From 49a3b581b7d68251a0bf76aaf84b0565a6226fce Mon Sep 17 00:00:00 2001 From: Marcel de Rooy Date: Mon, 14 Mar 2016 13:42:10 +0100 Subject: [PATCH] Bug 14686: Add two granular permission for upload under tools [1] Upload_general_files This will allow you to access the tools/upload form via the Tools menu. And it will also allow you to add permanent uploads. [2] Upload_manage It will allow you to delete uploads from other users. Note that anyone may delete his own uploads. It is not meant to include upload_general_files. In order to not disturb existing users that now have edit_catalogue and are using the plugin (read: added at least one record to uploaded_files), we will add the first permission for them. New users will need to be authorized in the usual way thereafter. Note: If you only have one of the other permissions checked in allows_add_by, e.g. stage_marc_import, you can add temporary uploads, but not permanent uploads. Test plan: We are only testing the dbrev here, not if the perm works as advertised. [1] Run the dbrev and check that you see the perms with a description on the Patron/Set permissions page. [2] If you had records in uploaded_files and a user with edit_catalogue *only*, verify that this user now also has upload_general_files. Signed-off-by: Mirko Tietgen Signed-off-by: Jonathan Druart Signed-off-by: Brendan Gallagher --- .../mysql/atomicupdate/14686_permissions.sql | 20 +++++++++++++++++++ .../prog/en/includes/permissions.inc | 2 ++ 2 files changed, 22 insertions(+) create mode 100644 installer/data/mysql/atomicupdate/14686_permissions.sql diff --git a/installer/data/mysql/atomicupdate/14686_permissions.sql b/installer/data/mysql/atomicupdate/14686_permissions.sql new file mode 100644 index 0000000000..24b4747842 --- /dev/null +++ b/installer/data/mysql/atomicupdate/14686_permissions.sql @@ -0,0 +1,20 @@ +-- Insert permission +INSERT IGNORE INTO permissions (module_bit, code, description) VALUES + (13, 'upload_general_files', 'Upload any file'), + (13, 'upload_manage', 'Manage uploaded files'); + +-- Update user_permissions for current users (check count in uploaded_files) +-- Note 9 == edit_catalogue and 13 == tools +-- We do not insert if someone is superlibrarian, does not have edit_catalogue, +-- or already has all tools +INSERT IGNORE INTO user_permissions (borrowernumber, module_bit, code) + SELECT borrowernumber, 13, 'upload_general_files' + FROM borrowers bo + WHERE flags<>1 AND flags & POW(2,13) = 0 AND + ( flags & POW(2,9) > 0 OR ( + SELECT COUNT(*) FROM user_permissions + WHERE borrowernumber=bo.borrowernumber AND module_bit=9 ) > 0 ) + AND ( SELECT COUNT(*) FROM uploaded_files ) > 0 + +# Copy-paste for RM use: +# print "Upgrade to $DBversion done (Bug 14686 - New menu option and permission for file uploading)\n"; diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc index 4a262b97a2..68c6001bd3 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/permissions.inc @@ -100,5 +100,7 @@ [%- CASE 'report' -%]Use report plugins [%- CASE 'tool' -%]Use tool plugins [%- CASE 'delete_public_lists' -%]Delete public lists + [%- CASE 'upload_general_files' -%]Upload any file + [%- CASE 'upload_manage' -%]Manage uploaded files (Useless without upload_general_files) [%- END -%] [%- END -%] -- 2.39.5