From d6e8e88249914531d8b01f35200de6a8a4692b89 Mon Sep 17 00:00:00 2001 From: Tomas Cohen Arazi Date: Wed, 27 Dec 2017 12:29:29 -0300 Subject: [PATCH] Bug 15492: Make existing code aware of new self_check* permissions This patch makes the existing code for SCO use the new permissions schema for self check modules. Specifically addresses this change: circulate => self_checkout becomes slef_check => self_checkout_module about.pl checks are dejusted too. get_template_and_user gets refactored to avoid code duplication and the conditions are adjusted for the new permissions. Signed-off-by: Tomas Cohen Arazi Signed-off-by: Josef Moravec Signed-off-by: Jonathan Druart --- C4/Auth.pm | 68 ++++++++++--------- about.pl | 4 +- .../intranet-tmpl/prog/en/modules/about.tt | 4 +- opac/sci/sci-main.pl | 6 +- opac/sco/help.pl | 18 ++--- opac/sco/sco-main.pl | 19 +++--- opac/sco/sco-patron-image.pl | 2 +- 7 files changed, 66 insertions(+), 55 deletions(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index 3a24f29cae..e887bc0384 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -179,40 +179,40 @@ sub get_template_and_user { ); } + if ( $in->{type} eq 'opac' ) { + my $kick_out; - # If the user logged in is the SCO user and they try to go out of the SCO module, log the user out removing the CGISESSID cookie - if ( $in->{type} eq 'opac' and $in->{template_name} !~ m|sco/| ) { - if ( $user && C4::Context->preference('AutoSelfCheckID') && $user eq C4::Context->preference('AutoSelfCheckID') ) { - $template = C4::Templates::gettemplate( 'opac-auth.tt', 'opac', $in->{query} ); - my $cookie = $in->{query}->cookie( - -name => 'CGISESSID', - -value => '', - -expires => '', - -HttpOnly => 1, - ); - - $template->param( - loginprompt => 1, - script_name => get_script_name(), - ); - print $in->{query}->header( - { type => 'text/html', - charset => 'utf-8', - cookie => $cookie, - 'X-Frame-Options' => 'SAMEORIGIN' - } - ), - $template->output; - safe_exit; + if ( +# If the user logged in is the SCO user and they try to go out of the SCO module, +# log the user out removing the CGISESSID cookie + $in->{template_name} !~ m|sco/| + && $user + && C4::Context->preference('AutoSelfCheckID') + && $user eq C4::Context->preference('AutoSelfCheckID') + ) + { + $kick_out = 1; + } + elsif ( +# If the user logged in is the SCI user and they try to go out of the SCI module, +# kick them out unless it is SCO with a valid permission + $in->{template_name} !~ m|sci/| + && $user + && haspermission( $user, { self_check => 'self_checkin_module' } ) + && !( + $in->{template_name} =~ m|sco/| && haspermission( + $user, { self_check => 'self_checkout_module' } + ) + ) + ) + { + $kick_out = 1; } - } - # If the user logged in is the SCI user and they try to go out of the SCI module, - # log the user out removing the CGISESSID cookie - if ( $in->{type} eq 'opac' and $in->{template_name} !~ m|sci/| ) { - if ( $user && C4::Context->preference('AutoSelfCheckID') && $user eq C4::Context->preference('AutoSelfCheckID') ) { - $template = C4::Templates::gettemplate( 'opac-auth.tt', 'opac', $in->{query} ); - my $cookie = $in->{query}->cookie( + if ($kick_out) { + $template = C4::Templates::gettemplate( 'opac-auth.tt', 'opac', + $in->{query} ); + $cookie = $in->{query}->cookie( -name => 'CGISESSID', -value => '', -expires => '', @@ -223,14 +223,16 @@ sub get_template_and_user { loginprompt => 1, script_name => get_script_name(), ); + print $in->{query}->header( - { type => 'text/html', + { + type => 'text/html', charset => 'utf-8', cookie => $cookie, 'X-Frame-Options' => 'SAMEORIGIN' } ), - $template->output; + $template->output; safe_exit; } } diff --git a/about.pl b/about.pl index 25fd54db9a..cfc2e32fe4 100755 --- a/about.pl +++ b/about.pl @@ -365,9 +365,9 @@ if ( C4::Context->preference('WebBasedSelfCheck') my $all_permissions = C4::Auth::get_user_subpermissions( $userid ); my ( $has_self_checkout_perm, $has_other_permissions ); while ( my ( $module, $permissions ) = each %$all_permissions ) { - if ( $module eq 'circulate' ) { + if ( $module eq 'self_check' ) { while ( my ( $permission, $flag ) = each %$permissions ) { - if ( $permission eq 'self_checkout' ) { + if ( $permission eq 'self_checkout_module' ) { $has_self_checkout_perm = 1; } else { $has_other_permissions = 1; diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/about.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/about.tt index 917ad10d74..76099f8aae 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/about.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/about.tt @@ -238,12 +238,12 @@ [% END %] [% IF AutoSelfCheckPatronDoesNotHaveSelfCheckPerm %] Warning - The patron used for the self checkout module at the OPAC does not have the circulate => self_checkout permission. + The patron used for the self checkout module at the OPAC does not have the self_check => self_checkout_module permission. [% END %] [% IF AutoSelfCheckPatronHasTooManyPerm %] Warning - The patron used for the self checkout module at the OPAC has too many permissions. They should only have circulate => self_checkout. + The patron used for the self checkout module at the OPAC has too many permissions. They should only have self_check => self_checkout_module. [% END %] [% IF warnNoTemplateCaching %] diff --git a/opac/sci/sci-main.pl b/opac/sci/sci-main.pl index a6cb4fef75..e5ccc72122 100755 --- a/opac/sci/sci-main.pl +++ b/opac/sci/sci-main.pl @@ -41,7 +41,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user( { template_name => "sci/sci-main.tt", authnotrequired => 0, - flagsrequired => { circulate => "self_checkout" }, + flagsrequired => { self_check => 'self_checkin_module' }, query => $cgi, type => "opac" } @@ -93,4 +93,8 @@ if ( $op eq 'check_in' ) { $template->param( success => \@success, errors => \@errors, checkins => 1 ); } +# Make sure timeour has a reasonable value +my $timeout = C4::Context->preference('SelfCheckInTimeout') // 120; +$template->param( refresh_timeout => $timeout ); + output_html_with_http_headers $cgi, $cookie, $template->output, undef, { force_no_caching => 1 }; diff --git a/opac/sco/help.pl b/opac/sco/help.pl index 412dc401b9..2e6b58a1a9 100755 --- a/opac/sco/help.pl +++ b/opac/sco/help.pl @@ -29,14 +29,16 @@ use C4::Auth qw(get_template_and_user); use C4::Output qw(output_html_with_http_headers); my $query = new CGI; -my ($template, $borrowernumber, $cookie) = get_template_and_user({ - template_name => "sco/help.tt", - query => $query, - type => "opac", - debug => 1, - authnotrequired => 1, - flagsrequired => {circulate => "self_checkout"}, -}); +my ( $template, $borrowernumber, $cookie ) = get_template_and_user( + { + template_name => "sco/help.tt", + query => $query, + type => "opac", + debug => 1, + authnotrequired => 1, + flagsrequired => { self_check => "self_checkout_module" }, + } +); if (C4::Context->preference('SelfCheckoutByLogin')) { $template->param(SelfCheckoutByLogin => 1); diff --git a/opac/sco/sco-main.pl b/opac/sco/sco-main.pl index cec66b6a3b..8829b4dd22 100755 --- a/opac/sco/sco-main.pl +++ b/opac/sco/sco-main.pl @@ -67,14 +67,17 @@ if (C4::Context->preference('AutoSelfCheckAllowed')) $query->param(-name=>'koha_login_context',-values=>['sco']); } $query->param(-name=>'sco_user_login',-values=>[1]); -my ($template, $loggedinuser, $cookie) = get_template_and_user({ - template_name => "sco/sco-main.tt", - authnotrequired => 0, - flagsrequired => { circulate => "self_checkout" }, - query => $query, - type => "opac", - debug => 1, -}); + +my ( $template, $loggedinuser, $cookie ) = get_template_and_user( + { + template_name => "sco/sco-main.tt", + authnotrequired => 0, + flagsrequired => { self_check => "self_checkout_module" }, + query => $query, + type => "opac", + debug => 1, + } +); # Get the self checkout timeout preference, or use 120 seconds as a default my $selfchecktimeout = 120000; diff --git a/opac/sco/sco-patron-image.pl b/opac/sco/sco-patron-image.pl index dc6fbc871a..52d8e61316 100755 --- a/opac/sco/sco-patron-image.pl +++ b/opac/sco/sco-patron-image.pl @@ -25,7 +25,7 @@ use Koha::Patron::Images; use Koha::Patrons; use Koha::Token; -my ($query, $response) = C4::Service->init(circulate => 'self_checkout'); +my ( $query, $response ) = C4::Service->init( self_check => 'self_checkout_module' ); unless (C4::Context->preference('WebBasedSelfCheck')) { print $query->header(status => '403 Forbidden - web-based self-check not enabled'); -- 2.39.5