252f4674a5
So far the administration module only allowed for 2 permissions: - circulation conditions (manage_circ_rules) - everything else (parameters_remaining_permissions) With this patch almost every section of the administration page will have its own granular permission. To test: - Create different staff users: 1) One with parameters_remaining_permissions 2) One with parameters 3) One with catalogue and no parameters 4) One superlibrarian - Apply the patch - Run the database update - Check the staff users: 1) All subpermissions, but manage_circ_rules should be checked 2) Nothing should have changed 3) manage_item_serach_fields shoudl be checked (page had catalogue permission before) 4) Nothing should have changed - Try different settings of the permissions and verify that - Administration page behaves correctly - Administration menu behaves correctly ! You shoudl only see what you have permission for https://bugs.koha-community.org/show_bug.cgi?id=14391 Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
127 lines
3.5 KiB
Perl
Executable file
127 lines
3.5 KiB
Perl
Executable file
#!/usr/bin/perl
|
|
|
|
# Copyright 2000-2002 Katipo Communications
|
|
# copyright 2010 BibLibre
|
|
#
|
|
# This file is part of Koha.
|
|
#
|
|
# Koha is free software; you can redistribute it and/or modify it
|
|
# under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# Koha is distributed in the hope that it will be useful, but
|
|
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with Koha; if not, see <http://www.gnu.org/licenses>.
|
|
|
|
use Modern::Perl;
|
|
|
|
use CGI qw ( -utf8 );
|
|
use C4::Auth;
|
|
use C4::Context;
|
|
use C4::Output;
|
|
use C4::Koha;
|
|
use C4::Circulation qw{ IsBranchTransferAllowed DeleteBranchTransferLimits CreateBranchTransferLimit };
|
|
|
|
my $input = new CGI;
|
|
|
|
my ($template, $loggedinuser, $cookie)
|
|
= get_template_and_user({template_name => "admin/branch_transfer_limits.tt",
|
|
query => $input,
|
|
type => "intranet",
|
|
flagsrequired => {parameters => 'manage_transfers'},
|
|
debug => 1,
|
|
});
|
|
|
|
my $dbh = C4::Context->dbh;
|
|
my $branchcode;
|
|
if((!defined($input->param('branchcode'))) & C4::Context::mybranch() ne '')
|
|
{
|
|
$branchcode = C4::Context::mybranch();
|
|
}
|
|
else
|
|
{
|
|
$branchcode = $input->param('branchcode');
|
|
}
|
|
|
|
# Set the template language for the correct limit type using $limitType
|
|
my $limitType = C4::Context->preference("BranchTransferLimitsType") || "ccode";
|
|
|
|
my @codes;
|
|
my @branchcodes;
|
|
|
|
my $sth;
|
|
if ( $limitType eq 'ccode' ) {
|
|
$sth = $dbh->prepare('SELECT authorised_value AS ccode FROM authorised_values WHERE category = "CCODE"');
|
|
} elsif ( $limitType eq 'itemtype' ) {
|
|
$sth = $dbh->prepare('SELECT itemtype FROM itemtypes');
|
|
}
|
|
$sth->execute();
|
|
while ( my $row = $sth->fetchrow_hashref ) {
|
|
push( @codes, $row->{ $limitType } );
|
|
}
|
|
|
|
$sth = $dbh->prepare("SELECT branchcode FROM branches");
|
|
$sth->execute();
|
|
while ( my $row = $sth->fetchrow_hashref ) {
|
|
push( @branchcodes, $row->{'branchcode'} );
|
|
}
|
|
|
|
## If Form Data Passed, Update the Database
|
|
if ( $input->param('updateLimits') ) {
|
|
DeleteBranchTransferLimits($branchcode);
|
|
|
|
|
|
foreach my $code ( @codes ) {
|
|
foreach my $toBranch ( @branchcodes ) {
|
|
my $isSet = not $input->param( $code . "_" . $toBranch);
|
|
if ( $isSet ) {
|
|
CreateBranchTransferLimit( $toBranch, $branchcode, $code );
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
## Build branchcode loop
|
|
my @branchcode_loop;
|
|
foreach my $branchcode ( @branchcodes ) {
|
|
my %row_data;
|
|
$row_data{ branchcode } = $branchcode;
|
|
push ( @branchcode_loop, \%row_data );
|
|
}
|
|
my $branchcount = scalar(@branchcode_loop);
|
|
|
|
## Build the default data
|
|
my @codes_loop;
|
|
foreach my $code ( @codes ) {
|
|
my @to_branch_loop;
|
|
my %row_data;
|
|
$row_data{ code } = $code;
|
|
$row_data{ to_branch_loop } = \@to_branch_loop;
|
|
foreach my $toBranch ( @branchcodes ) {
|
|
my %row_data;
|
|
my $isChecked = IsBranchTransferAllowed( $toBranch, $branchcode, $code );
|
|
$row_data{ code } = $code;
|
|
$row_data{ toBranch } = $toBranch;
|
|
$row_data{ isChecked } = $isChecked;
|
|
push( @to_branch_loop, \%row_data );
|
|
}
|
|
|
|
push( @codes_loop, \%row_data );
|
|
}
|
|
|
|
|
|
$template->param(
|
|
branchcount => $branchcount,
|
|
codes_loop => \@codes_loop,
|
|
branchcode_loop => \@branchcode_loop,
|
|
branchcode => $branchcode,
|
|
limitType => $limitType,
|
|
);
|
|
|
|
output_html_with_http_headers $input, $cookie, $template->output;
|
|
|