From 088e0243bf7cd16f7769ddbc2eeefd5857c471f7 Mon Sep 17 00:00:00 2001
From: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Date: Fri, 8 Mar 2019 16:52:07 +0000
Subject: [PATCH] Bug 22483: Restore undef behaviour

Turns out that we rely heavily on the side effect that passing undef
to haspermission would always return true no matter what permissions
or lack of permissions you had.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
---
 C4/Auth.pm                          |  6 ++++--
 t/db_dependent/Auth/haspermission.t | 15 +++++++++------
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 2a3c492011..2b76accf11 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -2084,8 +2084,10 @@ sub _dispatch {
 sub haspermission {
     my ( $userid, $flagsrequired ) = @_;
 
-    Koha::Exceptions::WrongParameter->throw('$flagsrequired should not be undef')
-      unless defined($flagsrequired);
+    return 1 unless defined($flagsrequired); # This is horrifying but restores behaviour prior to bug 22031
+
+    #Koha::Exceptions::WrongParameter->throw('$flagsrequired should not be undef')
+    #  unless defined($flagsrequired);
 
     my $sth = C4::Context->dbh->prepare("SELECT flags FROM borrowers WHERE userid=?");
     $sth->execute($userid);
diff --git a/t/db_dependent/Auth/haspermission.t b/t/db_dependent/Auth/haspermission.t
index 2cde29aa56..6118ec98fe 100644
--- a/t/db_dependent/Auth/haspermission.t
+++ b/t/db_dependent/Auth/haspermission.t
@@ -73,13 +73,16 @@ $builder->build(
 
 subtest 'undef top level tests' => sub {
 
-    plan tests => 2;
+    plan tests => 1;
 
-    throws_ok { my $r = haspermission( $borr1->{userid} ); }
-    'Koha::Exceptions::WrongParameter',
-      'Exception thrown when missing $requiredflags';
-    throws_ok { my $r = haspermission( $borr1->{userid}, undef ); }
-    'Koha::Exceptions::WrongParameter', 'Exception thrown when explicit undef';
+    my $pass = haspermission( $borr2->{userid} );
+    ok($pass, "let through undef privs");
+
+    #throws_ok { my $r = haspermission( $borr1->{userid} ); }
+    #'Koha::Exceptions::WrongParameter',
+    #  'Exception thrown when missing $requiredflags';
+    #throws_ok { my $r = haspermission( $borr1->{userid}, undef ); }
+    #'Koha::Exceptions::WrongParameter', 'Exception thrown when explicit undef';
 };
 
 subtest 'scalar top level tests' => sub {
-- 
2.39.2