From 4ed4b51e4bbbcc0e968c1685a6f4eaeefc6d7e37 Mon Sep 17 00:00:00 2001 From: Katrin Fischer Date: Sun, 10 Feb 2019 12:09:08 +0100 Subject: [PATCH] Bug 9422: Don't allow access to 'Upload patron images' when patronimages syspref is off In addition to checking the patron image upload permission, this adds a check for the patronimages system preference to the tools home page and sidebar. To test: - Check that the patron image upload tool only displays when - system preference patronimages is set to 'Allow' and user is either - superlibrarian or - has bath_upload_patron_images permission - Save URL of patron image uploader page - Turn off patronimages - Verify you get redirected to the home page of Koha when trying to access the page Note: this redirect is already used by the stock rotation feature. Signed-off-by: Martin Renvoize Signed-off-by: Joy Nelson --- koha-tmpl/intranet-tmpl/prog/en/includes/tools-menu.inc | 4 ++-- koha-tmpl/intranet-tmpl/prog/en/modules/tools/tools-home.tt | 4 ++-- tools/picture-upload.pl | 6 ++++++ 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/tools-menu.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/tools-menu.inc index 877e68fd84..1a01539d81 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/tools-menu.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/tools-menu.inc @@ -7,7 +7,7 @@ [% IF ( CAN_user_tools_manage_patron_lists || CAN_user_clubs || CAN_user_tools_moderate_comments || CAN_user_tools_import_patrons || CAN_user_tools_edit_notices || CAN_user_tools_edit_notice_status_triggers || CAN_user_tools_label_creator || CAN_user_tools_delete_anonymize_patrons - || CAN_user_tools_edit_patrons || CAN_user_tools_moderate_tags || CAN_user_tools_batch_upload_patron_images ) %] + || CAN_user_tools_edit_patrons || CAN_user_tools_moderate_tags || ( CAN_user_tools_batch_upload_patron_images && Koha.Preference('patronimages') ) ) %]
Patrons and circulation
    [% IF ( CAN_user_tools_manage_patron_lists ) %] @@ -43,7 +43,7 @@ [% IF ( CAN_user_tools_moderate_tags ) %]
  • Tag moderation
  • [% END %] - [% IF ( CAN_user_tools_batch_upload_patron_images ) %] + [% IF ( CAN_user_tools_batch_upload_patron_images && Koha.Preference('patronimages') ) %]
  • Upload patron images
  • [% END %]
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/tools/tools-home.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/tools/tools-home.tt index 1087d9a339..c8dbbb8190 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/tools/tools-home.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/tools/tools-home.tt @@ -15,7 +15,7 @@
[% IF ( CAN_user_tools_manage_patron_lists || CAN_user_clubs || CAN_user_tools_moderate_comments || CAN_user_tools_import_patrons || CAN_user_tools_edit_notices || CAN_user_tools_edit_notice_status_triggers || CAN_user_tools_label_creator || CAN_user_tools_delete_anonymize_patrons - || CAN_user_tools_edit_patrons || CAN_user_tools_batch_extend_due_dates || CAN_user_tools_moderate_tags || CAN_user_tools_batch_upload_patron_images ) %] + || CAN_user_tools_edit_patrons || CAN_user_tools_batch_extend_due_dates || CAN_user_tools_moderate_tags || ( CAN_user_tools_batch_upload_patron_images && Koha.Preference('patronimages') ) ) ) %]

Patrons and circulation

[% END %]
@@ -74,7 +74,7 @@
Moderate patron tags
[% END %] - [% IF ( CAN_user_tools_batch_upload_patron_images ) %] + [% IF ( CAN_user_tools_batch_upload_patron_images && Koha.Preference('patronimages') ) %]
Upload patron images
Upload patron images in a batch or one at a time
[% END %] diff --git a/tools/picture-upload.pl b/tools/picture-upload.pl index 54f18b53ad..e349f5a432 100755 --- a/tools/picture-upload.pl +++ b/tools/picture-upload.pl @@ -37,6 +37,12 @@ use Koha::Token; my $input = new CGI; +unless (C4::Context->preference('patronimages')) { + # redirect to intranet home if patronimages is not enabled + print $input->redirect("/cgi-bin/koha/mainpage.pl"); + exit; +} + my ($template, $loggedinuser, $cookie) = get_template_and_user({template_name => "tools/picture-upload.tt", query => $input, -- 2.39.5