3 # Copyright 2013 Rijksmuseum
5 # This file is part of Koha.
7 # Koha is free software; you can redistribute it and/or modify it
8 # under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # Koha is distributed in the hope that it will be useful, but
13 # WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with Koha; if not, see <http://www.gnu.org/licenses>.
22 use constant KEYLENGTH => 10;
23 use constant TEMPLATE_NAME => 'opac-shareshelf.tt';
24 use constant SHELVES_URL =>
25 '/cgi-bin/koha/opac-shelves.pl?display=privateshelves&viewshelf=';
35 use C4::VirtualShelves;
37 use Koha::Virtualshelves;
38 use Koha::Virtualshelfshares;
40 #-------------------------------------------------------------------------------
42 my $pvar = _init( {} );
43 if ( !$pvar->{errcode} ) {
44 show_invite($pvar) if $pvar->{op} eq 'invite';
45 confirm_invite($pvar) if $pvar->{op} eq 'conf_invite';
46 show_accept($pvar) if $pvar->{op} eq 'accept';
48 load_template_vars($pvar);
49 output_html_with_http_headers $pvar->{query}, $pvar->{cookie},
50 $pvar->{template}->output;
52 #-------------------------------------------------------------------------------
57 $param->{query} = $query;
58 $param->{shelfnumber} = $query->param('shelfnumber') || 0;
59 $param->{op} = $query->param('op') || '';
60 $param->{addrlist} = $query->param('invite_address') || '';
61 $param->{key} = $query->param('key') || '';
62 $param->{appr_addr} = [];
63 $param->{fail_addr} = [];
64 $param->{errcode} = check_common_errors($param);
67 if ( $param->{addrlist} ) {
68 $param->{addrlist} =~ s|^\s+||;
69 $param->{addrlist} =~ s|\s+$||;
72 #get some list details
74 my $shelfnumber = $param->{shelfnumber};
75 $shelf = Koha::Virtualshelves->find( $shelfnumber ) unless $param->{errcode};
76 $param->{shelfname} = $shelf ? $shelf->shelfname : q||;
77 $param->{owner} = $shelf ? $shelf->owner : -1;
78 $param->{category} = $shelf ? $shelf->category : -1;
80 load_template($param);
84 sub check_common_errors {
86 if ( $param->{op} !~ /^(invite|conf_invite|accept)$/ ) {
87 return 1; #no operation specified
89 if ( $param->{shelfnumber} !~ /^\d+$/ ) {
90 return 2; #invalid shelf number
92 if ( !C4::Context->preference('OpacAllowSharingPrivateLists') ) {
93 return 3; #not or no longer allowed?
100 return unless check_owner_category($param);
105 return unless check_owner_category($param);
106 process_addrlist($param);
107 if ( @{ $param->{appr_addr} } ) {
108 send_invitekey($param);
111 $param->{errcode} = 6; #not one valid address
118 my $shelfnumber = $param->{shelfnumber};
119 my $shelf = Koha::Virtualshelves->find( $shelfnumber );
121 # The key for accepting is checked later in Koha::Virtualshelf->share
122 # You must not be the owner and the list must be private
123 if ( $shelf->category == 2 or $shelf->owner == $param->{loggedinuser} ) {
127 # We could have used ->find with the share id, but we don't want to change
128 # the url sent to the patron
129 my $shared_shelf = Koha::Virtualshelfshares->search(
131 shelfnumber => $param->{shelfnumber},
134 order_by => 'sharedate desc',
139 if ( $shared_shelf ) {
140 $shared_shelf = $shared_shelf->next;
141 my $key = keytostring( stringtokey( $param->{key}, 0 ), 1 );
142 my $is_accepted = eval { $shared_shelf->accept( $key, $param->{loggedinuser} ) };
143 if ( $is_accepted ) {
144 notify_owner($param);
146 #redirect to view of this shared list
147 print $param->{query}->redirect(
148 -uri => SHELVES_URL . $param->{shelfnumber},
149 -cookie => $param->{cookie}
153 $param->{errcode} = 7; #not accepted (key not found or expired)
155 # This shelf is not shared
162 my $toaddr = C4::Members::GetNoticeEmailAddress( $param->{owner} );
166 my $letter = C4::Letters::GetPreparedLetter(
168 letter_code => 'SHARE_ACCEPT',
169 branchcode => C4::Context->userenv->{"branch"},
170 tables => { borrowers => $param->{loggedinuser}, },
171 substitute => { listname => $param->{shelfname}, },
174 #send letter to queue
175 C4::Letters::EnqueueLetter(
178 message_transport_type => 'email',
179 from_address => C4::Context->preference('KohaAdminEmailAddress'),
180 to_address => $toaddr,
185 sub process_addrlist {
187 my @temp = split /[,:;]/, $param->{addrlist};
190 foreach my $a (@temp) {
193 if ( IsEmailAddress($a) ) {
200 $param->{appr_addr} = \@appr_addr;
201 $param->{fail_addr} = \@fail_addr;
206 my $fromaddr = C4::Context->preference('KohaAdminEmailAddress');
208 C4::Context->preference('OPACBaseURL')
209 . "/cgi-bin/koha/opac-shareshelf.pl?shelfnumber="
210 . $param->{shelfnumber}
213 #TODO Waiting for the right http or https solution (BZ 8952 a.o.)
215 my @ok; #the addresses that were processed well
216 foreach my $a ( @{ $param->{appr_addr} } ) {
217 my @newkey = randomlist( KEYLENGTH, 64 ); #generate a new key
219 #add a preliminary share record
220 my $shelf = Koha::Virtualshelves->find( $param->{shelfnumber} );
221 my $key = keytostring( \@newkey, 1 );
222 my $is_shared = eval { $shelf->share( $key ); };
223 # TODO Better error handling, catch the exceptions
224 if ( $@ or not $is_shared ) {
225 push @{ $param->{fail_addr} }, $a;
231 my $letter = C4::Letters::GetPreparedLetter(
233 letter_code => 'SHARE_INVITE',
234 branchcode => C4::Context->userenv->{"branch"},
235 tables => { borrowers => $param->{loggedinuser}, },
237 listname => $param->{shelfname},
238 shareurl => $url . keytostring( \@newkey, 0 ),
242 #send letter to queue
243 C4::Letters::EnqueueLetter(
246 message_transport_type => 'email',
247 from_address => $fromaddr,
252 $param->{appr_addr} = \@ok;
255 sub check_owner_category {
258 #sharing user should be the owner
259 #list should be private
260 $param->{errcode} = 4 if $param->{owner} != $param->{loggedinuser};
261 $param->{errcode} = 5 if !$param->{errcode} && $param->{category} != 1;
262 return !defined $param->{errcode};
267 ( $param->{template}, $param->{loggedinuser}, $param->{cookie} ) =
268 get_template_and_user(
270 template_name => TEMPLATE_NAME,
271 query => $param->{query},
273 authnotrequired => 0, #should be a user
278 sub load_template_vars {
280 my $template = $param->{template};
281 my $appr = join '; ', @{ $param->{appr_addr} };
282 my $fail = join '; ', @{ $param->{fail_addr} };
284 errcode => $param->{errcode},
286 shelfnumber => $param->{shelfnumber},
287 shelfname => $param->{shelfname},
288 approvedaddress => $appr,
289 failaddress => $fail,
295 #TODO candidate for a module?
296 return Email::Valid->address( $_[0] ) ? 1 : 0;
301 #uses rand, safe enough for this application but not for more sensitive data
302 my ( $length, $base ) = @_;
303 return map { int( rand($base) ); } 1 .. $length;
307 my ( $keyref, $flgBase64 ) = @_;
309 my $alphabet = [ 'A' .. 'Z', 'a' .. 'z', 0 .. 9, '+', '/' ];
310 return join '', map { alphabet_char( $_, $alphabet ); } @$keyref;
312 return join '', map { sprintf( "%02d", $_ ); } @$keyref;
316 my ( $str, $flgBase64 ) = @_;
317 my @temp = split '', $str || '';
319 my $alphabet = [ 'A' .. 'Z', 'a' .. 'z', 0 .. 9, '+', '/' ];
320 return [ map { alphabet_ordinal( $_, $alphabet ); } @temp ];
322 return [] if $str !~ /^\d+$/;
324 for ( my $i = 0 ; $i < @temp - 1 ; $i += 2 ) {
325 push @retval, $temp[$i] * 10 + $temp[ $i + 1 ];
330 sub alphabet_ordinal {
331 my ( $char, $alphabet ) = @_;
332 for my $ord ( 0 .. $#$alphabet ) {
333 return $ord if $char eq $alphabet->[$ord];
335 return ''; #ignore missing chars
340 #reverse operation for ordinal; ignore invalid numbers
341 my ( $num, $alphabet ) = @_;
342 return $num =~ /^\d+$/ && $num <= $#$alphabet ? $alphabet->[$num] : '';