Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/opac/opac-privacy.pl
Owen Leonard e472456073 Bug 12703 - OPAC privacy page still accessible when the feature is turned off 
If the OPACPrivacy system preference is turned off it is still possible
to navigate directly to the OPAC privacy page if you know the URL. This
patch adapts the fix for Bug 10595 (OpacTopissue page still
accessible when system preference is turned off) for opac-privacy.pl

Because the OPACPrivacy preference is irrelevant if opacreadinghistory
is not turned on, the patch adds a check for both to determine whether
the page should be accessible.

Log in to the OPAC and test under the following conditions:

 - OPACPrivacy is turned off, opacreadinghistory is turned off. Navigate
   directly to /cgi-bin/koha/opac-privacy.pl. You should get a 404
   error.

 - OPACPrivacy is turned off, opacreadinghistory is turned on. Navigate
   directly to /cgi-bin/koha/opac-privacy.pl. You should get a 404
   error.

 - OPACPrivacy is turned on, opacreadinghistory is turned off. Navigate
   directly to /cgi-bin/koha/opac-privacy.pl. You should get a 404
   error.

 - OPACPrivacy is turned on, opacreadinghistory is turned on. A link to
   both "your reading history" and "your privacy" should appear in the
   left-hand sidebar menu. Both pages should work.

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described, passes tests and qa script.

Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2014-11-19 21:39:09 -03:00

80 lines
2.5 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl
# This script lets the users change their privacy rules
#
# copyright 2009, BibLibre, paul.poulain@biblibre.com
#
# Koha is free software; you can redistribute it and/or modify it under the
# terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with Koha; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
use strict;
use CGI;
use C4::Auth; # checkauth, getborrowernumber.
use C4::Context;
use C4::Circulation;
use C4::Members;
use C4::Output;
use C4::Dates;
my $query = new CGI;
# if OPACPrivacy is disabled, leave immediately
if ( ! C4::Context->preference('OPACPrivacy') || ! C4::Context->preference('opacreadinghistory') ) {
print $query->redirect("/cgi-bin/koha/errors/404.pl");
exit;
}
my $dbh = C4::Context->dbh;
my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
{
template_name => "opac-privacy.tt",
query => $query,
type => "opac",
authnotrequired => 0,
flagsrequired => { borrow => 1 },
debug => 1,
}
);
my $op = $query->param("op");
my $privacy = $query->param("privacy");
if ($op eq "update_privacy")
{
ModPrivacy($borrowernumber,$privacy);
$template->param('privacy_updated' => 1);
}
if ($op eq "delete_record") {
# delete all reading records for items returned
# uses a hardcoded date ridiculously far in the future
my ($rows,$err_history_not_deleted) = AnonymiseIssueHistory('2999-12-12',$borrowernumber);
# confirm the user the deletion has been done
if ( !$err_history_not_deleted ) {
$template->param( 'deleted' => 1 );
}
else {
$template->param( 'err_history_not_deleted' => 1 );
}
}
# get borrower privacy ....
my ( $borr ) = GetMemberDetails( $borrowernumber );
$template->param( 'Ask_data' => '1',
'privacy'.$borr->{'privacy'} => 1,
'firstname' => $borr->{'firstname'},
'surname' => $borr->{'surname'},
'privacyview' => 1,
);
output_html_with_http_headers $query, $cookie, $template->output;
View git blame Copy permalink