David Cook
e81e765d7d
The op "edit_form" doesn't change state. It just renders the edit
form. Therefore, it doesn't need a CSRF token/check.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit caf962fbaa
)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
75 lines
4.7 KiB
Text
75 lines
4.7 KiB
Text
[% USE raw %]
|
|
[% USE KohaDates %]
|
|
[% USE To %]
|
|
[% PROCESS 'i18n.inc' %]
|
|
{
|
|
"sEcho": [% sEcho | html %],
|
|
"iTotalRecords": [% iTotalRecords | html %],
|
|
"iTotalDisplayRecords": [% iTotalDisplayRecords | html %],
|
|
"aaData": [
|
|
[% FOREACH data IN aaData %]
|
|
{
|
|
"dt_public":
|
|
"[% data.public | html %]",
|
|
"dt_shelfname":
|
|
"<a href='/cgi-bin/koha/virtualshelves/shelves.pl?op=view&shelfnumber=[% data.shelfnumber | html %]'>[% data.shelfname | html | $To %]</a>",
|
|
"dt_count":
|
|
"[% tnx('{count} item', '{count} items', count, { count = data.count }) | $raw %]",
|
|
"dt_is_shared":
|
|
"[% IF data.public %]<span>Public</span>[% ELSIF data.is_shared %]<span>Shared</span>[% ELSE %]<span>Private</span>[% END %]",
|
|
"dt_owner":
|
|
"<a href='/cgi-bin/koha/members/moremember.pl?borrowernumber=[% data.owner | html %]'>[% data.firstname | html | $To %] [% data.surname | html | $To %]</a>",
|
|
"dt_sortby":
|
|
[% IF data.sortby == "author" %]"<span>Author</span>"[% ELSIF data.sortby == "copyrightdate" %]"<span>Year</span>"[% ELSIF data.sortby == "itemcallnumber" %]"<span>Call number</span>"[% ELSIF data.sortby == "dateadded" %]"<span>Date added</span>"[% ELSE %]"<span>Title</span>"[% END %],
|
|
"dt_created_on":
|
|
"[% data.created_on | $KohaDates %]",
|
|
"dt_modification_time":
|
|
"[% data.modification_time | $KohaDates %]",
|
|
"dt_action":
|
|
"[% PROCESS action_form shelfnumber=data.shelfnumber can_manage_shelf=data.can_manage_shelf can_delete_shelf=data.can_delete_shelf type=data.type %]"
|
|
}[% UNLESS loop.last %],[% END %]
|
|
[% END %]
|
|
]
|
|
}
|
|
|
|
[% BLOCK action_form -%]
|
|
[%~ SET action_block = '' ~%]
|
|
[%~ IF can_manage_shelf OR can_delete_shelf ~%]
|
|
[%~ shelfnumber = shelfnumber | html ~%]
|
|
[%~ public = public | html ~%]
|
|
[%~ IF can_manage_shelf ~%]
|
|
[%~ action_block = '<form action="shelves.pl" method="get">' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="shelfnumber" value="' _ shelfnumber _ '" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="op" value="edit_form" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="public" value="' _ public _ '" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="referer" value="list" />' ~%]
|
|
[%~ action_block = action_block _ '<button class="editshelf btn btn-default btn-xs"><i class="fa fa-pencil"></i> Edit</button>' ~%]
|
|
[%~ action_block = action_block _ '</form> ' ~%]
|
|
[%~ END ~%]
|
|
[%~ IF can_delete_shelf ~%]
|
|
[%~ action_block = action_block _ ' <form action="shelves.pl" method="post">' ~%]
|
|
[%~ action_block = BLOCK ~%][%~ action_block | $raw ~%][%~ INCLUDE 'csrf-token.inc' | trim ~%][%~ END ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="shelves" value="1" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="op" value="delete" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="shelfnumber" value="' _ shelfnumber _ '" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="public" value="' _ public _ '" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="referer" value="list" />' ~%]
|
|
[%~ action_block = action_block _ '<button type="submit" class="deleteshelf btn btn-default btn-xs"><i class="fa fa-trash"></i> Delete</button>' ~%]
|
|
[%~ action_block = action_block _ '</form>' ~%]
|
|
[%~ END ~%]
|
|
[%~ IF public AND allow_transfer ~%]
|
|
[%~ action_block = action_block _ ' <form action="shelves.pl" method="post">' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="shelves" value="1" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="op" value="transfer" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="shelfnumber" value="' _ shelfnumber _ '" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="public" value="1" />' ~%]
|
|
[%~ action_block = action_block _ '<input type="hidden" name="referer" value="list" />' ~%]
|
|
[%~ action_block = action_block _ '<button type="submit" class="btn btn-default btn-xs"><i class="fa"></i> Transfer</button>' ~%]
|
|
[%~ action_block = action_block _ '</form>' ~%]
|
|
[%~ END ~%]
|
|
[%~ ELSE ~%]
|
|
[%~ SET action_block = 'None' ~%]
|
|
[%~ END ~%]
|
|
[%~ To.json(action_block) | $raw ~%]
|
|
|
|
[%~ END ~%]
|