Koha/admin/import_export_framework.pl
Katrin Fischer 252f4674a5 Bug 14391: Add granular permissions to the administration module
So far the administration module only allowed for 2 permissions:
- circulation conditions (manage_circ_rules)
- everything else (parameters_remaining_permissions)

With this patch almost every section of the administration page
will have its own granular permission.

To test:
- Create different staff users:
  1) One with parameters_remaining_permissions
  2) One with parameters
  3) One with catalogue and no parameters
  4) One superlibrarian
- Apply the patch
- Run the database update
- Check the staff users:
  1) All subpermissions, but manage_circ_rules
     should be checked
  2) Nothing should have changed
  3) manage_item_serach_fields shoudl be checked
     (page had catalogue permission before)
  4) Nothing should have changed
- Try different settings of the permissions and
  verify that
  - Administration page behaves correctly
  - Administration menu behaves correctly
  ! You shoudl only see what you have permission for

https://bugs.koha-community.org/show_bug.cgi?id=14391

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-07 12:29:32 +00:00

97 lines
3.5 KiB
Perl
Executable file

#!/usr/bin/perl
# Copyright 2010-2011 MASmedios.com y Ministerio de Cultura
#
# This file is part of Koha.
#
# Koha is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# Koha is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Koha; if not, see <http://www.gnu.org/licenses>.
use Modern::Perl;
use CGI qw ( -utf8 );
use CGI::Cookie;
use C4::Context;
use C4::Auth qw/check_cookie_auth/;
use C4::ImportExportFramework;
my %cookies = CGI::Cookie->fetch();
my $authenticated = 0;
my ($auth_status, $sessionID);
if (exists $cookies{'CGISESSID'}) {
($auth_status, $sessionID) = check_cookie_auth(
$cookies{'CGISESSID'}->value,
{ parameters => 'manage_marc_frameworks' },
);
}
if ($auth_status eq 'ok') {
$authenticated = 1;
}
my $input = new CGI;
unless ($authenticated) {
print $input->header(-type => 'text/plain', -status => '403 Forbidden');
exit 0;
}
my $framework_name = $input->param('frameworkcode') || 'default';
my $frameworkcode = ($framework_name eq 'default') ? q{} : $framework_name;
my $action = $input->param('action') || 'export';
## Exporting
if ($action eq 'export' && $input->request_method() eq 'GET') {
my $strXml = '';
my $format = $input->param('type_export_' . $framework_name);
ExportFramework($frameworkcode, \$strXml, $format);
if ($format eq 'csv') {
# CSV file
# Correctly set the encoding to output plain text in UTF-8
binmode(STDOUT,':encoding(UTF-8)');
print $input->header(-type => 'application/vnd.ms-excel', -attachment => 'export_' . $framework_name . '.csv');
print $strXml;
} elsif ($format eq 'excel') {
# Excel-xml file
print $input->header(-type => 'application/excel', -attachment => 'export_' . $framework_name . '.xml');
print $strXml;
} else {
# ODS file
my $strODS = '';
createODS($strXml, 'en', \$strODS);
print $input->header(-type => 'application/vnd.oasis.opendocument.spreadsheet', -attachment => 'export_' . $framework_name . '.ods');
print $strODS;
}
## Importing
} elsif ($input->request_method() eq 'POST') {
my $ok = -1;
my $fieldname = 'file_import_' . $framework_name;
my $filename = $input->param($fieldname);
# upload the input file
if ($filename && $filename =~ /\.(csv|ods|xml)$/i) {
my $extension = $1;
my $uploadFd = $input->upload($fieldname);
if ($uploadFd && !$input->cgi_error) {
my $tmpfilename = $input->tmpFileName(scalar $input->param($fieldname));
$filename = $tmpfilename . '.' . $extension; # rename the tmp file with the extension
$ok = ImportFramework($filename, $frameworkcode, 1) if (rename($tmpfilename, $filename));
}
}
if ($ok >= 0) { # If everything went ok go to the framework marc structure
print $input->redirect( -location => '/cgi-bin/koha/admin/marctagstructure.pl?frameworkcode=' . $frameworkcode);
} else {
# If something failed go to the list of frameworks and show message
print $input->redirect( -location => '/cgi-bin/koha/admin/biblio_framework.pl?error_import_export=' . $frameworkcode);
}
}