Bug 30178: (bugs 27526 and 28445 follow-up) Every librarian can edit every item with IndependentBranches on
Problem arises after applying bugfix 27526 and 28445: with
IndependentBranches on, a librarian without superlibrarian privileges,
can edit (and potentially delete) every item (i.e. also from a foreign
branch). This is because can_be_edited calculation is buggy (in two spots).
Test plan:
1. Have (at least) two branches defined.
2. Have IndependentBranches set.
3. Have a biblio record with items belonging to different branches.
4. Be a librarian without superlibrarian rights, with editcatalogue
and tool permissions set.
Scenario A (Edit items):
1. Go to Edit -> Edit items view (cataloguing/additems.pl).
2. You will be able to edit every item, also ones not from the branch
you are from (cf. the button 'Actions').
3. Apply the patch.
4. Repeat 1.
5. You should be able to edit only the items from your branch.
Scenario B (Edit items in batch):
1. From Normal view go to Edit -> Edit items in batch.
2. You will be able to batch edit every item, also ones not from the branch
you are from.
3. Apply the patch.
4. Repeat 1.
5. You should be able to edit only the items from your branch (and
see 'Cannot edit' for others.
Scenario C (Delete items in batch):
1. From Normal view go to Edit -> Delete items in batch.
2. You will not see the string 'Cannot delete' and only by chance
will not be able to activate the checkboxes next to foreign items.
3. Apply the patch.
4. Repeat 1.
5. You should be able to delete only the items from your branch (and
see 'Cannot delete' for others.
Scenario D and E:
Analogous steps can be executed from Tools -> Batch item modification
and Tools -> Batch item deletion
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
projects / koha.git / commit