From e142e85d65f91a58a7aefbab3560d59f92134c2f Mon Sep 17 00:00:00 2001 From: Owen Leonard Date: Thu, 24 Jan 2019 13:47:26 +0000 Subject: [PATCH] Bug 22198: Add granular permission setting for Mana KB This patch adds a separate permission for managing Mana KB. To test, apply the patch and update the database. - Open the permissions page for a patron with staff client privileges - Confirm that there is a "Manage Mana KB content sharing (manage_mana)" permission. - Leaving this new permission unchecked, log into the staff client with as that patron and go to the Administration home page. - The "Using Mana-KB" link should not appear. - Navigate directly to /cgi-bin/koha/admin/share_content.pl. You should get a "permission denied" message. - Modify the patron's permissions to grant them access to Mana KB. - Confirm that the link now appears on the Administration home page and that the user can access the page. Signed-off-by: Maryse Simard Signed-off-by: Katrin Fischer Signed-off-by: Nick Clemens --- admin/share_content.pl | 2 +- .../bug_22198-mana_manage_permission.sql | 1 + installer/data/mysql/userpermissions.sql | 1 + .../prog/en/includes/permissions.inc | 1 + .../prog/en/modules/admin/admin-home.tt | 34 ++++++++++--------- 5 files changed, 22 insertions(+), 17 deletions(-) create mode 100644 installer/data/mysql/atomicupdate/bug_22198-mana_manage_permission.sql diff --git a/admin/share_content.pl b/admin/share_content.pl index d900b3e6d6..475771aad8 100755 --- a/admin/share_content.pl +++ b/admin/share_content.pl @@ -33,7 +33,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user( query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => { parameters => '*' }, + flagsrequired => { parameters => 'manage_mana' }, debug => 1, } ); diff --git a/installer/data/mysql/atomicupdate/bug_22198-mana_manage_permission.sql b/installer/data/mysql/atomicupdate/bug_22198-mana_manage_permission.sql new file mode 100644 index 0000000000..b8d15bc38e --- /dev/null +++ b/installer/data/mysql/atomicupdate/bug_22198-mana_manage_permission.sql @@ -0,0 +1 @@ +INSERT IGNORE INTO permissions (module_bit, code, description) VALUES ( 3, 'manage_mana', 'Manage Mana KB content sharing'); diff --git a/installer/data/mysql/userpermissions.sql b/installer/data/mysql/userpermissions.sql index ba1061e91c..16b003ebd5 100644 --- a/installer/data/mysql/userpermissions.sql +++ b/installer/data/mysql/userpermissions.sql @@ -30,6 +30,7 @@ INSERT INTO permissions (module_bit, code, description) VALUES ( 3, 'manage_sms_providers', 'Manage SMS cellular providers'), ( 3, 'manage_audio_alerts', 'Manage audio alerts'), ( 3, 'manage_usage_stats', 'Manage usage statistics settings'), + ( 3, 'manage_mana', 'Manage Mana KB content sharing'), ( 4, 'edit_borrowers', 'Add, modify and view patron information'), ( 4, 'view_borrower_infos_from_any_libraries', 'View patron infos from any libraries'), ( 6, 'place_holds', 'Place holds for patrons'), diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc index 6099d6fd6e..de767b6b53 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc @@ -59,6 +59,7 @@ [%- CASE 'manage_audio_alerts' -%]Manage audio alerts [%- CASE 'manage_sms_providers' -%]Manage SMS cellular providers [%- CASE 'manage_usage_stats' -%]Manage usage statistics settings + [%- CASE 'manage_mana' -%]Manage Mana KB content sharing [%- CASE 'edit_borrowers' -%]Add, modify and view patron information [%- CASE 'view_borrower_infos_from_any_libraries' -%]View patron infos from any libraries. If not set the logged in user could only access patron infos from its own library or group of libraries. [%- CASE 'modify_holds_priority' -%]Modify holds priority diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/admin-home.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/admin-home.tt index 0fd1116a03..33312ed089 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/admin-home.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/admin-home.tt @@ -13,20 +13,22 @@
- [% IF ( Koha.Preference('Mana') == 1) && !mana_url %] -
-

The Mana Knowledge Base feature is enabled but not configured.

-

This feature allows you to retrieve and share data (subscription patterns and reports) with other Koha libaries.

-

- Ask your system administrator to configure this feature, or remove this note by disabling the 'Mana' system preference. -

-
- [% END %] - [% IF ( Koha.Preference('Mana') == 2 ) %] -
-

Share content with Mana KB?

-

You haven't decided if you want to activate Mana Knowledge Base. Change your Mana KB settings.

-
+ [% IF ( CAN_user_parameters_manage_mana ) %] + [% IF ( Koha.Preference('Mana') == 1) && !mana_url %] +
+

The Mana Knowledge Base feature is enabled but not configured.

+

This feature allows you to retrieve and share data (subscription patterns and reports) with other Koha libaries.

+

+ Ask your system administrator to configure this feature, or remove this note by disabling the 'Mana' system preference. +

+
+ [% END %] + [% IF ( Koha.Preference('Mana') == 2 ) %] +
+

Share content with Mana KB?

+

You haven't decided if you want to activate Mana Knowledge Base. Change your Mana KB settings.

+
+ [% END %] [% END %]

Koha administration

@@ -172,7 +174,7 @@ [% END %] - [% IF ( ( CAN_user_parameters_manage_search_targets || CAN_user_parameters_manage_didyoumean || CAN_user_parameters_manage_column_config || CAN_user_parameters_manage_audio_alerts || CAN_user_parameters_manage_sms_providers && Koha.Preference('SMSSendDriver') == 'Email' ) || CAN_user_parameters_manage_usage_stats ) %] + [% IF ( ( CAN_user_parameters_manage_search_targets || CAN_user_parameters_manage_didyoumean || CAN_user_parameters_manage_column_config || CAN_user_parameters_manage_audio_alerts || CAN_user_parameters_manage_sms_providers && Koha.Preference('SMSSendDriver') == 'Email' ) || CAN_user_parameters_manage_usage_stats || CAN_user_parameters_manage_mana ) %]

Additional parameters