Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/basket.tt
Galen Charlton 44364db8d5 Bug 10258: fix permissions check for setting basket group for order basket 
Improve the code that displays and allows staff to
set the basket group from the basket details page
for a closed basket.

Prior to this patch, a staff member who did not
have the group_manage acquisition permission would
still see a control to change the group that the
basket belongs to; attempting to change the group
would present with with a login page.

This patch also does some tidying of how basket group
details are passed to the template.

To test:

[1] Create an order basket and close it.  Do
    not assign it to a basket group.
[2] View the basket details while logged in as
    a staff user who has the order_manage acquisitions
    permission but not the group_manage.  The
    displayed basket group should be "No group".
[3] Switch to a staff user who also has the
    group_manage permission, then view the basket
    details again.  The basket group field should
    now be a select input that allows you to change
    the basket group.
[4] Change the basket group.  Verify that the basket group
    you selected is now displayed as the current group
    for that order basket.  The basket group delivery and
    billing place fields should also now be displayed.
[5] Close the basket group set in the previous step, then
    view the basket details again.  This time, the basket
    group name should be displayed with a suffix of " (closed)",
    and no input to change the group should be displayed.
[6] Swith to a staff user who does not have the group_manage
    permission, view the basket details, and verify that
    the basket name is displayed with a suffix of " (closed)".

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-07-15 16:15:01 +00:00

485 lines
26 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[% USE KohaDates %]
[% INCLUDE 'doc-head-open.inc' %]
<title>Koha &rsaquo; Acquisitions &rsaquo; [% UNLESS ( basketno ) %]New [% END %][% IF ( delete_confirm ) %]Delete [% END %]Basket [% basketname|html %] ([% basketno %]) for [% name|html %]</title>
<link rel="stylesheet" type="text/css" href="[% themelang %]/css/datatables.css" />
[% INCLUDE 'doc-head-close.inc' %]
<script type="text/javascript" src="[% themelang %]/lib/jquery/plugins/jquery.dataTables.min.js"></script>
[% INCLUDE 'datatables-strings.inc' %]
<script type="text/javascript" src="[% themelang %]/js/datatables.js"></script>
<script type="text/javascript">
//<![CDATA[
function updateColumnsVisibility(visible) {
if ( visible ) {
$("table .gste, .gsti").show();
} else {
[% IF ( listincgst ) %]
$("table .gste").hide();
[% ELSE %]
$("table .gsti").hide();
[% END %]
}
}
$(document).ready(function() {
$("#show_all_details").click(function(){
updateColumnsVisibility($(this+":checked").val());
});
$("#show_all_details").attr('checked', false);
updateColumnsVisibility(false);
});
//]]>
</script>
[% UNLESS ( closedate ) %]
<script type="text/javascript">
//<![CDATA[
function confirm_close() {
var is_confirmed = confirm(_("Are you sure you want to close this basket?"));
if (is_confirmed) {
window.location = "[% script_name %]?op=close&basketno=[% basketno %]";
}
}
function confirm_deletion() {
var is_confirmed = confirm(_("Are you sure you want to delete this basket?"));
if (is_confirmed) {
window.location = "[% script_name %]?op=delete_confirm&basketno=[% basketno %]&booksellerid=[% booksellerid %]";
}
}
function confirm_delete_item(ordernumber, biblionumber) {
var is_confirmed = confirm(_("Are you sure you want to delete this order ?"));
if (is_confirmed) {
window.location = "addorder.pl?ordernumber="+ordernumber+"&basketno=[% basketno %]&quantity=0&biblionumber="+biblionumber;
}
}
function confirm_delete_biblio(ordernumber, biblionumber) {
var is_confirmed = confirm(_("Are you sure you want to delete this catalog record and order ?"));
if (is_confirmed) {
window.location = "addorder.pl?ordernumber="+ordernumber+"&basketno=[% basketno %]&quantity=0&biblionumber="+biblionumber+"&delbiblio=1";
}
}
//]]>
</script>
[% ELSE %]
<script type="text/javascript">
//<![CDATA[
$(document).ready(function(){
$("#basketgroupid").change(function(){
if($(this).val() == "new"){
location.href="/cgi-bin/koha/acqui/basketgroup.pl?op=add&booksellerid=[% booksellerid %]";
}
});
});
//]]>
</script>
[% UNLESS ( grouped ) %]
<script type="text/javascript">
//<![CDATA[
function confirm_reopen() {
var skip = [% IF ( skip_confirm_reopen ) %] 1 [% ELSE %] 0 [% END %];
var is_confirmed = skip || confirm(_("Are you sure you want to reopen this basket?"));
if (is_confirmed) {
window.location = "[% script_name %]?op=reopen&basketno=[% basketno %]";
}
}
//]]>
</script>
[% END %]
[% END %]
<script type="text/javascript">
//<![CDATA[
$(document).ready(function() {
var orderst = $("#orders").dataTable($.extend(true, {}, dataTablesDefaults, {
"sPaginationType": "four_button",
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
"aoColumnDefs": [
{ "aTargets": [ -1, -2 ], "bSortable": false, "bSearchable": false },
],
[% END %]
[% END %]
} ) );
var cancelledorderst = $("#cancelledorderst").dataTable($.extend(true, {}, dataTablesDefaults, {
"sPaginationType": "four_button"
} ) );
$("#delbasketbutton").on("click",function(e){
e.preventDefault();
confirm_deletion();
});
$("#reopenbutton").on("click",function(e){
e.preventDefault();
confirm_reopen();
});
});
//]]>
</script>
<style type="text/css">
.sortmsg {font-size: 80%;}
</style>
</head>
<body id="acq_basket" class="acq">
[% INCLUDE 'header.inc' %]
[% INCLUDE 'acquisitions-search.inc' %]
<div id="breadcrumbs"><a href="/cgi-bin/koha/mainpage.pl">Home</a> &rsaquo; <a href="/cgi-bin/koha/acqui/acqui-home.pl">Acquisitions</a> &rsaquo; <a href="/cgi-bin/koha/acqui/supplier.pl?booksellerid=[% booksellerid %]">[% name|html %]</a> &rsaquo; [% UNLESS ( basketno ) %]New [% END %][% IF ( delete_confirm ) %]Delete [% END %]Basket [% basketname|html %] ([% basketno %]) for [% name|html %]</div>
<div id="doc3" class="yui-t2">
<div id="bd">
<div id="yui-main">
<div class="yui-b">
[% UNLESS ( confirm_close ) %]
[% UNLESS ( selectbasketg ) %]
[% UNLESS ( closedate ) %]
<div id="toolbar" class="btn-toolbar">
<div class="btn-group"><a href="basketheader.pl?booksellerid=[% booksellerid %]&amp;basketno=[% basketno %]&amp;op=add_form" class="btn btn-small" id="basketheadbutton"><i class="icon-pencil"></i> Edit basket</a></div>
<div class="btn-group"><a href="#" class="btn btn-small" id="delbasketbutton"><i class="icon-remove"></i> Delete this basket</a></div>
[% IF ( unclosable ) %]
[% ELSIF ( uncertainprices ) %]
<div class="btn-group"><a href="/cgi-bin/koha/acqui/uncertainprice.pl?booksellerid=[% booksellerid %]&amp;owner=1" class="btn btn-small" id="uncertpricesbutton">Uncertain prices</a></div>
[% ELSE %]
<div class="btn-group">
<a href="[% script_name %]?op=close&amp;basketno=[% basketno %]&amp;booksellerid=[% booksellerid %]" class="btn btn-small" id="closebutton"><i class="icon-remove-sign"></i> Close this basket</a>
</div>
[% END %]
<div class="btn-group"><a href="[% script_name %]?op=export&amp;basketno=[% basketno %]&amp;booksellerid=[% booksellerid %]" class="btn btn-small" id="exportbutton"><i class="icon-download"></i> Export this basket as CSV</a></div>
</div>
[% ELSE %]
[% UNLESS ( grouped ) %]
<div id="toolbar" class="btn-toolbar">
<div class="btn-group"><a href="#" class="btn btn-small" id="reopenbutton"><i class="icon-refresh"></i> Reopen this basket</a></div>
<div class="btn-group"><a href="[% script_name %]?op=export&amp;basketno=[% basketno %]&amp;booksellerid=[% booksellerid %]" class="btn btn-small" id="exportbutton"><i class="icon-download"></i> Export this basket as CSV</a></div>
</div>
[% END %]
[% END %]
[% END %]
[% IF ( NO_BOOKSELLER ) %]
<h2>Vendor not found</h2>
[% ELSE %]
[% IF ( delete_confirmed ) %]
<h3>Basket deleted</h3>
<META HTTP-EQUIV=Refresh CONTENT="0; url=booksellers.pl">
[% ELSE %]
<h1>[% UNLESS ( basketno ) %]New [% END %][% IF ( delete_confirm ) %]Delete [% END %]Basket [% basketname|html %] ([% basketno %]) for <a href="supplier.pl?booksellerid=[% booksellerid %]">[% name|html %]</a></h1>
[% IF ( delete_confirm ) %]
<h2>
<span class="yui-button yui-link-button">
<em class="first-child">
<a href="[% script_name %]?op=delete_confirm&amp;basketno=[% basketno %]&amp;booksellerid=[% booksellerid %]" class="yui-link-button">Yes, delete this basket!</a>
</em>
</span>
<span class="yui-button yui-link-button">
<em class="first-child">
<a href="[% script_name %]?basketno=[% basketno %]" class="yui-link-button">Cancel</a>
</em>
</span>
</h2>
[% END %]
[% IF ( basketno ) %]
<div id="acqui_basket_summary" class="yui-g">
<div class="rows">
<div class="yui-u first">
<ol>
[% IF ( basketnote ) %]<li><span class="label">Internal note:</span> [% basketnote %]</li>[% END %]
[% IF ( basketbooksellernote ) %]<li><span class="label">Vendor note:</span> [% basketbooksellernote %]</li>[% END %]
[% IF ( basketcontractno ) %]
<li><span class="label">Contract name:</span> <a href="../admin/aqcontract.pl?op=add_form&amp;contractnumber=[% basketcontractno %]&amp;booksellerid=[% booksellerid %]">[% basketcontractname %]</a></li>
[% END %]
[% IF ( deliveryplace ) %]<li><span class="label">Delivery place:</span> [% deliveryplace %]</li>[% END %]
[% IF ( billingplace ) %]<li><span class="label">Billing place:</span> [% billingplace %]</li>[% END %]
[% IF ( authorisedbyname ) %]<li><span class="label">Managed by:</span> [% authorisedbyname %]</li>[% END %]
[% IF ( creationdate ) %]<li><span class="label">Opened on:</span> [% creationdate | $KohaDates %]</li>[% END %]
[% IF ( closedate ) %]<li><span class="label">Closed on:</span> [% closedate | $KohaDates %]</li>[% END %]
[% IF ( estimateddeliverydate ) %]<li><span class="label">Estimated delivery date:</span> [% estimateddeliverydate | $KohaDates %]</li>[% END %]
</ol>
</div>
[% IF ( closedate ) %]
<div class="yui-u">
[% IF ( CAN_user_acquisition_group_manage ) %]
<form action="/cgi-bin/koha/acqui/basketgroup.pl" method="post">
[% END %]
<ol>
<li>
<span class="label">Basket group:</span>
[% IF basketgroup.closed %]
[% basketgroup.name %] (closed)
[% ELSIF ( ! CAN_user_acquisition_group_manage ) %]
[%- IF basketgroup.name -%]
[% basketgroup.name %]
[%- ELSE -%]
No group
[%- END -%]
[% ELSE %]
<select id="basketgroupid" name="basketgroupid">
<option value="new">Add new group</option>
[% FOREACH bg IN basketgroups %]
[% IF ( bg.default ) %]
<option value="[% bg.id %]" selected="selected">[% bg.name %]</option>
[% ELSE %]
[% UNLESS bg.closed %]
<option value="[% bg.id %]">[% bg.name %]</option>
[% ELSE %]
<option value="[% bg.id %]" disabled="disabled">[% bg.name %] (closed)</option>
[% END %]
[% END %]
[% END %]
</select>
<input type="hidden" id="basketno" value="[% basketno %]" name="basketno" />
<input type="hidden" value="mod_basket" name="op" />
<input type="hidden" name="booksellerid" value="[% booksellerid %]" />
<input type="submit" value="Change basket group" />
[% END %]
</li>
[% IF ( basketgroup.deliveryplacename ) %]<li><span class="label">Basket group delivery placename:</span> [% basketgroup.deliveryplacename %]</li>[% END %]
[% IF ( basketgroup.billingplacename ) %]<li><span class="label">Basket group billing place:</span> [% basketgroup.billingplacename %]</li>[% END %]
</ol>
[% IF ( CAN_user_acquisition_group_manage ) %]
</form>
[% END %]
</div>
[% END %]
</div>
</div>
[% END %]
[% UNLESS ( delete_confirm ) %]
<div id="acqui_basket_content" class="yui-g">
[% IF ( books_loop ) %]
<h2>Orders</h2>
<label for="show_all_details">
<input type="checkbox" style="vertical-align: middle;" id="show_all_details" />
Show all details
</label>
<table id="orders">
<thead>
<tr>
<th>Order</th>
<th class="gste">RRP tax exc.</th>
<th class="gste">ecost tax exc.</th>
<th class="gsti">RRP tax inc.</th>
<th class="gsti">ecost tax inc.</th>
<th>Qty.</th>
<th class="gste">Total tax exc. ([% currency %])</th>
<th class="gsti">Total tax inc. ([% currency %])</th>
<th>GST %</th>
<th>GST</th>
<th>Fund</th>
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
<th>Modify</th>
<th>Delete</th>
[% END %]
[% END %]
</tr>
</thead>
<tfoot>
[% FOREACH foot_loo IN book_foot_loop %]
<tr>
<th>Total (GST [% foot_loo.gstgsti %])</th>
<th class="gste">&nbsp;</th>
<th class="gste">&nbsp;</th>
<th class="gsti">&nbsp;</th>
<th class="gsti">&nbsp;</th>
<th>[% foot_loo.quantity %]</th>
<th class="gste">[% foot_loo.totalgste %]</th>
<th class="gsti">[% foot_loo.totalgsti %]</th>
<th>&nbsp;</th>
<th>[% foot_loo.gstvalue %]</th>
<th>&nbsp;</th>
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
<th>&nbsp;</th>
<th>&nbsp;</th>
[% END %]
[% END %]
</tr>
[% END %]
<tr>
<th>Total ([% currency %])</th>
<th class="gste">&nbsp;</th>
<th class="gste">&nbsp;</th>
<th class="gsti">&nbsp;</th>
<th class="gsti">&nbsp;</th>
<th>[% total_quantity %]</th>
<th class="gste">[% total_gste %]</th>
<th class="gsti">[% total_gsti %]</th>
<th>&nbsp;</th>
<th>[% total_gstvalue %]</th>
<th>&nbsp;</th>
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
<th>&nbsp;</th>
<th>&nbsp;</th>
[% END %]
[% END %]
</tr>
</tfoot>
<tbody>
[% FOREACH books_loo IN books_loop %]
[% IF ( books_loo.order_received ) %]<tr class="disabled">[% ELSE %][% IF ( books_loo.toggle ) %]<tr class="highlight">[% ELSE %]<tr>[% END %][% END %]
<td>
<p>[% IF ( books_loo.order_received ) %] (rcvd)[% END %]
<a href="/cgi-bin/koha/catalogue/detail.pl?biblionumber=[% books_loo.biblionumber %]">[% books_loo.title |html %]</a> by [% books_loo.author %]
<br />
[% IF ( books_loo.isbn ) %] - [% books_loo.isbn %][% END %]
[% IF ( books_loo.issn ) %] - [% books_loo.issn %][% END %]
[% IF ( books_loo.publishercode ) %], [% books_loo.publishercode %][% END %]
[% IF ( books_loo.publicationyear ) %], [% books_loo.publicationyear %][% END %]
[% IF ( books_loo.editionstatement ) %], [% books_loo.editionstatement %][% END %]
[% IF ( books_loo.suggestionid ) %]
<br/>
Suggested by: [% books_loo.surnamesuggestedby %][% IF ( books_loo.firstnamesuggestedby ) %], [% books_loo.firstnamesuggestedby %] [% END %]
(<a href="/cgi-bin/koha/suggestion/suggestion.pl?suggestionid=[% books_loo.suggestionid %]&amp;op=show">suggestion #[% books_loo.suggestionid %]</a>)
[% END %]
</p>
[% IF ( books_loo.notes ) %]
<p class="ordernote"><strong>Note: </strong>[% books_loo.notes|html %] [<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber=[% books_loo.ordernumber %]">Change note</a>]</p>
[% ELSE %]
<p>[<a href="/cgi-bin/koha/acqui/modordernotes.pl?ordernumber=[% books_loo.ordernumber %]">Add note</a>]</p>
[% END %]
</td>
<td class="number gste [% IF books_loo.rrpgste.search('^0') %]error[% END %]">[% books_loo.rrpgste %]</td>
<td class="number gste [% IF books_loo.ecostgste.search('^0') %]error[% END %]">[% books_loo.ecostgste %]</td>
<td class="number gsti [% IF books_loo.rrpgsti.search('^0') %]error[% END %]">[% books_loo.rrpgsti %]</td>
<td class="number gsti [% IF books_loo.ecostgsti.search('^0') %]error[% END %]">[% books_loo.ecostgsti %]</td>
<td class="number [% IF books_loo.quantity.search('^0') %]error[% END %]">[% books_loo.quantity %]</td>
<td class="number gste [% IF books_loo.totalgste.search('^0') %]error[% END %]">[% books_loo.totalgste %]</td>
<td class="number gsti [% IF books_loo.totalgsti.search('^0') %]error[% END %]">[% books_loo.totalgsti %]</td>
<td class="number [% IF books_loo.gstgsti.search('^0') %]error[% END %]">[% books_loo.gstgsti %]</td>
<td class="number [% IF books_loo.gstvalue.search('^0') %]error[% END %]">[% books_loo.gstvalue %]</td>
<td>[% books_loo.budget_name %]</td>
[% IF ( active ) %]
[% UNLESS ( closedate ) %]
<td>
<a href="neworderempty.pl?ordernumber=[% books_loo.ordernumber %]&amp;booksellerid=[% booksellerid %]&amp;basketno=[% basketno %]">Modify</a>
</td>
<td>
[% IF ( books_loo.left_holds_on_order ) %]
<span class="button" title="Can't delete order, ([% books_loo.holds_on_order %]) holds are linked with this order cancel holds first">Can't delete order</span><br>
[% ELSE %]
<a href="javascript:confirm_delete_item([% books_loo.ordernumber %],[% books_loo.biblionumber %])" class="button">Delete order</a><br>
[% END %]
[% IF ( books_loo.can_del_bib ) %]
<a href="javascript:confirm_delete_biblio([% books_loo.ordernumber %],[% books_loo.biblionumber %])" class="button">Delete order and catalog record</a><br>
[% ELSE %]
<span class="button" title="Can't delete catalog record, see constraints below">Can't delete order and catalog record</span><br>
[% END %]
[% IF ( books_loo.left_item ) %]
<b title="Can't delete catalog record, because of [% books_loo.items %] existing hold(s)" >[% books_loo.items %] item(s) left</b><br>
[% END %]
[% IF ( books_loo.left_biblio ) %]
<b title="Can't delete catalog record, delete other orders linked to it first">[% books_loo.biblios %] order(s) left</b><br>
[% END %]
[% IF ( books_loo.left_subscription ) %]
<b title="Can't delete catalog record, delete subscriptions first">[% books_loo.subscriptions %] subscription(s) left</b><br>
[% END %]
[% IF ( books_loo.left_holds ) %]
<b title="Can't delete catalog record or order, cancel holds first">[% books_loo.holds %] hold(s) left</b>
[% END %]
</td>
[% END %]
[% END %]
</tr>
[% END %]
</tbody>
</table>
[% END %]
[% IF ( listincgst ) %]<small class="highlight">** Vendor's listings already include tax.</small>
[% END %]
</div>
[% IF (cancelledorders_loop) %]
<div id="cancelledorders">
<h2>Cancelled orders</h2>
<table id="cancelledorderst">
<thead>
<tr>
<th>Order</th>
<th class="gste">RRP tax exc.</th>
<th class="gste">ecost tax exc.</th>
<th class="gsti">RRP tax inc.</th>
<th class="gsti">ecost tax inc.</th>
<th>Qty.</th>
<th class="gste">Total tax exc. ([% currency %])</th>
<th class="gsti">Total tax inc. ([% currency %])</th>
<th>GST %</th>
<th>GST</th>
<th>Fund</th>
</tr>
</thead>
<tbody>
[% FOREACH order IN cancelledorders_loop %]
<tr style="color:grey">
<td>
<p>
[% IF ( order.order_received ) %] (rcvd)[% END %]
[% IF (order.title) %]
[% order.title |html %] by [% order.author %]<br />
[% ELSE %]
<em>Deleted bibliographic record, can't find title</em><br />
[% END %]
[% IF ( order.notes ) %] [% order.notes %][% END %]
[% IF ( order.isbn ) %] - [% order.isbn %][% END %]
[% IF ( order.issn ) %] - [% order.issn %][% END %]
[% IF ( order.publishercode ) %], [% order.publishercode %][% END %]
[% IF ( order.publicationyear ) %], [% order.publicationyear %][% END %]
[% IF ( books_loo.editionstatement ) %], [% books_loo.editionstatement %][% END %]
</p>
</td>
<td class="number gste">[% order.rrpgste %]</td>
<td class="number gste">[% order.ecostgste %]</td>
<td class="number gsti">[% order.rrpgsti %]</td>
<td class="number gsti">[% order.ecostgsti %]</td>
<td class="number">[% order.quantity %]</td>
<td class="number gste">[% order.totalgste %]</td>
<td class="number gsti">[% order.totalgsti %]</td>
<td class="number">[% order.gstgsti %]</td>
<td class="number">[% order.gstvalue %]</td>
<td>[% order.budget_name %]
</tr>
[% END %]
</tbody>
</table>
</div>
[% END %]
<br />
[% UNLESS ( closedate ) %]
[% INCLUDE 'acquisitions-add-to-basket.inc' %]
[% END %]
[% END %]
[% END %]
[% END %] [% ELSE %] <!-- if we want just to select a basketgroup for a closed basket -->
[% END %]
[% IF ( confirm_close ) %]
<div id="closebasket_needsconfirmation" class="dialog alert">
<form action="/cgi-bin/koha/acqui/basket.pl" class="confirm">
<h1>Are you sure you want to close basket [% basketname|html %]?</h1>
<p>
<label for="createbasketgroup">Attach this basket to a new basket group with the same name</label>
<input type="checkbox" id="createbasketgroup" name="createbasketgroup"/>
</p>
<input type="hidden" id="basketno" value="[% basketno %]" name="basketno" />
<input type="hidden" value="close" name="op" />
<input type="hidden" name="booksellerid" value="[% booksellerid %]" />
<input type="hidden" name="confirm" value="1" />
<input type="hidden" name="basketgroupname" value="[% basketgroupname %]" />
<input type="submit" class="approve" value="Yes, close (Y)" accesskey="y" />
<input type="submit" class="deny" value="No, don't close (N)" accesskey="n" onclick="javascript:window.location='/cgi-bin/koha/acqui/basket.pl?basketno=[% basketno %]';return false;" />
</form>
</div>
[% END %]
</div>
</div>
<div class="yui-b">
[% INCLUDE 'acquisitions-menu.inc' %]
</div>
</div>
[% INCLUDE 'intranet-bottom.inc' %]
View git blame Copy permalink