From c304eabc195a946d539b9131cb26694f0f3f68bb Mon Sep 17 00:00:00 2001 From: Pedro Amorim Date: Thu, 19 Oct 2023 10:21:04 +0000 Subject: [PATCH] Bug 35106: Validate entered borrowernumber and biblio_id Following up from the test plan of the previous patch: 1) Edit the request again, input gibberish in the Patron ID e.g. 'asdasd' 2) Hit 'Submit' 3) Notice you get a 'The Patron ID you entered is invalid.' message. 4) Edit again, try to empty the input on the Patron ID, hit 'Submit'. 5) Notice it saves the patron as null, as expected Repeat the test plan, but now for the Bibliographic record ID, notice the message 'The Bibliographic record ID you entered is invalid.' is shown if a no biblio was found. Signed-off-by: David Nind squash this Signed-off-by: Pedro Amorim Signed-off-by: Tomas Cohen Arazi Signed-off-by: Katrin Fischer --- ill/ill-requests.pl | 64 ++++++++++++------- .../prog/en/modules/ill/ill-requests.tt | 9 ++- 2 files changed, 48 insertions(+), 25 deletions(-) diff --git a/ill/ill-requests.pl b/ill/ill-requests.pl index fa514eb369..89bf5b16d1 100755 --- a/ill/ill-requests.pl +++ b/ill/ill-requests.pl @@ -241,30 +241,46 @@ if ( $backends_available ) { batches => $batches ); } else { - # Commit: - # Save the changes - $request->borrowernumber($params->{borrowernumber}); - $request->biblio_id($params->{biblio_id}); - $request->batch_id($params->{batch_id}); - $request->branchcode($params->{branchcode}); - $request->price_paid($params->{price_paid}); - $request->notesopac($params->{notesopac}); - $request->notesstaff($params->{notesstaff}); - my $alias = (length $params->{status_alias} > 0) ? - $params->{status_alias} : - "-1"; - $request->status_alias($alias); - $request->store; - my $backend_result = { - error => 0, - status => '', - message => '', - op => 'edit_action', - stage => 'commit', - next => 'illlist', - value => {} - }; - handle_commit_maybe($backend_result, $request); + my $valid_patron = Koha::Patrons->find( $params->{borrowernumber} ); + my $valid_biblio = Koha::Biblios->find( $params->{biblio_id} ); + + if ( $params->{borrowernumber} && !$valid_patron || $params->{biblio_id} && !$valid_biblio ){ + my $error_result = { + error => 1, + status => $params->{borrowernumber} && !$valid_patron ? 'invalid_patron' : 'invalid_biblio', + op => 'edit_action', + stage => 'init', + next => 'illview', + }; + $template->param( + whole => $error_result, + request => $request, + ); + }else{ + $request->borrowernumber( $params->{borrowernumber} ); + $request->biblio_id( $params->{biblio_id} ); + $request->batch_id( $params->{batch_id} ); + $request->branchcode( $params->{branchcode} ); + $request->price_paid( $params->{price_paid} ); + $request->notesopac( $params->{notesopac} ); + $request->notesstaff( $params->{notesstaff} ); + my $alias = + ( length $params->{status_alias} > 0 ) + ? $params->{status_alias} + : "-1"; + $request->status_alias($alias); + $request->store; + my $backend_result = { + error => 0, + status => '', + message => '', + op => 'edit_action', + stage => 'commit', + next => 'illlist', + value => {} + }; + handle_commit_maybe( $backend_result, $request ); + } } } elsif ( $op eq 'moderate_action' ) { diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/ill/ill-requests.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/ill/ill-requests.tt index 0c5babe9ae..49ee2e8267 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/ill/ill-requests.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/ill/ill-requests.tt @@ -136,7 +136,14 @@

We encountered an error:

- 

[% whole.message | html %] ([% whole.status | html %])
+ [% SWITCH whole.status %] + [% CASE 'invalid_patron' %] + 
The patron ID you entered is invalid.
+ [% CASE 'invalid_biblio' %] + 
The bibliographic record ID you entered is invalid.
+ [% CASE %] + 
[% whole.message | html %] ([% whole.status | html %])
+ [% END %]

[% END %] -- 2.39.5