3 # This code has been modified by Trendsetters (originally from opac-user.pl)
4 # This code has been modified by rch
5 # Parts Copyright 2010-2011, ByWater Solutions (those related to username/password auth)
7 # This file is part of Koha.
9 # Koha is free software; you can redistribute it and/or modify it
10 # under the terms of the GNU General Public License as published by
11 # the Free Software Foundation; either version 3 of the License, or
12 # (at your option) any later version.
14 # Koha is distributed in the hope that it will be useful, but
15 # WITHOUT ANY WARRANTY; without even the implied warranty of
16 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 # GNU General Public License for more details.
19 # You should have received a copy of the GNU General Public License
20 # along with Koha; if not, see <http://www.gnu.org/licenses>.
22 # We're going to authenticate a self-check user. we'll add a flag to borrowers 'selfcheck'
24 # We're not in a controlled environment; we never trust the user.
26 # The checkout permission comes form the CGI cookie/session of a staff user.
27 # The patron is not really logging in here in the same way as they do on the
28 # rest of the OPAC. So don't confuse loggedinuser with the patron user.
29 # The patron id/cardnumber is retrieved from the JWT
35 use C4::Auth qw( in_iprange get_template_and_user checkpw );
36 use C4::Circulation qw( barcodedecode AddReturn CanBookBeIssued AddIssue CanBookBeRenewed AddRenewal );
38 use C4::Output qw( output_html_with_http_headers );
40 use Koha::DateUtils qw( dt_from_string );
41 use Koha::Acquisition::Currencies;
44 use Koha::Patron::Images;
45 use Koha::Patron::Messages;
51 unless (C4::Context->preference('WebBasedSelfCheck')) {
52 # redirect to OPAC home if self-check is not enabled
53 print $query->redirect("/cgi-bin/koha/opac-main.pl");
57 unless ( in_iprange(C4::Context->preference('SelfCheckAllowByIPRanges')) ) {
58 # redirect to OPAC home if self-checkout not permitted from current IP
59 print $query->redirect("/cgi-bin/koha/opac-main.pl");
63 if (C4::Context->preference('AutoSelfCheckAllowed'))
65 my $AutoSelfCheckID = C4::Context->preference('AutoSelfCheckID');
66 my $AutoSelfCheckPass = C4::Context->preference('AutoSelfCheckPass');
67 $query->param(-name=>'userid',-values=>[$AutoSelfCheckID]);
68 $query->param(-name=>'password',-values=>[$AutoSelfCheckPass]);
69 $query->param(-name=>'koha_login_context',-values=>['sco']);
71 $query->param(-name=>'sco_user_login',-values=>[1]);
73 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
75 template_name => "sco/sco-main.tt",
76 flagsrequired => { self_check => "self_checkout_module" },
82 # Get the self checkout timeout preference, or use 120 seconds as a default
83 my $selfchecktimeout = 120000;
84 if (C4::Context->preference('SelfCheckTimeout')) {
85 $selfchecktimeout = C4::Context->preference('SelfCheckTimeout') * 1000;
87 $template->param( SelfCheckTimeout => $selfchecktimeout );
89 # Checks policy laid out by SCOAllowCheckin, defaults to 'on' if preference is undefined
90 my $allowselfcheckreturns = 1;
91 if (defined C4::Context->preference('SCOAllowCheckin')) {
92 $allowselfcheckreturns = C4::Context->preference('SCOAllowCheckin');
95 my $issuerid = $loggedinuser;
96 my ($op, $patronlogin, $patronpw, $barcode, $confirmed, $newissues) = (
97 $query->param("op") || '',
98 $query->param("patronlogin")|| '',
99 $query->param("patronpw") || '',
100 $query->param("barcode") || '',
101 $query->param("confirmed") || '',
102 $query->param("newissues") || '',
105 my $jwt = $query->cookie('JWT');
106 if ($op eq "logout") {
107 $template->param( loggedout => 1 );
108 $query->param( patronlogin => undef, patronpw => undef );
112 $barcode = barcodedecode( $barcode ) if $barcode;
114 my @newissueslist = split /,/, $newissues;
115 my $issuenoconfirm = 1; #don't need to confirm on issue.
116 my $issuer = Koha::Patrons->find( $issuerid )->unblessed;
118 my $patronid = $jwt ? Koha::Token->new->decode_jwt({ token => $jwt }) : undef;
119 unless ( $patronid ) {
120 if ( C4::Context->preference('SelfCheckoutByLogin') ) {
121 my $dbh = C4::Context->dbh;
122 ( undef, $patronid ) = checkpw( $dbh, $patronlogin, $patronpw );
124 else { # People should not do that unless they know what they are doing!
125 # SelfCheckAllowByIPRanges MUST be configured
126 $patronid = $query->param('patronid');
128 $jwt = Koha::Token->new->generate_jwt({ id => $patronid }) if $patronid;
133 Koha::Plugins->call( 'patron_barcode_transform', \$patronid );
134 $patron = Koha::Patrons->find( { cardnumber => $patronid } );
137 my $branch = $issuer->{branchcode};
138 my $confirm_required = 0;
141 if ( $patron && $op eq "returnbook" && $allowselfcheckreturns ) {
145 my $item = Koha::Items->find( { barcode => $barcode } );
146 if ( $success && C4::Context->preference("CircConfirmItemParts") ) {
148 && $item->materials )
155 # Patron cannot checkin an item they don't own
157 unless $patron->checkouts->find( { itemnumber => $item->itemnumber } );
161 ($success) = AddReturn( $barcode, $branch )
164 $template->param( returned => $success );
166 elsif ( $patron && ( $op eq 'checkout' ) ) {
168 my $item = Koha::Items->find( { barcode => $barcode } );
170 my $needconfirm = {};
171 ( $impossible, $needconfirm ) = CanBookBeIssued(
176 C4::Context->preference("AllowItemsOnHoldCheckoutSCO")
179 if ( $confirm_required = scalar keys %$needconfirm ) {
180 for my $error ( qw( UNKNOWN_BARCODE max_loans_allowed ISSUED_TO_ANOTHER NO_MORE_RENEWALS NOT_FOR_LOAN DEBT WTHDRAWN RESTRICTED RESERVED ITEMNOTSAMEBRANCH EXPIRED DEBARRED CARD_LOST GNA INVALID_DATE UNKNOWN_BARCODE TOO_MANY DEBT_GUARANTEES DEBT_GUARANTORS USERBLOCKEDOVERDUE PATRON_CANT PREVISSUE NOT_FOR_LOAN_FORCING ITEM_LOST ADDITIONAL_MATERIALS ) ) {
181 if ( $needconfirm->{$error} ) {
182 $issue_error = $error;
189 if (scalar keys %$impossible) {
191 my $issue_error = (keys %$impossible)[0]; # FIXME This is wrong, we assume only one error and keys are not ordered
192 my $title = ( $item ) ? $item->biblio->title : '';
195 impossible => $issue_error,
196 "circ_error_$issue_error" => 1,
200 if ($issue_error eq 'DEBT') {
201 $template->param(DEBT => $impossible->{DEBT});
203 if ( $issue_error eq "NO_MORE_RENEWALS" ) {
210 } elsif ( $needconfirm->{RENEW_ISSUE} ){
215 confirm_renew_issue => 1,
218 } elsif ( $confirm_required && !$confirmed ) {
221 "circ_error_$issue_error" => 1,
224 if ($issue_error eq 'DEBT') {
225 $template->param(DEBT => $needconfirm->{DEBT});
228 if ( $confirmed || $issuenoconfirm ) { # we'll want to call getpatroninfo again to get updated issues.
229 my ( $hold_existed, $item );
230 if ( C4::Context->preference('HoldFeeMode') eq 'any_time_is_collected' ) {
231 # There is no easy way to know if the patron has been charged for this item.
232 # So we check if a hold existed for this item before the check in
233 $item = Koha::Items->find({ barcode => $barcode });
234 $hold_existed = Koha::Holds->search(
237 borrowernumber => $patron->borrowernumber,
239 biblionumber => $item->biblionumber,
240 itemnumber => $item->itemnumber
247 AddIssue( $patron->unblessed, $barcode );
248 $template->param( issued => 1 );
249 push @newissueslist, $barcode;
251 if ( $hold_existed ) {
252 my $dtf = Koha::Database->new->schema->storage->datetime_parser;
254 # If the hold existed before the check in, let's confirm that the charge line exists
255 # Note that this should not be needed but since we do not have proper exception handling here we do it this way
256 patron_has_hold_fee => Koha::Account::Lines->search(
258 borrowernumber => $patron->borrowernumber,
259 debit_type_code => 'RESERVE',
260 description => $item->biblio->title,
261 date => $dtf->format_date(dt_from_string)
267 $confirm_required = 1;
269 confirm => "Issuing title: " . $item->biblio->title,
277 if ( $patron && ( $op eq 'renew' ) ) {
278 my $item = Koha::Items->find({ barcode => $barcode });
280 if ( $patron->checkouts->find( { itemnumber => $item->itemnumber } ) ) {
281 my ($status,$renewerror) = CanBookBeRenewed( $patron->borrowernumber, $item->itemnumber );
283 AddRenewal( $patron->borrowernumber, $item->itemnumber, undef, undef, undef, undef, 1 );
284 push @newissueslist, $barcode;
285 $template->param( renewed => 1 );
288 $template->param( renewed => 0 );
293 my $borrowername = sprintf "%s %s", ($patron->firstname || ''), ($patron->surname || '');
294 my $pending_checkouts = $patron->pending_checkouts;
296 while ( my $c = $pending_checkouts->next ) {
297 my $checkout = $c->unblessed_all_relateds;
298 my ($can_be_renewed, $renew_error) = CanBookBeRenewed(
299 $patron->borrowernumber,
300 $checkout->{itemnumber},
302 $checkout->{can_be_renewed} = $can_be_renewed; # In the future this will be $checkout->can_be_renewed
303 $checkout->{renew_error} = $renew_error;
304 $checkout->{overdue} = $c->is_overdue;
305 push @checkouts, $checkout;
309 for ( C4::Context->preference("OPACShowHoldQueueDetails") ) {
310 m/priority/ and $show_priority = 1;
313 my $account = $patron->account;
314 my $total = $account->balance;
315 my $accountlines = $account->lines;
317 my $holds = $patron->holds;
318 my $waiting_holds_count = 0;
320 while(my $hold = $holds->next) {
321 $waiting_holds_count++ if $hold->is_waiting;
326 borrowername => $borrowername,
327 issues_count => scalar(@checkouts),
328 ISSUES => \@checkouts,
330 newissues => join(',',@newissueslist),
331 patronlogin => $patronlogin,
332 patronpw => $patronpw,
333 waiting_holds_count => $waiting_holds_count,
335 borrowernumber => $patron->borrowernumber,
336 SuspendHoldsOpac => C4::Context->preference('SuspendHoldsOpac'),
337 AutoResumeSuspendedHolds => C4::Context->preference('AutoResumeSuspendedHolds'),
338 howpriority => $show_priority,
339 ACCOUNT_LINES => $accountlines,
343 my $patron_messages = Koha::Patron::Messages->search(
345 borrowernumber => $patron->borrowernumber,
350 patron_messages => $patron_messages,
351 opacnote => $patron->opacnote,
358 if (C4::Context->preference('ShowPatronImageInWebBasedSelfCheck')) {
359 my $patron_image = $patron->image;
361 display_patron_image => 1,
362 csrf_token => Koha::Token->new->generate_csrf( { session_id => scalar $query->cookie('CGISESSID') . $patron->cardnumber, id => $patron->userid } ),
371 $cookie = $query->cookie(
373 -value => $jwt // '',
374 -expires => $jwt ? '+1d' : '',
376 -secure => ( C4::Context->https_enabled() ? 1 : 0 ),
379 $template->param(patronid => $patronid);
381 output_html_with_http_headers $query, $cookie, $template->output, undef, { force_no_caching => 1 };