote ) %]<li><span class="label">Vendor note:</span> [% basketbooksellernote %]</li>[% END %]
[% IF ( basketcontractno ) %]
<li><span class="label">Contract name:</span> <a href="../admin/aqcontract.pl?op=add_form&amp;contractnumber=[% basketcontractno %]&amp;booksellerid=[% booksellerid %]">[% basketcontractname %]</a></li>
[% END %]
[% IF ( deliveryplace ) %]<li><span class="label">Delivery place:</span> [% deliveryplace %]</li>[% END %]
[% IF ( billingplace ) %]<li><span class="label">Billing place:</span> [% billingplace %]</li>[% END %]
[% IF ( authorisedbyname ) %]<li><span class="label">Managed by:</span> [% authorisedbyname %]</li>[% END %]
[% IF ( creationdate ) %]<li><span class="label">Opened on:</span> [% creationdate | $KohaDates %]</li>[% END %]
[% IF ( closedate ) %]<li><span class="label">Closed on:</span> [% closedate | $KohaDates %]</li>[% END %]
[% IF ( estimateddeliverydate ) %]<li><span class="label">Estimated delivery date:</span> [% estimateddeliverydate | $KohaDates %]</li>[% END %]
</ol>
</div>
[% IF ( closedate ) %]
<div class="yui-u">
[% IF ( CAN_user_acquisition_group_manage ) %]
<form action="/cgi-bin/koha/acqui/basketgroup.pl" method="post">
[% END %]
<ol>
<li>
<span class="label">Basket group:</span>
[% IF basketgroup.closed %]
[% basketgroup.name %] (closed)
[% ELSIF ( ! CAN_user_acquisition_group_manage ) %]
[%- IF basketgroup.name -%]
[% basketgroup.name %]
[%- ELSE -%]
No group
[%- END -%]
[% ELSE %]
<select id="basketgroupid" name="basketgroupid">
<option value="new">Add new group</option>
[% FOREACH bg IN basketgroups %]
[% IF ( bg.default ) %]
<option value="[% bg.id %]" selected="selected">[% bg.name %]</option>
[% ELSE %]
[% UNLESS bg.closed %]
<option value="[% bg.id %]">[% bg.name %]</option>
[% ELSE %]
<option value="[% bg.id %]" disabled="disabled">[% bg.name %] (closed)</option>
[% END %]
[% END %]
[% END %]
</select>
<input type="hidden" id="basketno" value="[% basketno %]" name="basketno" />
<input type="hidden" value="mod_basket" name="op" />
<input type="hidden" name="booksellerid" value="[% booksellerid %]" />
<input type="submit" value="Change basket group" />
[% END %]
</li>
[% IF ( basketgroup.deliveryplacename ) %]<li><span class="label">Basket group delivery placename:</span> [% basketgroup.deliveryplacename %]</li>[% END %]
[% IF ( basketgroup.billingplacename ) %]<li><span class="label">Basket group billing place:</span> [% basketgroup.billingplacename %]</li>[% END %]
</ol>
[% IF ( CAN_user_acquisition_group_manage ) %]
</form>
[% END %]
</div>
[% END %]
</div>
</div>
[% END %]
[% UNLESS ( delete_confirm ) %]
<div id="acqui_basket_content" class="yui-g">
[% IF ( books_loop ) %]
<h2>Orders</h2>
<label for="show_all_details">
<input type="checkbox" style="vertical-align: middle;" id="show_all_details" />
Show all details
</label>
<table id="orders">
<thead>
<tr>
<th>Order</th>
<th class="gste">RRP tax exc.</th>
<th class="gste">ecost tax exc.</th>
<th class="gsti">RRP tax inc.</th>
<th class="gsti">ecost tax inc.</th>
<th>Qty.</th>
<th class="gste">Total tax exc. ([% currency %])</th>
<th class="gsti">Total tax inc. ([% currency %])</th>
<th>GST %</th>
<th>GST</th>
<th>Fund</th>
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
<th>Modify</th>
<th>Delete</th>
[% END %]
[% END %]
</tr>
</thead>
<tfoot>
[% FOREACH foot_loo IN book_foot_loop %]
<tr>
<th>Total (GST [% foot_loo.gstgsti %])</th>
<th class="gste">&nbsp;</th>
<th class="gste">&nbsp;</th>
<th class="gsti">&nbsp;</th>
<th class="gsti">&nbsp;</th>
<th>[% foot_loo.quantity %]</th>
<th class="gste">[% foot_loo.totalgste %]</th>
<th class="gsti">[% foot_loo.totalgsti %]</th>
<th>&nbsp;</th>
<th>[% foot_loo.gstvalue %]</th>
<th>&nbsp;</th>
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
<th>&nbsp;</th>
<th>&nbsp;</th>
[% END %]
[% END %]
</tr>
[% END %]
<tr>
<th>Total ([% currency %])</th>
<th class="gste">&nbsp;</th>
<th class="gste">&nbsp;</th>
<th class="gsti">&nbsp;</th>
<th class="gsti">&nbsp;</th>
<th>[% total_quantity %]</th>
<th class="gste">[% total_gste %]</th>
<th class="gsti">[% total_gsti %]</th>
<th>&nbsp;</th>
<th>[% total_gstvalue %]</th>
<th>&nbsp;</th>
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
<th>&nbsp;</th>
<th>&nbsp;</th>
[% END %]
[% END %]
</tr>
</tfoot>
<tbody>
[% FOREACH books_loo IN books_loop %]
[% IF ( books_loo.order_received ) %]<tr class="disabled">[% ELSE %][% IF ( books_loo.toggle ) %]<tr class="highlight">[% ELSE %]<tr>[% END %][% END %]
<td>
<p>[% IF ( books_loo.order_received ) %] (rcvd)[% END %]
<a href="/cgi-bin/koha/catalogue/detail.pl?biblionumber=[% books_loo.biblionumber %]">[% books_loo.title |html %]</a> by [% books_loo.author %]
<br />
[% IF ( books_loo.isbn ) %] - [% books_loo.isbn %][% END %]
[% IF ( books_loo.issn ) %] - [% books_loo.issn %][% END %]
[% IF ( books_loo.publishercode ) %], [% books_loo.publishercode %][% END %]
[% IF ( books_loo.publicationyear ) %], [% books_loo.publicationyear %][% END %]
[% IF ( books_loo.editionstatement ) %], [% books_loo.editionstatement %][% END %]
[% IF ( books_loo.suggestionid ) %]
<br/>
Suggested by: [% books_loo.surnamesuggestedby %][% IF ( books_loo.firstnamesuggestedby ) %], [% books_loo.firstnamesuggestedby %] [% END %]
(<a href="/cgi-bin/koha/suggestion/suggestion.pl?suggestionid=[% books_loo.suggestionid %]&amp;op=show">suggestion #[% books_loo.suggestionid %]</a>)
[% END %]
</p>
[% IF ( books_loo.notes ) %]
<p class="ordernote"><strong>Note: </strong>[% books_loo.notes|html %] [<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber=[% books_loo.ordernumber %]">Change note</a>]</p>
[% ELSE %]
<p>[<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber=[% books_loo.ordernumber %]">Add note</a>]</p>
[% END %]
</td>
<td class="number gste [% IF books_loo.rrpgste.search('^0') %]error[% END %]">[% books_loo.rrpgste %]</td>
<td class="number gste [% IF books_loo.ecostgste.search('^0') %]error[% END %]">[% books_loo.ecostgste %]</td>
<td class="number gsti [% IF books_loo.rrpgsti.search('^0') %]error[% END %]">[% books_loo.rrpgsti %]</td>
<td class="number gsti [% IF books_loo.ecostgsti.search('^0') %]error[% END %]">[% books_loo.ecostgsti %]</td>
<td class="number [% IF books_loo.quantity.search('^0') %]error[% END %]">[% books_loo.quantity %]</td>
<td class="number gste [% IF books_loo.totalgste.search('^0') %]error[% END %]">[% books_loo.totalgste %]</td>
<td class="number gsti [% IF books_loo.totalgsti.search('^0') %]error[% END %]">[% books_loo.totalgsti %]</td>
<td class="number [% IF books_loo.gstgsti.search('^0') %]error[% END %]">[% books_loo.gstgsti %]</td>
<td class="number [% IF books_loo.gstvalue.search('^0') %]error[% END %]">[% books_loo.gstvalue %]</td>
<td>[% books_loo.budget_name %]</td>
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
<td>
<a href="neworderempty.pl?ordernumber=[% books_loo.ordernumber %]&amp;booksellerid=[% booksellerid %]&amp;basketno=[% basketno %]">Modify</a>
</td>
<td>
[% IF ( books_loo.left_holds_on_order ) %]
<span class="button" title="Can't delete order, ([% books_loo.holds_on_order %]) holds are linked with this order cancel holds first">Can't delete order</span><br>
[% ELSE %]
<a href="javascript:confirm_delete_item([% books_loo.ordernumber %],[% books_loo.biblionumber %])" class="button">Delete order</a><br>
[% END %]
[% IF ( books_loo.can_del_bib ) %]
<a href="javascript:confirm_delete_biblio([% books_loo.ordernumber %],[% books_loo.biblionumber %])" class="button">Delete order and catalog record</a><br>
[% ELSE %]
<span class="button" title="Can't delete catalog record, see constraints below">Can't delete order and catalog record</span><br>
[% END %]
[% IF ( books_loo.left_item ) %]
<b title="Can't delete catalog record, because of [% books_loo.items %] existing hold(s)" >[% books_loo.items %] item(s) left</b><br>
[% END %]
[% IF ( books_loo.left_biblio ) %]
<b title="Can't delete catalog record, delete other orders linked to it first">[% books_loo.biblios %] order(s) left</b><br>
[% END %]
[% IF ( books_loo.left_subscription ) %]
<b title="Can't delete catalog record, delete subscriptions first">[% books_loo.subscriptions %] subscription(s) left</b><br>
[% END %]
[% IF ( books_loo.left_holds ) %]
<b title="Can't delete catalog record or order, cancel holds first">[% books_loo.holds %] hold(s) left</b>
[% END %]
</td>
[% END %]
[% END %]
</tr>
[% END %]
</tbody>
</table>
[% END %]
[% IF ( listincgst ) %]<small class="highlight">** Vendor's listings already include tax.</small>
[% END %]
</div>
[% IF (cancelledorders_loop) %]
<div id="cancelledorders">
<h2>Cancelled orders</h2>
<table id="cancelledorderst">
<thead>
<tr>
<th>Order</th>
<th class="gste">RRP tax exc.</th>
<th class="gste">ecost tax exc.</th>
<th class="gsti">RRP tax inc.</th>
<th class="gsti">ecost tax inc.</th>
<th>Qty.</th>
<th class="gste">Total tax exc. ([% currency %])</th>
<th class="gsti">Total tax inc. ([% currency %])</th>
<th>GST %</th>
<th>GST</th>
<th>Fund</th>
</tr>
</thead>
<tbody>
[% FOREACH order IN cancelledorders_loop %]
<tr style="color:grey">
<td>
<p>
[% IF ( order.order_received ) %] (rcvd)[% END %]
[% IF (order.title) %]
[% order.title |html %] by [% order.author %]<br />
[% ELSE %]
<em>Deleted bibliographic record, can't find title</em><br />
[% END %]
[% IF ( order.notes ) %] [% order.notes %][% END %]
[% IF ( order.isbn ) %] - [% order.isbn %][% END %]
[% IF ( order.issn ) %] - [% order.issn %][% END %]
[% IF ( order.publishercode ) %], [% order.publishercode %][% END %]
[% IF ( order.publicationyear ) %], [% order.publicationyear %][% END %]
[% IF ( books_loo.editionstatement ) %], [% books_loo.editionstatement %][% END %]
</p>
</td>
<td class="number gste">[% order.rrpgste %]</td>
<td class="number gste">[% order.ecostgste %]</td>
<td class="number gsti">[% order.rrpgsti %]</td>
<td class="number gsti">[% order.ecostgsti %]</td>
<td class="number">[% order.quantity %]</td>
<td class="number gste">[% order.totalgste %]</td>
<td class="number gsti">[% order.totalgsti %]</td>
<td class="number">[% order.gstgsti %]</td>
<td class="number">[% order.gstvalue %]</td>
<td>[% order.budget_name %]
</tr>
[% END %]
</tbody>
</table>
</div>
[% END %]
<br />
[% UNLESS ( closedate ) %]
[% INCLUDE 'acquisitions-add-to-basket.inc' %]
[% END %]
[% END %]
[% END %]
[% END %] [% ELSE %] <!-- if we want just to select a basketgroup for a closed basket -->
[% END %]
[% IF ( confirm_close ) %]
<div id="closebasket_needsconfirmation" class="dialog alert">
<form action="/cgi-bin/koha/acqui/basket.pl" class="confirm">
<h1>Are you sure you want to close basket [% basketname|html %]?</h1>
[% IF ( CAN_user_acquisition_group_manage ) %]
<p>
<label for="createbasketgroup">Attach this basket to a new basket group with the same name</label>
<input type="checkbox" id="createbasketgroup" name="createbasketgroup"/>
</p>
[% END %]
<input type="hidden" id="basketno" value="[% basketno %]" name="basketno" />
<input type="hidden" value="close" name="op" />
<input type="hidden" name="booksellerid" value="[% booksellerid %]" />
<input type="hidden" name="confirm" value="1" />
<input type="hidden" name="basketgroupname" value="[% basketgroupname %]" />
<input type="submit" class="approve" value="Yes, close (Y)" accesskey="y" />
<input type="submit" class="deny" value="No, don't close (N)" accesskey="n" onclick="javascript:window.location='/cgi-bin/koha/acqui/basket.pl?basketno=[% basketno %]';return false;" />
</form>
</div>
[% END %]
</div>
</div>
<div class="yui-b">
[% INCLUDE 'acquisitions-menu.inc' %]
</div>
</div>
[% INCLUDE 'intranet-bottom.inc' %]
View git blame Copy permalink