Koha/opac/opac-suggestions.pl
Jonathan Druart d533a92aa8
Bug 23991: Move SearchSuggestion to Koha::Suggestions
The C4::Suggestions::SearchSuggestion subroutine is badly written and
can be replaced by calls to Koha::Suggestions->search.
The hard part in this patch is suggestion.pl, the other occurrences have
been replaced easily.

Test plan:
The idea is to test the whole suggestion workflow.
1. Create a suggestion on OPAC
2. Create a suggestion on the staff interface
3. Edit suggestions
4. Filter suggestions (use the different filters and "organize by"
values)

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 23991: Remove SearchSuggestion tests

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 23991: (QA follow-up) Save some DB queries

This patch makes the suggestion-related pages rely on array size instead
of querying the DB each time they need to. In the case of
suggestion/suggestion.pl it goes from 4 COUNT(*) to 1.

To test, with KTD:
1. Run on the host machine:
    $ docker exec -ti koha_db_1 bash
    $ mysql -ppassword
    > SET GLOBAL general_log_file='/var/log/mysql/mycustom.log';
    > SET GLOBAL log_output = 'FILE';
    > SET GLOBAL general_log = 'ON';
    > \q
    $ tail -f /var/log/mysql/mycustom.log | grep suggestions
2. Visit the different pages changed on this bug
=> SUCCESS: Some queries
3. Apply this patch
4. Repeat 2
=> SUCCESS: Less queries!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 23991: Fix branchcode and budgetid filtering

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 23991: Fix conflict with bug 28941

Well, this patchset fixed the security bug...
Redoing on top of bug 28941

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 23991: (follow-up) Missing semicolon

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 23991: Fix 'all' libraries

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 23991: (follow-up) Add value to filter_archived

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-06-27 12:30:28 -03:00

283 lines
10 KiB
Perl
Executable file

#!/usr/bin/perl
# This file is part of Koha.
#
# Koha is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# Koha is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Koha; if not, see <http://www.gnu.org/licenses>.
use Modern::Perl;
use CGI qw ( -utf8 );
use Encode;
use C4::Auth qw( get_template_and_user );
use C4::Members;
use C4::Koha qw( GetAuthorisedValues );
use C4::Output qw( output_html_with_http_headers );
use C4::Suggestions qw(
DelSuggestion
MarcRecordFromNewSuggestion
NewSuggestion
);
use C4::Koha qw( GetAuthorisedValues );
use C4::Scrubber;
use C4::Search qw( FindDuplicate );
use Koha::AuthorisedValues;
use Koha::Libraries;
use Koha::Patrons;
use Koha::DateUtils qw( dt_from_string output_pref );
my $input = CGI->new;
my $op = $input->param('op') || 'else';
my $biblionumber = $input->param('biblionumber');
my $negcaptcha = $input->param('negcap');
my $suggested_by_anyone = $input->param('suggested_by_anyone') || 0;
my $title_filter = $input->param('title_filter');
my $need_confirm = 0;
my $suggestion = {
biblionumber => scalar $input->param('biblionumber'),
title => scalar $input->param('title'),
author => scalar $input->param('author'),
copyrightdate => scalar $input->param('copyrightdate'),
isbn => scalar $input->param('isbn'),
publishercode => scalar $input->param('publishercode'),
collectiontitle => scalar $input->param('collectiontitle'),
place => scalar $input->param('place'),
quantity => scalar $input->param('quantity'),
itemtype => scalar $input->param('itemtype'),
branchcode => scalar $input->param('branchcode'),
patronreason => scalar $input->param('patronreason'),
note => scalar $input->param('note'),
};
# If a spambot accidentally populates the 'negcap' field in the sugesstions form, then silently skip and return.
if ($negcaptcha ) {
print $input->redirect("/cgi-bin/koha/opac-suggestions.pl");
exit;
}
#If suggestions are turned off we redirect to 404 error. This will also redirect guest suggestions
if ( ! C4::Context->preference('suggestion') ) {
print $input->redirect("/cgi-bin/koha/errors/404.pl");
exit;
}
my ( $template, $borrowernumber, $cookie, @messages );
my $deleted = $input->param('deleted');
my $submitted = $input->param('submitted');
if ( ( C4::Context->preference("AnonSuggestions") and Koha::Patrons->find( C4::Context->preference("AnonymousPatron") ) ) or ( C4::Context->preference("OPACViewOthersSuggestions") and $op eq 'else' ) ) {
( $template, $borrowernumber, $cookie ) = get_template_and_user(
{
template_name => "opac-suggestions.tt",
query => $input,
type => "opac",
authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
}
);
}
else {
( $template, $borrowernumber, $cookie ) = get_template_and_user(
{
template_name => "opac-suggestions.tt",
query => $input,
type => "opac",
}
);
}
my $suggested_by;
if ( $op eq 'else' ) {
if ( C4::Context->preference("OPACViewOthersSuggestions") ) {
if ( $borrowernumber ) {
# A logged in user is able to see suggestions from others
$suggested_by = $suggested_by_anyone
? undef
: $borrowernumber;
}
# else: Non logged in user is able to see all suggestions
}
else {
if ( $borrowernumber ) {
$suggested_by = $borrowernumber;
}
else {
$suggested_by = -1;
}
}
} else {
if ( $borrowernumber ) {
$suggested_by = $borrowernumber;
}
else {
$suggested_by = C4::Context->preference("AnonymousPatron");
}
}
$suggestion = {
map {
my $p = $suggestion->{$_};
# Keep parameters that are not an empty string
( defined $p && $p ne '' ? ( $_ => $p ) : () )
} keys %$suggestion
};
$suggestion->{suggestedby} = $borrowernumber;
if ( $op eq "add_validate" && not $biblionumber ) { # If we are creating the suggestion from an existing record we do not want to search for duplicates
$op = 'add_confirm';
my $biblio = MarcRecordFromNewSuggestion($suggestion);
if ( my ($duplicatebiblionumber, $duplicatetitle) = FindDuplicate($biblio) ) {
push @messages, { type => 'error', code => 'biblio_exists', id => $duplicatebiblionumber, title => $duplicatetitle };
$need_confirm = 1;
$op = 'add';
}
}
my $patrons_pending_suggestions_count = 0;
my $patrons_total_suggestions_count = 0;
if ( $borrowernumber ){
if ( C4::Context->preference("MaxTotalSuggestions") ne '' && C4::Context->preference("NumberOfSuggestionDays") ne '' ) {
my $suggesteddate_from = dt_from_string()->subtract(days=>C4::Context->preference("NumberOfSuggestionDays"));
$suggesteddate_from = output_pref({ dt => $suggesteddate_from, dateformat => 'iso', dateonly => 1 });
$patrons_total_suggestions_count = Koha::Suggestions->search({ suggestedby => $borrowernumber, suggesteddate => { '>=' => $suggesteddate_from } })->count;
}
if ( C4::Context->preference("MaxOpenSuggestions") ne '' ) {
$patrons_pending_suggestions_count = Koha::Suggestions->search({ suggestedby => $borrowernumber, STATUS => 'ASKED' } )->count ;
}
}
if ( $op eq "add_confirm" ) {
my $suggestions = Koha::Suggestions->search($suggestion);
if ( C4::Context->preference("MaxTotalSuggestions") ne '' && $patrons_total_suggestions_count >= C4::Context->preference("MaxTotalSuggestions") )
{
push @messages, { type => 'error', code => 'total_suggestions' };
}
elsif ( C4::Context->preference("MaxOpenSuggestions") ne '' && $patrons_pending_suggestions_count >= C4::Context->preference("MaxOpenSuggestions") ) #only check limit for signed in borrowers
{
push @messages, { type => 'error', code => 'too_many' };
}
elsif ( $suggestions->count >= 1 ) {
#some suggestion are answering the request Donot Add
while ( my $suggestion = $suggestions->next ) {
push @messages,
{
type => 'error',
code => 'already_exists',
id => $suggestion->suggestionid
};
last;
}
}
else {
for my $f ( split(/\s*\,\s*/, C4::Context->preference("OPACSuggestionUnwantedFields") ) ) {
delete $suggestion->{$f};
}
my $scrubber = C4::Scrubber->new();
foreach my $suggest ( keys %$suggestion ) {
# Don't know why the encode is needed for Perl v5.10 here
$suggestion->{$suggest} = Encode::encode( "utf8",
$scrubber->scrub( $suggestion->{$suggest} ) );
}
$suggestion->{suggesteddate} = dt_from_string;
$suggestion->{branchcode} = $input->param('branchcode') || C4::Context->userenv->{"branch"};
$suggestion->{STATUS} = 'ASKED';
&NewSuggestion($suggestion);
$patrons_pending_suggestions_count++;
$patrons_total_suggestions_count++;
push @messages, { type => 'info', code => 'success_on_inserted' };
}
$op = 'else';
}
my $suggestions = [ Koha::Suggestions->search_limited(
{
$suggestion->{suggestedby}
? ( suggestedby => $suggestion->{suggestedby} )
: (),
$title_filter
? ( title => $title_filter )
: (),
}
)->as_list ];
if ( $op eq "delete_confirm" ) {
my @delete_field = $input->multi_param("delete_field");
foreach my $delete_field (@delete_field) {
&DelSuggestion( $borrowernumber, $delete_field );
}
$op = 'else';
print $input->redirect("/cgi-bin/koha/opac-suggestions.pl?op=else");
exit;
}
my $patron_reason_loop = GetAuthorisedValues("OPAC_SUG", "opac");
my @mandatoryfields;
if ( $op eq 'add' ) {
my $fldsreq_sp = C4::Context->preference("OPACSuggestionMandatoryFields") || 'title';
@mandatoryfields = sort split(/\s*\|\s*/, $fldsreq_sp);
foreach (@mandatoryfields) {
$template->param( $_."_required" => 1);
}
if ( $biblionumber ) {
my $biblio = Koha::Biblios->find($biblionumber);
$suggestion = {
biblionumber => $biblio->biblionumber,
title => $biblio->title,
author => $biblio->author,
copyrightdate => $biblio->copyrightdate,
isbn => $biblio->biblioitem->isbn,
publishercode => $biblio->biblioitem->publishercode,
collectiontitle => $biblio->biblioitem->collectiontitle,
place => $biblio->biblioitem->place,
};
}
}
my @unwantedfields;
{
last unless ($op eq 'add');
my $fldsreq_sp = C4::Context->preference("OPACSuggestionUnwantedFields");
@unwantedfields = sort split(/\s*\|\s*/, $fldsreq_sp);
foreach (@unwantedfields) {
$template->param( $_."_hidden" => 1);
}
}
$template->param(
%$suggestion,
suggestions => $suggestions,
patron_reason_loop => $patron_reason_loop,
"op_$op" => 1,
$op => 1,
messages => \@messages,
suggestionsview => 1,
suggested_by_anyone => $suggested_by_anyone,
title_filter => $title_filter,
patrons_pending_suggestions_count => $patrons_pending_suggestions_count,
need_confirm => $need_confirm,
patrons_total_suggestions_count => $patrons_total_suggestions_count,
);
output_html_with_http_headers $input, $cookie, $template->output, undef, { force_no_caching => 1 };