Koha/opac/sco/sco-main.pl
Galen Charlton 13ab69ae08 bug 4122: make WebBasedSelfCheck functional
The WebBasedSelfCheck preference is now functional - if a user
tries to use /cgi-bin/koha/sco/sco-main.pl if the preference
is not on, they get redirected to the OPAC home page.

Also, the patron image web service now returns HTTP 403 (forbidden) unless
both WebBasedSelfCheck and ShowPatronImageInWebBasedSelfCheck are on.

Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
2010-02-10 08:41:50 -05:00

208 lines
7.1 KiB
Perl
Executable file

#!/usr/bin/perl
#
# This code has been modified by Trendsetters (originally from opac-user.pl)
# This code has been modified by rch
# We're going to authenticate a self-check user. we'll add a flag to borrowers 'selfcheck'
#
# We're in a controlled environment; we trust the user.
# So the selfcheck station will accept a patronid and issue items to that borrower.
# FIXME: NOT really a controlled environment... We're on the internet!
#
# The checkout permission comes form the CGI cookie/session of a staff user.
# The patron is not really logging in here in the same way as they do on the
# rest of the OPAC. So don't confuse loggedinuser with the patron user.
#
# FIXME: inputfocus not really used in TMPL
use strict;
use warnings;
use CGI;
use C4::Auth;
use C4::Koha;
use C4::Dates qw/format_date/;
use C4::Circulation;
use C4::Reserves;
use C4::Output;
use C4::Members;
use C4::Dates;
use C4::Biblio;
use C4::Items;
my $query = new CGI;
unless (C4::Context->preference('WebBasedSelfCheck')) {
# redirect to OPAC home if self-check is not enabled
print $query->redirect("/cgi-bin/koha/opac-main.pl");
exit;
}
if (C4::Context->preference('AutoSelfCheckAllowed'))
{
my $AutoSelfCheckID = C4::Context->preference('AutoSelfCheckID');
my $AutoSelfCheckPass = C4::Context->preference('AutoSelfCheckPass');
$query->param(-name=>'userid',-values=>[$AutoSelfCheckID]);
$query->param(-name=>'password',-values=>[$AutoSelfCheckPass]);
$query->param(-name=>'koha_login_context',-values=>['sco']);
}
my ($template, $loggedinuser, $cookie) = get_template_and_user({
template_name => "sco/sco-main.tmpl",
authnotrequired => 0,
flagsrequired => { circulate => "circulate_remaining_permissions" },
query => $query,
type => "opac",
debug => 1,
});
my $issuerid = $loggedinuser;
my ($op, $patronid, $barcode, $confirmed, $timedout) = (
$query->param("op") || '',
$query->param("patronid") || '',
$query->param("barcode") || '',
$query->param("confirmed") || '',
$query->param("timedout") || '', #not actually using this...
);
my %confirmation_strings = ( RENEW_ISSUE => "This item is already checked out to you. Return it?", );
my $issuenoconfirm = 1; #don't need to confirm on issue.
#warn "issuerid: " . $issuerid;
my $issuer = GetMemberDetails($issuerid);
my $item = GetItem(undef,$barcode);
my $borrower = GetMemberDetails(undef,$patronid);
my $branch = $issuer->{branchcode};
my $confirm_required = 0;
my $return_only = 0;
#warn "issuer cardnumber: " . $issuer->{cardnumber};
#warn "patron cardnumber: " . $borrower->{cardnumber};
if ($op eq "logout") {
$query->param( patronid => undef );
}
elsif ( $op eq "returnbook" ) {
my ($doreturn) = AddReturn( $barcode, $branch );
#warn "returnbook: " . $doreturn;
$borrower = GetMemberDetails( undef, $patronid ); # update borrower
}
elsif ( $op eq "checkout" ) {
my $impossible = {};
my $needconfirm = {};
if ( !$confirmed ) {
( $impossible, $needconfirm ) = CanBookBeIssued( $borrower, $barcode );
}
$confirm_required = scalar keys %$needconfirm;
#warn "confirm_required: " . $confirm_required ;
if (scalar keys %$impossible) {
# warn "impossible: numkeys: " . scalar (keys(%$impossible));
#warn join " ", keys %$impossible;
my $issue_error = (keys %$impossible)[0];
# FIXME we assume only one error.
$template->param(
impossible => $issue_error,
"circ_error_$issue_error" => 1,
title => $item->{title},
hide_main => 1,
);
if ($issue_error eq 'DEBT') {
$template->param(amount => $impossible->{DEBT});
}
#warn "issue_error: " . $issue_error ;
if ( $issue_error eq "NO_MORE_RENEWALS" ) {
$return_only = 1;
$template->param(
returnitem => 1,
barcode => $barcode,
);
}
} elsif ( $needconfirm->{RENEW_ISSUE} ) {
if ($confirmed) {
#warn "renewing";
AddRenewal( $borrower, $item->{itemnumber} );
} else {
#warn "renew confirmation";
$template->param(
renew => 1,
barcode => $barcode,
confirm => 1,
confirm_renew_issue => 1,
hide_main => 1,
);
}
} elsif ( $confirm_required && !$confirmed ) {
#warn "failed confirmation";
my $issue_error = (keys %$needconfirm)[0];
$template->param(
impossible => (keys %$needconfirm)[0],
"circ_error_$issue_error" => 1,
hide_main => 1,
);
} else {
if ( $confirmed || $issuenoconfirm ) { # we'll want to call getpatroninfo again to get updated issues.
# warn "issuing book?";
AddIssue( $borrower, $barcode );
# ($borrower, $flags) = getpatroninformation(undef,undef, $patronid);
# $template->param(
# patronid => $patronid,
# validuser => 1,
# );
} else {
$confirm_required = 1;
#warn "issue confirmation";
$template->param(
confirm => "Issuing title: " . $item->{title},
barcode => $barcode,
hide_main => 1,
inputfocus => 'confirm',
);
}
}
} # $op
if ($borrower->{cardnumber}) {
# warn "issuer's branchcode: " . $issuer->{branchcode};
# warn "user's branchcode: " . $borrower->{branchcode};
my $borrowername = sprintf "%s %s", ($borrower->{firstname} || ''), ($borrower->{surname} || '');
my @issues;
my ($issueslist) = GetPendingIssues( $borrower->{'borrowernumber'} );
foreach my $it (@$issueslist) {
$it->{date_due_display} = format_date($it->{date_due});
my ($renewokay, $renewerror) = CanBookBeIssued($borrower, $it->{'barcode'},'','');
$it->{'norenew'} = 1 if $renewokay->{'NO_MORE_RENEWALS'};
push @issues, $it;
}
$template->param(
validuser => 1,
borrowername => $borrowername,
issues_count => scalar(@issues),
ISSUES => \@issues,
patronid => $patronid,
noitemlinks => 1 ,
);
my $inputfocus = ($return_only == 1) ? 'returnbook' :
($confirm_required == 1) ? 'confirm' : 'barcode' ;
$template->param(
inputfocus => $inputfocus,
nofines => 1,
"dateformat_" . C4::Context->preference('dateformat') => 1,
);
if (C4::Context->preference('ShowPatronImageInWebBasedSelfCheck')) {
my ($image, $dberror) = GetPatronImage($borrower->{cardnumber});
if ($image) {
$template->param(
display_patron_image => 1,
cardnumber => $borrower->{cardnumber},
);
}
}
} else {
$template->param(
patronid => $patronid,
nouser => $patronid,
);
}
output_html_with_http_headers $query, $cookie, $template->output;