From d237cf9746422f690128be2ab8ac62a77fa1cd9a Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Fri, 17 May 2019 07:36:17 +0000 Subject: [PATCH] Bug 22929: Allow SCI/SCO logins independent of GDPR_Policy This patch makes Auth skip the GDPR policy check when get_template_and_user is called for sci/sco (self checkin, checkout). I do not really like the change in this form but the nature of self checkin and checkout kind of dictate it (double hack). I wanted to add a test but since that asks for mocking CGI, checkauth, etc. the time needed for that is just too much for this simple change. Test plan: Enable GDPR_Policy and self checkin/checkout. Verify that using patrons without consent is not blocking sci/sco. Signed-off-by: Marcel de Rooy Signed-off-by: Kyle M Hall Signed-off-by: Tomas Cohen Arazi Signed-off-by: Martin Renvoize (cherry picked from commit 3640130d1fbc49ddc2cc4baef53a4c4d7fea76bf) Signed-off-by: Fridolin Somers (cherry picked from commit a1927fdf46c015fb1382aaa7bf63768088a7e19c) Signed-off-by: Lucas Gass --- C4/Auth.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index 85c7144f26..485f7ffab9 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -169,8 +169,9 @@ sub get_template_and_user { } # If we enforce GDPR and the user did not consent, redirect + # Exceptions for consent page itself and SCI/SCO system if( $in->{type} eq 'opac' && $user && - $in->{'template_name'} !~ /opac-patron-consent/ && + $in->{'template_name'} !~ /^(opac-patron-consent|sc[io]\/)/ && C4::Context->preference('GDPR_Policy') eq 'Enforced' ) { my $consent = Koha::Patron::Consents->search({ -- 2.39.5