From 0f7ed0ebb4ff298f2a8f914918d029affe176ec1 Mon Sep 17 00:00:00 2001 From: Galen Charlton Date: Thu, 10 Apr 2008 11:37:46 -0500 Subject: [PATCH] granular permissions - update CGI script for permissions editor Signed-off-by: Joshua Ferraro --- members/member-flags.pl | 123 +++++++++++++++++++++++++++++++++------- 1 file changed, 104 insertions(+), 19 deletions(-) diff --git a/members/member-flags.pl b/members/member-flags.pl index e633c4a1c7..ac1ca5d567 100755 --- a/members/member-flags.pl +++ b/members/member-flags.pl @@ -8,7 +8,7 @@ use strict; use CGI; use C4::Output; -use C4::Auth; +use C4::Auth qw(:DEFAULT :EditPermissions); use C4::Context; use C4::Members; #use C4::Acquisitions; @@ -38,34 +38,119 @@ $member2{'borrowernumber'}=$member; if ($input->param('newflags')) { my $dbh=C4::Context->dbh(); - my $flags=0; - foreach ($input->param) { - if (/flag-(\d+)/) { - my $flag=$1; - $flags=$flags+2**$flag; - } + + my @perms = $input->param('flag'); + my %all_module_perms = (); + my %sub_perms = (); + foreach my $perm (@perms) { + if ($perm !~ /:/) { + $all_module_perms{$perm} = 1; + } else { + my ($module, $sub_perm) = split /:/, $perm, 2; + push @{ $sub_perms{$module} }, $sub_perm; + } + } + + # construct flags + my $module_flags = 0; + my $sth=$dbh->prepare("SELECT bit,flag FROM userflags ORDER BY bit"); + $sth->execute(); + while (my ($bit, $flag) = $sth->fetchrow_array) { + if (exists $all_module_perms{$flag}) { + $module_flags += 2**$bit; + } } - my $sth=$dbh->prepare("update borrowers set flags=? where borrowernumber=?"); - $sth->execute($flags, $member); + + $sth = $dbh->prepare("UPDATE borrowers SET flags=? WHERE borrowernumber=?"); + $sth->execute($module_flags, $member); + + if (C4::Context->preference('CheckSpecificUserPermissions')) { + # deal with subpermissions + $sth = $dbh->prepare("DELETE FROM user_permissions WHERE borrowernumber = ?"); + $sth->execute($member); + $sth = $dbh->prepare("INSERT INTO user_permissions (borrowernumber, module_bit, code) + SELECT ?, bit, ? + FROM userflags + WHERE flag = ?"); + foreach my $module (keys %sub_perms) { + next if exists $all_module_perms{$module}; + foreach my $sub_perm (@{ $sub_perms{$module} }) { + $sth->execute($member, $sub_perm, $module); + } + } + } + print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member"); } else { # my ($bor,$flags,$accessflags)=GetMemberDetails($member,''); my $flags = $bor->{'flags'}; my $accessflags = $bor->{'authflags'}; my $dbh=C4::Context->dbh(); - my $sth=$dbh->prepare("select bit,flag,flagdesc from userflags order by bit"); + my $all_perms = get_all_subpermissions(); + my $user_perms = get_user_subpermissions($bor->{'userid'}); + my $sth=$dbh->prepare("SELECT bit,flag,flagdesc FROM userflags ORDER BY bit"); $sth->execute; my @loop; while (my ($bit, $flag, $flagdesc) = $sth->fetchrow) { - my $checked=''; - if ($accessflags->{$flag}) { - $checked= 1; - } - my %row = ( bit => $bit, - flag => $flag, - checked => $checked, - flagdesc => $flagdesc ); - push @loop, \%row; + my $checked=''; + if ($accessflags->{$flag}) { + $checked= 1; + } + + my %row = ( bit => $bit, + flag => $flag, + checked => $checked, + flagdesc => $flagdesc ); + + if (C4::Context->preference('CheckSpecificUserPermissions')) { + my @sub_perm_loop = (); + my $expand_parent = 0; + if ($checked) { + if (exists $all_perms->{$flag}) { + $expand_parent = 1; + foreach my $sub_perm (sort keys %{ $all_perms->{$flag} }) { + push @sub_perm_loop, { + id => "${flag}_$sub_perm", + perm => "$flag:$sub_perm", + code => $sub_perm, + description => $all_perms->{$flag}->{$sub_perm}, + checked => 1 + }; + } + } + } else { + if (exists $user_perms->{$flag}) { + $expand_parent = 1; + # put selected ones first + foreach my $sub_perm (sort keys %{ $user_perms->{$flag} }) { + push @sub_perm_loop, { + id => "${flag}_$sub_perm", + perm => "$flag:$sub_perm", + code => $sub_perm, + description => $all_perms->{$flag}->{$sub_perm}, + checked => 1 + }; + } + } + # then ones not selected + if (exists $all_perms->{$flag}) { + foreach my $sub_perm (sort keys %{ $all_perms->{$flag} }) { + push @sub_perm_loop, { + id => "${flag}_$sub_perm", + perm => "$flag:$sub_perm", + code => $sub_perm, + description => $all_perms->{$flag}->{$sub_perm}, + checked => 0 + } unless exists $user_perms->{$flag} and exists $user_perms->{$flag}->{$sub_perm}; + } + } + } + $row{expand} = $expand_parent; + if ($#sub_perm_loop > -1) { + $row{sub_perm_loop} = \@sub_perm_loop; + } + } + push @loop, \%row; } my $borrowercategory = GetBorrowercategory( $bor->{'categorycode'} ); -- 2.39.5