From 50927bb9b530f7a9c092dfe99bd2dddc69202432 Mon Sep 17 00:00:00 2001 From: Katrin Fischer Date: Thu, 26 Jan 2023 21:46:51 +0000 Subject: [PATCH] Bug 26628: Fix access to clubs when user only has clubs permission If a user only has the clubs and no permission from the tools section, they can't access the patron clubs page by navigation. This patch extends the permission checks for tools to include the clubs, that live on the tools page, but have a top level permission. To test: - create a patron with only the catalogue and clubs permissions - log in to the staff client as that patron - navigate to a patron record, confirm you can see the Clubs tab in the patron account, can add patrons to and remove patrons from clubs - confirm you don't have a link to the Tools module either on the Koha homepage or in the More menu - enter the clubs URL manually (/cgi-bin/koha/clubs/clubs.pl), confirm you are allowed to open the page - Apply patch - The only changes should be: - You can now see the Tools entry in the More navigation menu - You can now see the Tools module link on the start page - Both take you to the tools page, only visible tools is 'Patron clubs' Signed-off-by: Andrew Fuerste-Henry Signed-off-by: Martin Renvoize Signed-off-by: Tomas Cohen Arazi --- koha-tmpl/intranet-tmpl/prog/en/includes/header.inc | 2 +- koha-tmpl/intranet-tmpl/prog/en/modules/intranet-main.tt | 2 +- tools/tools-home.pl | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc index 9925b7aba4..c22896aa38 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc @@ -55,7 +55,7 @@ [% IF ( CAN_user_suggestions_suggestions_manage ) %]
  • Suggestions
  • [% END %] - [% IF ( CAN_user_tools ) %] + [% IF ( CAN_user_tools || CAN_user_clubs ) %]
  • Tools
  • [% END %] [% IF ( Koha.Preference('EnablePointOfSale') && Koha.Preference('UseCashRegisters') && CAN_user_cash_management_takepayment ) %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/intranet-main.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/intranet-main.tt index 1b96d1a8a5..75f5cfc6de 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/intranet-main.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/intranet-main.tt @@ -156,7 +156,7 @@ [% END %] - [% IF ( CAN_user_tools ) %] + [% IF ( CAN_user_tools || CAN_user_clubs ) %]
  • Tools
  • diff --git a/tools/tools-home.pl b/tools/tools-home.pl index 842ae68874..8ae7953842 100755 --- a/tools/tools-home.pl +++ b/tools/tools-home.pl @@ -29,7 +29,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user( template_name => "tools/tools-home.tt", query => $query, type => "intranet", - flagsrequired => { tools => '*' }, + flagsrequired => [ tools => '*', clubs => '*' ], } ); -- 2.39.5