From 01091c80893caab0c5b3a99397be658e3a537ead Mon Sep 17 00:00:00 2001 From: Aleisha Amohia Date: Mon, 15 Aug 2022 17:31:57 +1200 Subject: [PATCH] Bug 15326: (follow-up) Fix staff permissions and consider library limits To test: 1. Take note of what your logged in library is 2. Add a new page that can be viewed on the OPAC and staff interface. Limit the library to a different library, not your logged in library 3. Use a News item to create a hyperlink to your new page on the OPAC and staff interface. 4. Confirm that a page error shows if you try to view the new page. 5. Edit the new page and set the library to All libraries. 6. Try to go to the new page again and confirm it shows. 7. Log out and log back into the staff interface as a staff user that isn't a superlibrarian 8. Confirm you can view the new page as this user Sponsored-by: Horowhenua Libraries Trust Signed-off-by: Owen Leonard Signed-off-by: Kyle M Hall Signed-off-by: Tomas Cohen Arazi --- opac/opac-page.pl | 7 ++++++- tools/page.pl | 5 +++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/opac/opac-page.pl b/opac/opac-page.pl index d58057e4ec..7a4737df87 100755 --- a/opac/opac-page.pl +++ b/opac/opac-page.pl @@ -36,8 +36,13 @@ my ( $template, $borrowernumber, $cookie ) = get_template_and_user( my $page_id = $query->param('page_id'); my $page; +my $homebranch = $ENV{OPAC_BRANCH_DEFAULT}; +if (C4::Context->userenv) { + $homebranch = C4::Context->userenv->{'branch'}; +} + if (defined $page_id){ - $page = Koha::AdditionalContents->search({ idnew => $page_id, location => ['opac_only', 'staff_and_opac'] }); + $page = Koha::AdditionalContents->search({ idnew => $page_id, location => ['opac_only', 'staff_and_opac'], branchcode => [ $homebranch, undef ] }); if ( $page->count > 0){ $template->param( page => $page->next ); } else { diff --git a/tools/page.pl b/tools/page.pl index 3933e1ea69..0cec1e7da3 100755 --- a/tools/page.pl +++ b/tools/page.pl @@ -28,7 +28,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user( template_name => "tools/page.tt", query => $query, type => "intranet", - flagsrequired => { tools => '*' }, + flagsrequired => { catalogue => 1 }, } ); @@ -36,7 +36,8 @@ my $page_id = $query->param('page_id'); my $page; if (defined $page_id){ - $page = Koha::AdditionalContents->search({ idnew => $page_id, location => ['staff_only', 'staff_and_opac'] }); + my $branch = C4::Context->userenv->{'branch'}; + $page = Koha::AdditionalContents->search({ idnew => $page_id, location => ['staff_only', 'staff_and_opac'], branchcode => [ $branch, undef ] }); if ( $page->count > 0){ $template->param( page => $page->next ); } else { -- 2.39.5