From a4b7490633d2e8bc9ca9a0f60ebec1200ed0b07a Mon Sep 17 00:00:00 2001 From: Katrin Fischer Date: Fri, 4 Aug 2023 15:13:36 +0000 Subject: [PATCH] Bug 34469: Block editing for received order lines When an already received order line is modified/edited, we experience data loss. Most prominently, we will lose the linked invoiceid. Therefore we should not allow editing an order line that was already received. If something needs to be changed, the receipt should be cancelled first. To test: * Create basket as standing order with items added in cataloguing * Add an order line * Receive shipment * Go to the basket summary page, click on 'Modify' * Change the actual cost * Save * Verify that the invoice is now empty * In the database aqorders.invoiceid will be NULL * Apply patch * Receive another shipment for the standing order * Go back to basket summary page * Verify the 'Modify' link is no longer present * Click 'Modify' on the unreceived order line * Edit the URL parameter odernumber to have the number of an already received order line * Verify you see a nice error message: This order cannot be edited, the basket is closed or the order was already received. Signed-off-by: Sam Lau Signed-off-by: Michaela Sieber Signed-off-by: Laura Escamilla Signed-off-by: Tomas Cohen Arazi --- acqui/neworderempty.pl | 8 ++++---- .../intranet-tmpl/prog/en/includes/blocking_errors.inc | 2 +- koha-tmpl/intranet-tmpl/prog/en/modules/acqui/basket.tt | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/acqui/neworderempty.pl b/acqui/neworderempty.pl index bc5b35d8d9..2557a4c51b 100755 --- a/acqui/neworderempty.pl +++ b/acqui/neworderempty.pl @@ -135,9 +135,10 @@ if(!$basketno) { } our $basket = GetBasket($basketno); -my $basketobj = Koha::Acquisition::Baskets->find( $basketno ); +my $basketobj = Koha::Acquisition::Baskets->find($basketno); $booksellerid = $basket->{booksellerid} unless $booksellerid; -my $bookseller = Koha::Acquisition::Booksellers->find( $booksellerid ); +my $bookseller = Koha::Acquisition::Booksellers->find($booksellerid); +$data = GetOrder($ordernumber) if $ordernumber; output_and_exit( $input, $cookie, $template, 'unknown_basket') unless $basketobj; output_and_exit( $input, $cookie, $template, 'unknown_vendor') unless $bookseller; @@ -150,7 +151,7 @@ $template->param( name => $bookseller->name, ); output_and_exit( $input, $cookie, $template, 'order_cannot_be_edited' ) - if $ordernumber and $basketobj->closedate; + if $ordernumber and ( $basketobj->closedate || $data->{orderstatus} eq "complete" ); my $contract = GetContract({ contractnumber => $basket->{contractnumber} @@ -259,7 +260,6 @@ if ( not $ordernumber ) { # create order } } else { #modify order - $data = GetOrder($ordernumber); $budget_id = $data->{'budget_id'}; $template->param( diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/blocking_errors.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/blocking_errors.inc index 1821f54817..b596390fd5 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/blocking_errors.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/blocking_errors.inc @@ -14,7 +14,7 @@ [% CASE 'unknown_vendor' %]
Vendor not found.
[% CASE 'order_cannot_be_edited' %] -
This order cannot be edited, the basket is closed.
+
This order cannot be edited, the basket is closed or the order was already received.
[% CASE 'wrong_csrf_token' %]
The form submission failed (Wrong CSRF token). Try to come back, refresh the page, then try again.
[% CASE 'budget_is_locked' %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/basket.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/basket.tt index 604d1a2f36..9dc8ccff0c 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/basket.tt +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/acqui/basket.tt @@ -656,8 +656,8 @@ [% IF ( active ) %] [% UNLESS ( closedate ) %] - Modify [% UNLESS (books_loo.order_received) %] + Modify
Transfer [% END %] -- 2.39.5