From ec4b769ddbee9c06563c8f8c80dc09b086a0b120 Mon Sep 17 00:00:00 2001 From: Nick Clemens Date: Fri, 28 Feb 2020 20:06:32 +0000 Subject: [PATCH] Bug 24476: Allow direct editing of autorenew_checkouts by patron Signed-off-by: Andrew Fuerste-Henry Signed-off-by: Katrin Fischer Signed-off-by: Martin Renvoize --- .../bug_24476_opt_out_of_auto_renewal.perl | 12 +++----- installer/data/mysql/kohastructure.sql | 1 - installer/data/mysql/sysprefs.sql | 1 + .../en/modules/admin/preferences/patrons.pref | 6 ++++ .../bootstrap/en/modules/opac-memberentry.tt | 27 ----------------- .../bootstrap/en/modules/opac-user.tt | 30 +++++++++++++++++++ opac/opac-user.pl | 16 ++++++++++ 7 files changed, 57 insertions(+), 36 deletions(-) diff --git a/installer/data/mysql/atomicupdate/bug_24476_opt_out_of_auto_renewal.perl b/installer/data/mysql/atomicupdate/bug_24476_opt_out_of_auto_renewal.perl index 50edba9cc6..c83325f067 100644 --- a/installer/data/mysql/atomicupdate/bug_24476_opt_out_of_auto_renewal.perl +++ b/installer/data/mysql/atomicupdate/bug_24476_opt_out_of_auto_renewal.perl @@ -6,15 +6,11 @@ if( CheckVersion( $DBversion ) ) { unless( column_exists('deletedborrowers','autorenew_checkouts') ){ $dbh->do( "ALTER TABLE deletedborrowers ADD COLUMN autorenew_checkouts TINYINT(1) NOT NULL DEFAULT 1" ); } - unless( column_exists('borrower_modifications','autorenew_checkouts') ){ - $dbh->do( "ALTER TABLE borrower_modifications ADD COLUMN autorenew_checkouts TINYINT(1) NOT NULL DEFAULT 1" ); - } $dbh->do(q{ - UPDATE systempreferences - SET value = CONCAT(value,'|autorenew_checkouts') - WHERE variable IN - ('PatronSelfModificationBorrowerUnwantedField','PatronSelfRegistrationBorrowerUnwantedField') - AND value NOT LIKE '%autorenew_checkouts%' + INSERT INTO systempreferences + ( `variable`, `value`, `options`, `explanation`, `type` ) + VALUES + ('AllowPatronToControlAutorenewal','0',NULL,'If enabled, patrons will have a field in their account tp choose whether their checkouts are auto renewed or not','YesNo') }); SetVersion( $DBversion ); print "Upgrade to $DBversion done (Bug 24476 - Allow patrons to opt-out of autorenewal)\n"; diff --git a/installer/data/mysql/kohastructure.sql b/installer/data/mysql/kohastructure.sql index e80c64c19f..2d411a70ad 100644 --- a/installer/data/mysql/kohastructure.sql +++ b/installer/data/mysql/kohastructure.sql @@ -3441,7 +3441,6 @@ CREATE TABLE IF NOT EXISTS `borrower_modifications` ( `privacy` int(11) DEFAULT NULL, `extended_attributes` MEDIUMTEXT DEFAULT NULL, `gdpr_proc_consent` datetime, -- data processing consent - `autorenew_checkouts` TINYINT(1) NOT NULL DEFAULT 1, -- flag for allowing auto-renewal PRIMARY KEY (`verification_token` (191),`borrowernumber`), KEY `verification_token` (`verification_token` (191)), KEY `borrowernumber` (`borrowernumber`) diff --git a/installer/data/mysql/sysprefs.sql b/installer/data/mysql/sysprefs.sql index d1aa527448..91c553714d 100644 --- a/installer/data/mysql/sysprefs.sql +++ b/installer/data/mysql/sysprefs.sql @@ -34,6 +34,7 @@ INSERT INTO systempreferences ( `variable`, `value`, `options`, `explanation`, ` ('AllowMultipleIssuesOnABiblio',1,'Allow/Don\'t allow patrons to check out multiple items from one biblio','','YesNo'), ('AllowNotForLoanOverride','0','','If ON, Koha will allow the librarian to loan a not for loan item.','YesNo'), ('AllowOfflineCirculation','0','','If on, enables HTML5 offline circulation functionality.','YesNo'), +('AllowPatronToControlAutorenewal','0',NULL,'If enabled, patrons will have a field in their account tp choose whether their checkouts are auto renewed or not','YesNo'), ('AllowPatronToSetCheckoutsVisibilityForGuarantor', '0', NULL, 'If enabled, the patron can set checkouts to be visible to his or her guarantor', 'YesNo'), ('AllowPatronToSetFinesVisibilityForGuarantor', '0', NULL, 'If enabled, the patron can set fines to be visible to his or her guarantor', 'YesNo'), ('AllowPKIAuth','None','None|Common Name|emailAddress','Use the field from a client-side SSL certificate to look a user in the Koha database','Choice'), diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/patrons.pref b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/patrons.pref index 48bc763cc3..43d9c2810d 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/patrons.pref +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/patrons.pref @@ -251,6 +251,12 @@ Patrons: no: Allow all permitted users - "to access/change superlibrarian privileges." - "
NOTE: A permitted user needs to have the 'permissions' flag (if no superlibrarian)." + - + - pref: AllowPatronToControlAutorenewal + choices: + yes: Allow patrons + no: Allow only staff + - "to allow/disallow auto-renewal for account. If allowed a patron will be able to update their own account to allow/disallow autorenewals" Privacy: - diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt index b5c5e3401f..8761cc88ae 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt @@ -258,33 +258,6 @@ [% END %] [% END %] - [% UNLESS hidden.defined('autorenew_checkouts') %] -
  • - - [% IF ( borrower.autorenew_checkouts ) %] - - - - [% ELSE %] - - - [% END %] -
    • - [% END %] [% END # / defined 'branchcode' %] diff --git a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt index 47f10db028..e649229d19 100644 --- a/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt +++ b/koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt @@ -49,6 +49,36 @@

    Click here if you're not [% INCLUDE 'patron-title.inc' patron = logged_in_user %]

    + [% IF Koha.Preference('AllowPatronToControlAutorenewal') %] +
    + + [% IF ( borrower.autorenew_checkouts ) %] + + + + [% ELSE %] + + + [% END %] + + + +
    + [% END %] [% IF ( patronupdate ) %]

    Thank you!

    Your corrections have been submitted to the library, and a staff member will update your record as soon as possible.

    [% END %] [% IF failed_holds %] diff --git a/opac/opac-user.pl b/opac/opac-user.pl index 60cc5d26b2..d94d3d0e2b 100755 --- a/opac/opac-user.pl +++ b/opac/opac-user.pl @@ -43,6 +43,7 @@ use Koha::Patrons; use Koha::Patron::Messages; use Koha::Patron::Discharge; use Koha::Patrons; +use Koha::Token; use constant ATTRIBUTE_SHOW_BARCODE => 'SHOW_BCODE'; @@ -83,6 +84,18 @@ $template->param( shibbolethAuthentication => C4::Context->config('useshibboleth # get borrower information .... my $patron = Koha::Patrons->find( $borrowernumber ); + +if( $query->param('update_arc') && C4::Context->preference("AllowPatronToControlAutorenewal") ){ + die "Wrong CSRF token" + unless Koha::Token->new->check_csrf({ + session_id => scalar $query->cookie('CGISESSID'), + token => scalar $query->param('csrf_token'), + }); + + my $autorenew_checkouts = $query->param('borrower_autorenew_checkouts'); + $patron->autorenew_checkouts( $autorenew_checkouts )->store() if defined $autorenew_checkouts; +} + my $borr = $patron->unblessed; # unblessed is a hash vs. object/undef. Hence the use of curly braces here. my $borcat = $borr ? $borr->{categorycode} : q{}; @@ -164,6 +177,9 @@ $template->param( surname => $borr->{surname}, RENEW_ERROR => $renew_error, borrower => $borr, + csrf_token => Koha::Token->new->generate_csrf({ + session_id => scalar $query->cookie('CGISESSID'), + }), ); #get issued items .... -- 2.39.2