From 008ed48d66d9e33ac0c1fd17a859cfa1d130da8b Mon Sep 17 00:00:00 2001 From: Alex Buckley Date: Fri, 19 Aug 2022 03:17:47 +0000 Subject: [PATCH] Bug 30418: Add ability for permitted staff to edit list contents Public lists with 'Allow changes to contents from' = 'Permitted staff only' can have their contents managed by Koha patrons with either of the permissions below: - superlibrarian permission - catalogue permission + 'edit_public_list_contents' sub-permission Test plan: 1. Apply patches, update database, restart services 2. In the staff client go to: Lists > New List 3. Create a list, choose 'Allow changes to contents from' => 'Permitted staff only' 4. Log into the OPAC as a patron with no permissions. 5. Confirm you CANNOT add a biblio to the list from the OPAC search result page and OPAC biblio detail pages 6. Log into the OPAC as a patron with only the 'catalogue' permissions enabled 7. Confirm you CANNOT add a biblio to the list from OPAC search result or biblio detail pages 8. Log into the OPAC as a patron with the 'catalogue' and 'edit_public_list_contents' permissions enabled 9. Confirm you CAN add/remove biblios from the OPAC search result and biblio detail pages 10. Log into the OPAC as a patron with superlibrarian permissions 11. Confirm you CAN add a biblio to the list from the OPAC search result page and OPAC biblio detail pages 12. Log into the staff client as a patron with only the 'catalogue' permission and confirm you CANNOT add/remove records from the list 13. Log into the staff client as a patron with the 'catalogue' and 'edit_public_list_contents' sub-permission (found under 'Lists' parent permission) 14. Confirm you CAN add/remove records from the list 15. Login into thestaff client as a patron with 'superlibrarian' permissions and confirm you CAN add/remove records from the list Sponsored-by: Catalyst IT, New Zealand Signed-off-by: Kyle M Hall Signed-off-by: Lucas Gass Signed-off-by: Tomas Cohen Arazi --- Koha/Patron.pm | 15 ++++++++++ Koha/Virtualshelf.pm | 7 +++-- Koha/Virtualshelves.pm | 21 +++++++++++-- .../bootstrap/en/modules/opac-shelves.tt | 2 +- opac/opac-addbybiblionumber.pl | 21 +++++++++++-- opac/opac-shelves.pl | 30 +++++++++++-------- virtualshelves/shelves.pl | 13 ++++---- 7 files changed, 83 insertions(+), 26 deletions(-) diff --git a/Koha/Patron.pm b/Koha/Patron.pm index 3fe93316c2..5b312a3df7 100644 --- a/Koha/Patron.pm +++ b/Koha/Patron.pm @@ -2400,6 +2400,21 @@ sub can_patron_change_staff_only_lists { return 0; } +=head3 can_patron_change_permitted_staff_lists + +$patron->can_patron_change_permitted_staff_lists; + +Return 1 if a patron has 'Superlibrarian' or 'Catalogue' and 'edit_public_list_contents' permissions. +Otherwise, return 0. + +=cut + +sub can_patron_change_permitted_staff_lists { + my ( $self, $params ) = @_; + return 1 if C4::Auth::haspermission( $self->userid, { 'catalogue' => 1, lists => 'edit_public_list_contents' } ); + return 0; +} + =head3 encode_secret $patron->encode_secret($secret32); diff --git a/Koha/Virtualshelf.pm b/Koha/Virtualshelf.pm index 605916ef45..ec39715a54 100644 --- a/Koha/Virtualshelf.pm +++ b/Koha/Virtualshelf.pm @@ -59,6 +59,8 @@ sub store { unless defined $self->allow_change_from_others; $self->allow_change_from_staff( 0 ) unless defined $self->allow_change_from_staff; + $self->allow_change_from_permitted_staff( 0 ) + unless defined $self->allow_change_from_permitted_staff; $self->created_on( dt_from_string ) unless defined $self->created_on; @@ -181,7 +183,7 @@ sub add_biblio { # Check permissions my $patron = Koha::Patrons->find( $borrowernumber ) or return 0; - return 0 unless ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) || ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) || $self->allow_change_from_others; + return 0 unless ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) || ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) || ( $self->allow_change_from_permitted_staff && $patron->can_patron_change_permitted_staff_lists ) || $self->allow_change_from_others; my $content = Koha::Virtualshelfcontent->new( { @@ -206,6 +208,7 @@ sub remove_biblios { my $patron = Koha::Patrons->find( $borrowernumber ) or return 0; if( ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) || ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) + || ( $self->allow_change_from_permitted_staff && $patron->can_patron_change_permitted_staff_lists ) || $self->allow_change_from_others ) { $number_removed += $self->get_contents->search({ biblionumber => $biblionumbers, @@ -256,7 +259,7 @@ sub can_biblios_be_added { my $patron = Koha::Patrons->find( $borrowernumber ) or return 0; return 1 if $borrowernumber - and ( ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) or ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) or $self->allow_change_from_others ); + and ( ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) or ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) or ( $self->allow_change_from_permitted_staff && $patron->can_patron_change_permitted_staff_lists ) or $self->allow_change_from_others ); return 0; } diff --git a/Koha/Virtualshelves.pm b/Koha/Virtualshelves.pm index 2b82dfc732..9b71a016bb 100644 --- a/Koha/Virtualshelves.pm +++ b/Koha/Virtualshelves.pm @@ -136,12 +136,14 @@ sub get_some_shelves { my @conditions; my $patron; my $staffuser = 0; + my $permitteduser = 0; if ( $borrowernumber != 0 ) { $patron = Koha::Patrons->find( $borrowernumber ); $staffuser = $patron->can_patron_change_staff_only_lists; + $permitteduser = $patron->can_patron_change_permitted_staff_lists; } if ( $add_allowed ) { - if ( $staffuser ) { + if ( $permitteduser ) { push @conditions, { -or => [ @@ -149,8 +151,21 @@ sub get_some_shelves { "me.owner" => $borrowernumber, "me.allow_change_from_owner" => 1, }, - "me.allow_change_from_others" => 1, - "me.allow_change_from_staff" => 1 + "me.allow_change_from_others" => 1, + "me.allow_change_from_staff" => 1, + "me.allow_change_from_permitted_staff" => 1 + ] + }; + } elsif ( $staffuser ) { + push @conditions, { + -or => + [ + { + "me.owner" => $borrowernumber, + "me.allow_change_from_owner" => 1, + }, + "me.allow_change_from_others" => 1, + "me.allow_change_from_staff" => 1 ] }; } else { diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shelves.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shelves.tt index d94ee29d4f..79d86f74b8 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shelves.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shelves.tt @@ -51,7 +51,7 @@ [% IF shelf.allow_change_from_others %][% ELSE %][% END %] [% IF staffuser == 1 %][% IF shelf.allow_change_from_staff %][% ELSE %][% END %][% END %] - [% IF permitteduser == 1 %][% shelf.allow_change_from_permitted_staff %][% ELSE %][% END %'[% END %] + [% IF permitteduser == 1 %][% IF shelf.allow_change_from_permitted_staff %][% ELSE %][% END %][% END %]   diff --git a/opac/opac-addbybiblionumber.pl b/opac/opac-addbybiblionumber.pl index 4edbd133e7..fc31627882 100755 --- a/opac/opac-addbybiblionumber.pl +++ b/opac/opac-addbybiblionumber.pl @@ -119,7 +119,7 @@ if ($newvirtualshelf) { ); my $public_shelves; if ( $loggedinuser ) { - if ( Koha::Patrons->find( $loggedinuser )->can_patron_change_staff_only_lists ) { + if ( Koha::Patrons->find( $loggedinuser )->can_patron_change_permitted_staff_lists ) { $public_shelves = Koha::Virtualshelves->search( { public => 1, -or => [ @@ -127,8 +127,23 @@ if ($newvirtualshelf) { allow_change_from_owner => 1, owner => $loggedinuser, }, - allow_change_from_others => 1, - allow_change_from_staff => 1 + allow_change_from_others => 1, + allow_change_from_staff => 1, + allow_change_from_permitted_staff => 1 + ], + }, + { order_by => 'shelfname' } + ); + } elsif ( Koha::Patrons->find( $loggedinuser )->can_patron_change_staff_only_lists ) { + $public_shelves = Koha::Virtualshelves->search( + { public => 1, + -or => [ + -and => { + allow_change_from_owner => 1, + owner => $loggedinuser, + }, + allow_change_from_others => 1, + allow_change_from_staff => 1 ], }, { order_by => 'shelfname' } diff --git a/opac/opac-shelves.pl b/opac/opac-shelves.pl index a7be90ba58..5cecfc7b96 100755 --- a/opac/opac-shelves.pl +++ b/opac/opac-shelves.pl @@ -48,6 +48,7 @@ use Koha::RecordProcessor; use constant ANYONE => 2; use constant STAFF => 3; +use constant PERMITTED => 4; my $query = CGI->new; @@ -118,9 +119,10 @@ if ( $op eq 'add_form' ) { { shelfname => scalar $query->param('shelfname'), sortfield => scalar $query->param('sortfield'), public => $public, - allow_change_from_owner => $allow_changes_from > 0, - allow_change_from_others => $allow_changes_from == ANYONE, - allow_change_from_staff => $allow_changes_from == STAFF, + allow_change_from_owner => $allow_changes_from > 0, + allow_change_from_others => $allow_changes_from == ANYONE, + allow_change_from_staff => $allow_changes_from == STAFF, + allow_change_from_permitted_staff => $allow_changes_from == PERMITTED, owner => scalar $loggedinuser, } ); @@ -153,6 +155,7 @@ if ( $op eq 'add_form' ) { $shelf->allow_change_from_owner( $allow_changes_from > 0 ); $shelf->allow_change_from_others( $allow_changes_from == ANYONE ); $shelf->allow_change_from_staff( $allow_changes_from == STAFF ); + $shelf->allow_change_from_permitted_staff( $allow_changes_from == PERMITTED ); $shelf->public( $public ); eval { $shelf->store }; @@ -487,17 +490,20 @@ if ( $op eq 'view' ) { ); } -my $staffuser; +my ($staffuser, $permitteduser); $staffuser = Koha::Patrons->find( $loggedinuser )->can_patron_change_staff_only_lists if $loggedinuser; +$permitteduser = Koha::Patrons->find( $loggedinuser )->can_patron_change_permitted_staff_lists if $loggedinuser; + $template->param( - op => $op, - referer => $referer, - shelf => $shelf, - messages => \@messages, - public => $public, - print => scalar $query->param('print') || 0, - listsview => 1, - staffuser => $staffuser, + op => $op, + referer => $referer, + shelf => $shelf, + messages => \@messages, + public => $public, + print => scalar $query->param('print') || 0, + listsview => 1, + staffuser => $staffuser, + permitteduser => $permitteduser ); my $content_type = $query->param('rss')? 'rss' : 'html'; diff --git a/virtualshelves/shelves.pl b/virtualshelves/shelves.pl index fa92cfcd6e..a7c5fcf7f0 100755 --- a/virtualshelves/shelves.pl +++ b/virtualshelves/shelves.pl @@ -40,8 +40,9 @@ use Koha::CsvProfiles; use Koha::Patrons; use Koha::Virtualshelves; -use constant ANYONE => 2; -use constant STAFF => 3; +use constant ANYONE => 2; +use constant STAFF => 3; +use constant PERMITTED => 4; my $query = CGI->new; @@ -84,9 +85,10 @@ if ( $op eq 'add_form' ) { { shelfname => scalar $query->param('shelfname'), sortfield => scalar $query->param('sortfield'), public => $public, - allow_change_from_owner => $allow_changes_from > 0, - allow_change_from_others => $allow_changes_from == ANYONE, - allow_change_from_staff => $allow_changes_from == STAFF, + allow_change_from_owner => $allow_changes_from > 0, + allow_change_from_others => $allow_changes_from == ANYONE, + allow_change_from_staff => $allow_changes_from == STAFF, + allow_change_from_permitted_staff => $allow_changes_from == PERMITTED, owner => scalar $query->param('owner'), } ); @@ -117,6 +119,7 @@ if ( $op eq 'add_form' ) { $shelf->allow_change_from_owner( $allow_changes_from > 0 ); $shelf->allow_change_from_others( $allow_changes_from == ANYONE ); $shelf->allow_change_from_staff( $allow_changes_from == STAFF ); + $shelf->allow_change_from_permitted_staff( $allow_changes_from == PERMITTED ); $shelf->public( scalar $query->param('public') ); eval { $shelf->store }; -- 2.39.5