From 0f7ed0ebb4ff298f2a8f914918d029affe176ec1 Mon Sep 17 00:00:00 2001
From: Galen Charlton <galen.charlton@liblime.com>
Date: Thu, 10 Apr 2008 11:37:46 -0500
Subject: [PATCH] granular permissions - update CGI script for permissions
 editor

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
---
 members/member-flags.pl | 123 +++++++++++++++++++++++++++++++++-------
 1 file changed, 104 insertions(+), 19 deletions(-)

diff --git a/members/member-flags.pl b/members/member-flags.pl
index e633c4a1c7..ac1ca5d567 100755
--- a/members/member-flags.pl
+++ b/members/member-flags.pl
@@ -8,7 +8,7 @@ use strict;
 
 use CGI;
 use C4::Output;
-use C4::Auth;
+use C4::Auth qw(:DEFAULT :EditPermissions);
 use C4::Context;
 use C4::Members;
 #use C4::Acquisitions;
@@ -38,34 +38,119 @@ $member2{'borrowernumber'}=$member;
 
 if ($input->param('newflags')) {
     my $dbh=C4::Context->dbh();
-    my $flags=0;
-    foreach ($input->param) {
-	if (/flag-(\d+)/) {
-	    my $flag=$1;
-	    $flags=$flags+2**$flag;
-	}
+
+    my @perms = $input->param('flag');
+    my %all_module_perms = ();
+    my %sub_perms = ();
+    foreach my $perm (@perms) {
+        if ($perm !~ /:/) {
+            $all_module_perms{$perm} = 1;
+        } else {
+            my ($module, $sub_perm) = split /:/, $perm, 2;
+            push @{ $sub_perms{$module} }, $sub_perm;
+        }
+    }
+
+    # construct flags
+    my $module_flags = 0;
+    my $sth=$dbh->prepare("SELECT bit,flag FROM userflags ORDER BY bit");
+    $sth->execute();
+    while (my ($bit, $flag) = $sth->fetchrow_array) {
+        if (exists $all_module_perms{$flag}) {
+            $module_flags += 2**$bit;
+        }
     }
-    my $sth=$dbh->prepare("update borrowers set flags=? where borrowernumber=?");
-    $sth->execute($flags, $member);
+    
+    $sth = $dbh->prepare("UPDATE borrowers SET flags=? WHERE borrowernumber=?");
+    $sth->execute($module_flags, $member);
+    
+    if (C4::Context->preference('CheckSpecificUserPermissions')) {
+        # deal with subpermissions
+        $sth = $dbh->prepare("DELETE FROM user_permissions WHERE borrowernumber = ?");
+        $sth->execute($member); 
+        $sth = $dbh->prepare("INSERT INTO user_permissions (borrowernumber, module_bit, code)
+                            SELECT ?, bit, ?
+                            FROM userflags
+                            WHERE flag = ?");
+        foreach my $module (keys %sub_perms) {
+            next if exists $all_module_perms{$module};
+            foreach my $sub_perm (@{ $sub_perms{$module} }) {
+                $sth->execute($member, $sub_perm, $module);
+            }
+        }
+    }
+    
     print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member");
 } else {
 #     my ($bor,$flags,$accessflags)=GetMemberDetails($member,'');
     my $flags = $bor->{'flags'};
     my $accessflags = $bor->{'authflags'};
     my $dbh=C4::Context->dbh();
-    my $sth=$dbh->prepare("select bit,flag,flagdesc from userflags order by bit");
+    my $all_perms  = get_all_subpermissions();
+    my $user_perms = get_user_subpermissions($bor->{'userid'});
+    my $sth=$dbh->prepare("SELECT bit,flag,flagdesc FROM userflags ORDER BY bit");
     $sth->execute;
     my @loop;
     while (my ($bit, $flag, $flagdesc) = $sth->fetchrow) {
-	my $checked='';
-	if ($accessflags->{$flag}) {
-	    $checked= 1;
-	}
-	my %row = ( bit => $bit,
-		 flag => $flag,
-		 checked => $checked,
-		 flagdesc => $flagdesc );
-	push @loop, \%row;
+	    my $checked='';
+	    if ($accessflags->{$flag}) {
+	        $checked= 1;
+	    }
+
+	    my %row = ( bit => $bit,
+		    flag => $flag,
+		    checked => $checked,
+		    flagdesc => $flagdesc );
+
+        if (C4::Context->preference('CheckSpecificUserPermissions')) {
+            my @sub_perm_loop = ();
+            my $expand_parent = 0;
+            if ($checked) {
+                if (exists $all_perms->{$flag}) {
+                    $expand_parent = 1;
+                    foreach my $sub_perm (sort keys %{ $all_perms->{$flag} }) {
+                        push @sub_perm_loop, {
+                            id => "${flag}_$sub_perm",
+                            perm => "$flag:$sub_perm",
+                            code => $sub_perm,
+                            description => $all_perms->{$flag}->{$sub_perm},
+                            checked => 1
+                        };
+                    }
+                }
+            } else {
+                if (exists $user_perms->{$flag}) {
+                    $expand_parent = 1;
+                    # put selected ones first
+                    foreach my $sub_perm (sort keys %{ $user_perms->{$flag} }) {
+                        push @sub_perm_loop, {
+                            id => "${flag}_$sub_perm",
+                            perm => "$flag:$sub_perm",
+                            code => $sub_perm,
+                            description => $all_perms->{$flag}->{$sub_perm},
+                            checked => 1
+                        };
+                    }
+                }
+                # then ones not selected
+                if (exists $all_perms->{$flag}) {
+                    foreach my $sub_perm (sort keys %{ $all_perms->{$flag} }) {
+                        push @sub_perm_loop, {
+                            id => "${flag}_$sub_perm",
+                            perm => "$flag:$sub_perm",
+                            code => $sub_perm,
+                            description => $all_perms->{$flag}->{$sub_perm},
+                            checked => 0
+                        } unless exists $user_perms->{$flag} and exists $user_perms->{$flag}->{$sub_perm};
+                    }
+                }
+            }
+            $row{expand} = $expand_parent;
+            if ($#sub_perm_loop > -1) {
+            $row{sub_perm_loop} = \@sub_perm_loop;
+            }
+        }
+	    push @loop, \%row;
     }
 
 	my $borrowercategory = GetBorrowercategory( $bor->{'categorycode'} );
-- 
2.20.1