From 9966d218ae1705b272841c721bf4355437ba5a44 Mon Sep 17 00:00:00 2001
From: Robin Sheat <robin@catalyst.net.nz>
Date: Wed, 31 Aug 2011 15:22:38 +1200
Subject: [PATCH] Bug 6824 - correctly check basket viewing permissions

Previously you couldn't view baskets that you hadn't created, unless you
were superlibrarian due to a bug. Now people with the right permissions
can see the baskets.

Applies to both 3.04.04 and master.

Signed-off-by: Brendan <info@bywatersolutions.com>
Signed-off-by: Melia Meggs <melia@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
---
 acqui/basket.pl      | 2 +-
 acqui/booksellers.pl | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/acqui/basket.pl b/acqui/basket.pl
index dfc9447212..70fb39cf7d 100755
--- a/acqui/basket.pl
+++ b/acqui/basket.pl
@@ -197,7 +197,7 @@ if ( $op eq 'delete_confirm' ) {
 #if the basket is closed,and the user has the permission to edit basketgroups, display a list of basketgroups
     my $basketgroups;
     my $member = GetMember(borrowernumber => $loggedinuser);
-    if ($basket->{closedate} && haspermission({ flagsrequired   => { acquisition => 'group_manage'} })) {
+    if ($basket->{closedate} && haspermission({ acquisition => 'group_manage'} )) {
         $basketgroups = GetBasketgroups($basket->{booksellerid});
         for my $bg ( @{$basketgroups} ) {
             if ($basket->{basketgroupid} && $basket->{basketgroupid} == $bg->{id}){
diff --git a/acqui/booksellers.pl b/acqui/booksellers.pl
index cc5c084508..fb6b2f1707 100755
--- a/acqui/booksellers.pl
+++ b/acqui/booksellers.pl
@@ -106,7 +106,7 @@ for my $vendor (@suppliers) {
         if ((      $basket->{authorisedby}
                 && $basket->{authorisedby} eq $loggedinuser
             )
-            || haspermission( $uid, { flagsrequired => { acquisition => q{*} } } )
+            || haspermission( $uid, { acquisition => q{*} } )
           ) {
             for my $date_field (qw( creationdate closedate)) {
                 if ( $basket->{$date_field} ) {
-- 
2.39.2