From e88a1ec4b8e00cde21935fa0378b9c5fb20f8bd9 Mon Sep 17 00:00:00 2001 From: Henri-Damien LAURENT Date: Wed, 6 Apr 2011 17:28:45 +0200 Subject: [PATCH] Bug 6014 : MT3138 Adding some permission management to viewlog If user can not access reports, then form to search the logs is not displayed. It also improves the presentation. C4/Log.pm - adds the fact that we can enter multiple actions - fixes the fact that user information was truncated circ-menu.inc: Fixing information passed to the viewlog from circ-menu Signed-off-by: fdurand Signed-off-by: Chris Cormack (cherry picked from commit 99b49e2b1aa2e5d2629f1167e2b63c3b3158ffe8) Signed-off-by: Chris Nighswonger --- C4/Log.pm | 24 +++--- .../prog/en/includes/circ-menu.inc | 2 +- .../prog/en/modules/tools/viewlog.tmpl | 73 +++++++++++++++++++ tools/viewlog.pl | 22 +++--- 4 files changed, 97 insertions(+), 24 deletions(-) diff --git a/C4/Log.pm b/C4/Log.pm index 141621a118..af5fbc6a5e 100644 --- a/C4/Log.pm +++ b/C4/Log.pm @@ -214,31 +214,27 @@ sub GetLogs { $query .= " AND DATE_FORMAT(timestamp, '%Y-%m-%d') >= \"".$iso_datefrom."\" " if $iso_datefrom; #fix me - mysql specific $query .= " AND DATE_FORMAT(timestamp, '%Y-%m-%d') <= \"".$iso_dateto."\" " if $iso_dateto; if($user) { - $query .= " AND user LIKE ? "; - push(@parameters,"%".$user."%"); + $query .= " AND user = ? "; + push(@parameters,$user); } if(scalar @$modules > 1 or @$modules[0] ne "") { - $query .= " AND (1 = 2"; #always false but used to build the query - foreach my $module (@$modules) { - next if $module eq ""; - $query .= " or module = ?"; - push(@parameters,$module); - } - $query .= ")"; + $query .= " AND module IN (".join(",",map {"?"} @$modules).") "; + push(@parameters,@$modules); } - if($action) { - $query .= " AND action LIKE ? "; - push(@parameters,"%".$action."%"); + if($action && scalar(@$action)) { + $query .= " AND action IN (".join(",",map {"?"} @$action).") "; + push(@parameters,@$action); } if($object) { - $query .= " AND object LIKE ? "; - push(@parameters,"%".$object."%"); + $query .= " AND object = ? "; + push(@parameters,$object); } if($info) { $query .= " AND info LIKE ? "; push(@parameters,"%".$info."%"); } + warn $query, join("/",@parameters); my $sth = $dbh->prepare($query); $sth->execute(@parameters); diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc index 56dd2f227c..8cf2e480de 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc @@ -62,7 +62,7 @@
  • ">Fines
  • ">Circulation History
  • -
  • &src=circ">Modification Log
  • +
  • &src=circ">Modification Log
  • ">Messaging
  • diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/tools/viewlog.tmpl b/koha-tmpl/intranet-tmpl/prog/en/modules/tools/viewlog.tmpl index fa99af2607..e68a42aeb9 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/tools/viewlog.tmpl +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/tools/viewlog.tmpl @@ -27,6 +27,7 @@
    +

    Browse system logs

    @@ -201,7 +202,79 @@
    + + + + +

    lines found.

    + + + + + + + + + + + + + + + + + + + +
    DateLibrarianModuleActionObjectInfo
    + + " title="display detail for this user."> + + " title="display detail for this librarian."> + + + + " title="Display member details."> member + + + " title="Display member details."> member + + + + &biblionumber=&bi=#item">Item + + " title="Display detail for this biblio">biblio + + + + "> + + + + + + + + + &biblionumber=&bi=#item" title="Display detail for this biblio">Item + + + +
    + +
    + No log found + + for ">Bibliographic Record + + + for "> () + + . +
    + +
    diff --git a/tools/viewlog.pl b/tools/viewlog.pl index 84c247468b..dc266e9be7 100755 --- a/tools/viewlog.pl +++ b/tools/viewlog.pl @@ -47,7 +47,7 @@ $debug or $debug = $cgi_debug; my $do_it = $input->param('do_it'); my @modules = $input->param("modules"); my $user = $input->param("user"); -my $action = $input->param("action"); +my @action = $input->param("action"); my $object = $input->param("object"); my $info = $input->param("info"); my $datefrom = $input->param("from"); @@ -104,12 +104,16 @@ $template->param( if ($do_it) { - my $results = GetLogs($datefrom,$dateto,$user,\@modules,$action,$object,$info); - my $total = scalar @$results; - foreach my $result (@$results){ - if ($result->{'info'} eq 'item'){ + my @data; + my $results = GetLogs($datefrom,$dateto,$user,\@modules,\@action,$object,$info); + @data=@$results; + my $total = scalar @data; + foreach my $result (@data){ + if ($result->{'info'} eq 'item'||$result->{module} eq "CIRCULATION"){ # get item information so we can create a working link - my $item=GetItem($result->{'object'}); + my $itemnumber=$result->{'object'}; + $itemnumber=$result->{'info'} if ($result->{module} eq "CIRCULATION"); + my $item=GetItem($itemnumber); $result->{'biblionumber'}=$item->{'biblionumber'}; $result->{'biblioitemnumber'}=$item->{'biblionumber'}; } @@ -120,13 +124,13 @@ if ($do_it) { $template->param ( logview => 1, total => $total, - looprow => $results, + looprow => \@data, do_it => 1, datefrom => $datefrom, dateto => $dateto, user => $user, object => $object, - action => $action, + action => \@action, info => $info, src => $src, ); @@ -144,7 +148,7 @@ if ($do_it) { -filename => "$basename.csv" ); my $sep = C4::Context->preference("delimiter"); - foreach my $line (@$results) { + foreach my $line (@data) { #next unless $modules[0] eq "catalogue"; foreach (qw(timestamp firstname surname action info title author)) { print $line->{$_} . $sep; -- 2.39.5