Fridolin Somers
206498dc55
When logged into the staff client with an account with full circulate permissions (and therefore including the manage_checkout_notes permission) an error occurs when clicking on the Checkout notes pending link. The account is logged out automatically with the message: "Error: you do not have permission to view this page. Log in as a different user". The same error occurs for both the link on the home page dashboard and from the Circulation module button. Works as expected if Superlibrarian permission is set. This is just a typo in perl script : circulation instead of circulate Test plan : 1) Set preference "AllowCheckoutNotes" to "Allow" 2) Create a user with only permissions "catalogue" and "circulate > manage_checkout_notes" 3) Loggin with this user 4) Go to "Circulation" home page 5) Click on "Checkout notes" 6) You should be allowed to access Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
67 lines
2 KiB
Perl
Executable file
67 lines
2 KiB
Perl
Executable file
#!/usr/bin/perl
|
|
|
|
# Copyright 2016 Aleisha Amohia <aleisha@catalyst.net.nz>
|
|
#
|
|
# This file is part of Koha.
|
|
#
|
|
# Koha is free software; you can redistribute it and/or modify it
|
|
# under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# Koha is distributed in the hope that it will be useful, but
|
|
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with Koha; if not, see <http://www.gnu.org/licenses>.
|
|
|
|
use Modern::Perl;
|
|
|
|
use CGI qw ( -utf8 );
|
|
use C4::Context;
|
|
use C4::Output;
|
|
use C4::Auth;
|
|
use Koha::Checkouts;
|
|
|
|
my $query = new CGI;
|
|
|
|
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
|
|
{
|
|
template_name => "circ/checkout-notes.tt",
|
|
query => $query,
|
|
type => "intranet",
|
|
authnotrequired => 0,
|
|
flagsrequired => { circulate => "manage_checkout_notes" },
|
|
}
|
|
);
|
|
|
|
my $action;
|
|
foreach (qw( seen notseen )) {
|
|
$action = $_ if ( $query->param("mark_selected-$_") );
|
|
}
|
|
$action ||= 'none';
|
|
|
|
my @issue_ids = $query->multi_param('issue_ids');
|
|
|
|
if ( $action eq 'seen' ) {
|
|
foreach my $issue_id ( @issue_ids ) {
|
|
my $issue = Koha::Checkouts->find($issue_id);
|
|
$issue->set({ noteseen => 1 })->store;
|
|
}
|
|
} elsif ( $action eq 'notseen' ) {
|
|
foreach my $issue_id ( @issue_ids ) {
|
|
my $issue = Koha::Checkouts->find($issue_id);
|
|
$issue->set({ noteseen => 0 })->store;
|
|
}
|
|
}
|
|
|
|
my $notes = Koha::Checkouts->search({ 'me.note' => { '!=', undef } }, { prefetch => [ 'borrower', { item => 'biblionumber' } ] });
|
|
$template->param(
|
|
selected_count => scalar(@issue_ids),
|
|
action => $action,
|
|
notes => $notes,
|
|
);
|
|
|
|
output_html_with_http_headers $query, $cookie, $template->output;
|