From f56d6530bc7ea00db0d2b158a8b2667d5ba16a41 Mon Sep 17 00:00:00 2001 From: Mark Tompsett Date: Tue, 26 Jul 2016 09:50:52 -0400 Subject: [PATCH] Bug 16978: Add delete reports user permission This splits off the delete capability from the create reports permission. From a UI perspective there were CSS issues, that this patch set hackily bypasses. Perhaps someone else can amend this enhancement with the required changes so that the extra column at the beginning of the table can be removed when the user does not have delete capability. TEST PLAN --------- 1) back up db 2) apply patch 3) ./installer/data/mysql/updatedatabase.pl -- should run without issue. 4) in mysql: > drop database ... > create database ... -- totally blanks it for fresh web install 5) run web install -- installing should have no issues 6) go to a patron 7) set permissions 8) expand the reports permission -- should have delete reports now 9) click help and scroll down to 'Granular Reports Permissions' right at the bottom. -- there should be a new delete_reports section 10) Head over to guided reports and build a few reports. -- as system account user, delete stuff should all be visible. 11) Find a patron, set all permissions, except delete reports. 12) log out and then log in as the modified patron 13) Head over the save reports -- none of the delete options should be available to the user. 14) run koha qa test tools 15) restore db Followed test plan. Additionally tried to delete using params in URL (not possible, OK) Signed-off-by: Marc Signed-off-by: Jonathan Druart Signed-off-by: Kyle M Hall --- installer/data/mysql/atomicupdate/bug_16978.sql | 3 +++ installer/data/mysql/userpermissions.sql | 1 + .../intranet-tmpl/prog/en/includes/permissions.inc | 1 + .../intranet-tmpl/prog/en/includes/reports-toolbar.inc | 2 +- .../prog/en/modules/help/members/member-flags.tt | 6 ++++++ .../prog/en/modules/reports/guided_reports_start.tt | 10 ++++++++-- reports/guided_reports.pl | 8 ++++++-- 7 files changed, 26 insertions(+), 5 deletions(-) create mode 100644 installer/data/mysql/atomicupdate/bug_16978.sql diff --git a/installer/data/mysql/atomicupdate/bug_16978.sql b/installer/data/mysql/atomicupdate/bug_16978.sql new file mode 100644 index 0000000000..6d15c214e0 --- /dev/null +++ b/installer/data/mysql/atomicupdate/bug_16978.sql @@ -0,0 +1,3 @@ +INSERT IGNORE INTO `permissions` + (module_bit, code, description) VALUES + (16, 'delete_reports', 'Delete SQL reports'); diff --git a/installer/data/mysql/userpermissions.sql b/installer/data/mysql/userpermissions.sql index abeeb3a05c..26b4e5c1a5 100644 --- a/installer/data/mysql/userpermissions.sql +++ b/installer/data/mysql/userpermissions.sql @@ -68,6 +68,7 @@ INSERT INTO permissions (module_bit, code, description) VALUES (15, 'superserials', 'Manage subscriptions from any branch (only applies when IndependentBranches is used)'), (16, 'execute_reports', 'Execute SQL reports'), (16, 'create_reports', 'Create SQL reports'), + (16, 'delete_reports', 'Delete SQL reports'), (18, 'manage_courses', 'Add, edit and delete courses'), (18, 'add_reserves', 'Add course reserves'), (18, 'delete_reserves', 'Remove course reserves'), diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc index 6a80ba18d0..bcff76b663 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc @@ -90,6 +90,7 @@ [%- CASE 'renew_subscription' -%]Renew a subscription [%- CASE 'routing' -%]Routing [%- CASE 'superserials' -%]Manage subscriptions from any branch (only applies when IndependentBranches is used) + [%- CASE 'delete_reports' -%]Delete SQL reports [%- CASE 'create_reports' -%]Create SQL reports [%- CASE 'execute_reports' -%]Execute SQL reports [%- CASE 'add_reserves' -%]Add course reserves diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/reports-toolbar.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/reports-toolbar.inc index 25f848aa8a..232ddd3fb4 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/reports-toolbar.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/reports-toolbar.inc @@ -25,7 +25,7 @@ [% END %] - [% IF ( CAN_user_reports_create_reports ) %] + [% IF ( CAN_user_reports_delete_reports ) %]
Delete diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/help/members/member-flags.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/help/members/member-flags.tt index 974a2157a1..b116e9e8d3 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/help/members/member-flags.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/help/members/member-flags.tt @@ -499,6 +499,12 @@

If the staff member has 'reports' permissions they have the ability to perform all of these actions. If you would like to control reports permissions on a more granular level choose from these options:

diff --git a/reports/guided_reports.pl b/reports/guided_reports.pl index 3a122d21f9..a9963dbed6 100755 --- a/reports/guided_reports.pl +++ b/reports/guided_reports.pl @@ -53,12 +53,16 @@ my $usecache = Koha::Caches->get_instance->memcached_cache; my $phase = $input->param('phase') // ''; my $flagsrequired; -if ( $phase eq 'Build new' or $phase eq 'Delete Saved' ) { +if ( $phase eq 'Build new' ) { $flagsrequired = 'create_reports'; } elsif ( $phase eq 'Use saved' ) { $flagsrequired = 'execute_reports'; -} else { +} +elsif ( $phase eq 'Delete Saved' ) { + $flagsrequired = 'delete_reports'; +} +else { $flagsrequired = '*'; } -- 2.39.5