Koha/tools
Galen Charlton bb75025364 Bug 7002: fix some invalid superlibrarian permission checks
This patch fixes a problem where if a staff user has superlibrarian
permissions, but also has module-specific permissions, they are
prevent from editing item records that they should be allowed to.

To test:

[1] Turn on IndependentBranches.
[2] Register a superlibrarian staff user at branch A.
[3] Give that new account at least one other module-level
    permission.  This cannot be done through the user interface,
    however, but can be done via SQL:

    UPDATE borrowers SET flags = 3 WHERE userid = 'XXX';

[4] Log in as that new superlibrarian.
[5] Bring up the item details (catalogue/moredetail.pl) page for
    an item at branch B.  Note that there is no 'Edit Item' link.
[6] Similarly, try editing that item (cataloging/additem.pl).  Note
    that the edit form forbids you from touching the item.
[7] Finally, try editing that item using the Tools | Batch item
    modification utility.  Note that it doesn't allow you to do so.
[8] Apply the patch.
[9] Repeat steps 5 through 7.  This time, the item actions should
    be allowed.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described, passes QA script and test suite.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2014-01-06 05:32:22 +00:00
..
csv-profiles
quotes
ajax-inventory.pl Bug 7684: QA Followup and bugfixes 2013-11-01 00:11:45 +00:00
background-job-progress.pl
batchMod.pl Bug 7002: fix some invalid superlibrarian permission checks 2014-01-06 05:32:22 +00:00
cleanborrowers.pl Bug 6506: When AnonymousPatron not set, deletion of issue history silently failed. 2013-05-01 08:44:11 -04:00
copy-holidays.pl
csv-profiles.pl Bug 10853 - followup to correct tabs 2013-10-11 02:16:17 +00:00
exceptionHolidays.pl
export.pl Bug 10277 - Add C4::Context->IsSuperLibrarian() 2013-12-30 15:47:23 +00:00
holidays.pl Bug 10277 - Add C4::Context->IsSuperLibrarian() 2013-12-30 15:47:23 +00:00
import_borrowers.pl Bug 7785: (follow-up) standardize POD 2013-08-13 16:15:30 +00:00
inventory.pl Bug 7684: (follow-up) fix UTF-8 encoding problems in CSV export 2013-11-01 00:25:08 +00:00
koha-news.pl Bug 9108: Followup: send the dateformat value from C4::Auth 2013-01-17 21:59:30 -05:00
letter.pl Bug 10080 - Change system pref IndependantBranches to IndependentBranches 2013-05-22 07:58:23 -07:00
manage-marc-import.pl Bug 7131: teach MARC import how to overlay items 2013-10-30 04:31:07 +00:00
marc_modification_templates.pl Bug 8015: QA Followup 2 2013-10-31 22:50:48 +00:00
modborrowers.pl Bug 2720 - Overdues which debar automatically should undebar automatically when returned 2013-10-31 01:53:22 +00:00
newHolidays.pl
overduerules.pl
pdfViewer.pl
picture-upload.pl Bug 10636 - patronimage should have borrowernumber as PK, not cardnumber 2013-10-14 21:08:02 +00:00
quotes-upload.pl
quotes.pl
scheduler.pl Bug 9108: Followup: send the dateformat value from C4::Auth 2013-01-17 21:59:30 -05:00
stage-marc-import.pl Bug 8015: (follow-up) move from the Koha to the C4 namespace 2013-10-31 22:48:20 +00:00
tools-home.pl
upload-cover-image.pl Bug 9065 - set correct permission for upload local cover image 2013-01-13 08:32:18 -05:00
upload-file-progress.pl
upload-file.pl
viewlog.pl Bug 10636 - patronimage should have borrowernumber as PK, not cardnumber 2013-10-14 21:08:02 +00:00