projects / koha.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Variable redeclared in same scope
[koha.git] / C4 / Auth.pm
diff --git a/C4/Auth.pm b/C4/Auth.pm
old mode 100755 (executable)
new mode 100644 (file)
index 608fd9b..2f13b86
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -13,11 +13,12 @@ package C4::Auth;
 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
 # A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
 #
 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
 # A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
 #
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA  02111-1307 USA
+# You should have received a copy of the GNU General Public License along
+# with Koha; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 
 use strict;
 
 use strict;
+#use warnings; FIXME - Bug 2505
 use Digest::MD5 qw(md5_base64);
 use Storable qw(thaw freeze);
 use URI::Escape;
 use Digest::MD5 qw(md5_base64);
 use Storable qw(thaw freeze);
 use URI::Escape;
@@ -83,44 +84,46 @@ C4::Auth - Authenticates Koha users
 
 =head1 DESCRIPTION
 
 
 =head1 DESCRIPTION
 
-    The main function of this module is to provide
-    authentification. However the get_template_and_user function has
-    been provided so that a users login information is passed along
-    automatically. This gets loaded into the template.
+The main function of this module is to provide
+authentification. However the get_template_and_user function has
+been provided so that a users login information is passed along
+automatically. This gets loaded into the template.
 
 =head1 FUNCTIONS
 
 
 =head1 FUNCTIONS
 
-=over 2
-
-=item get_template_and_user
-
-    my ($template, $borrowernumber, $cookie)
-        = get_template_and_user(
-          {
-            template_name   => "opac-main.tmpl",
-            query           => $query,
-            type            => "opac",
-            authnotrequired => 1,
-            flagsrequired   => {borrow => 1, catalogue => '*', tools => 'import_patrons' },
-          }
-        );
-
-    This call passes the C<query>, C<flagsrequired> and C<authnotrequired>
-    to C<&checkauth> (in this module) to perform authentification.
-    See C<&checkauth> for an explanation of these parameters.
-
-    The C<template_name> is then used to find the correct template for
-    the page. The authenticated users details are loaded onto the
-    template in the HTML::Template LOOP variable C<USER_INFO>. Also the
-    C<sessionID> is passed to the template. This can be used in templates
-    if cookies are disabled. It needs to be put as and input to every
-    authenticated page.
-
-    More information on the C<gettemplate> sub can be found in the
-    Output.pm module.
+=head2 get_template_and_user
+
+ my ($template, $borrowernumber, $cookie)
+     = get_template_and_user(
+       {
+         template_name   => "opac-main.tmpl",
+         query           => $query,
+         type            => "opac",
+         authnotrequired => 1,
+         flagsrequired   => {borrow => 1, catalogue => '*', tools => 'import_patrons' },
+       }
+     );
+
+This call passes the C<query>, C<flagsrequired> and C<authnotrequired>
+to C<&checkauth> (in this module) to perform authentification.
+See C<&checkauth> for an explanation of these parameters.
+
+The C<template_name> is then used to find the correct template for
+the page. The authenticated users details are loaded onto the
+template in the HTML::Template LOOP variable C<USER_INFO>. Also the
+C<sessionID> is passed to the template. This can be used in templates
+if cookies are disabled. It needs to be put as and input to every
+authenticated page.
+
+More information on the C<gettemplate> sub can be found in the
+Output.pm module.
 
 =cut
 
 
 =cut
 
+my $SEARCH_HISTORY_INSERT_SQL =<<EOQ;
+INSERT INTO search_history(userid, sessionid, query_desc, query_cgi, total, time            )
+VALUES                    (     ?,         ?,          ?,         ?,     ?, FROM_UNIXTIME(?))
+EOQ
 sub get_template_and_user {
     my $in       = shift;
     my $template =
 sub get_template_and_user {
     my $in       = shift;
     my $template =
@@ -165,7 +168,8 @@ sub get_template_and_user {
                        $template->param(       bartotal                => $total->{'bartotal'}, ) if ($total->{'bartotal'} > scalar (@$barshelves));
                }
 
                        $template->param(       bartotal                => $total->{'bartotal'}, ) if ($total->{'bartotal'} > scalar (@$barshelves));
                }
 
-        $borrowernumber = getborrowernumber($user);
+        $borrowernumber = getborrowernumber($user) if defined($user);
+
         my ( $borr ) = GetMemberDetails( $borrowernumber );
         my @bordat;
         $bordat[0] = $borr;
         my ( $borr ) = GetMemberDetails( $borrowernumber );
         my @bordat;
         $bordat[0] = $borr;
@@ -202,24 +206,16 @@ sub get_template_and_user {
             }
         }
 
             }
         }
 
-        if (C4::Context->preference('GranularPermissions')) {
-            if ( $flags ) {
-                foreach my $module (keys %$all_perms) {
-                    if ( $flags->{$module} == 1) {
-                        foreach my $subperm (keys %{ $all_perms->{$module} }) {
-                            $template->param( "CAN_user_${module}_${subperm}" => 1 );
-                        }
-                    } elsif ( ref($flags->{$module}) ) {
-                        foreach my $subperm (keys %{ $flags->{$module} } ) {
-                            $template->param( "CAN_user_${module}_${subperm}" => 1 );
-                        }
-                    }
-                }
-            }
-        } else {
+        if ( $flags ) {
             foreach my $module (keys %$all_perms) {
             foreach my $module (keys %$all_perms) {
-                foreach my $subperm (keys %{ $all_perms->{$module} }) {
-                    $template->param( "CAN_user_${module}_${subperm}" => 1 );
+                if ( $flags->{$module} == 1) {
+                    foreach my $subperm (keys %{ $all_perms->{$module} }) {
+                        $template->param( "CAN_user_${module}_${subperm}" => 1 );
+                    }
+                } elsif ( ref($flags->{$module}) ) {
+                    foreach my $subperm (keys %{ $flags->{$module} } ) {
+                        $template->param( "CAN_user_${module}_${subperm}" => 1 );
+                    }
                 }
             }
         }
                 }
             }
         }
@@ -250,31 +246,19 @@ sub get_template_and_user {
 
                        # And if there's a cookie with searches performed when the user was not logged in, 
                        # we add them to the logged-in search history
 
                        # And if there's a cookie with searches performed when the user was not logged in, 
                        # we add them to the logged-in search history
-                       my @recentSearches;
                        my $searchcookie = $in->{'query'}->cookie('KohaOpacRecentSearches');
                        if ($searchcookie){
                                $searchcookie = uri_unescape($searchcookie);
                        my $searchcookie = $in->{'query'}->cookie('KohaOpacRecentSearches');
                        if ($searchcookie){
                                $searchcookie = uri_unescape($searchcookie);
-                               if (thaw($searchcookie)) {
-                                       @recentSearches = @{thaw($searchcookie)};
-                               }
-
-                               if (@recentSearches > 0) {
-                                       my $query = "INSERT INTO search_history(userid, sessionid, query_desc, query_cgi, total, time) VALUES";
-                                       my $icount = 1;
-                                       foreach my $asearch (@recentSearches) {
-                                               $query .= "(";
-                                               $query .= $borrowernumber . ", ";
-                                               $query .= '"' . $in->{'query'}->cookie("CGISESSID") . "\", ";
-                                               $query .= '"' . $asearch->{'query_desc'} . "\", ";
-                                               $query .= '"' . $asearch->{'query_cgi'} . "\", ";
-                                               $query .=       $asearch->{'total'} . ", ";
-                                               $query .= 'FROM_UNIXTIME(' . $asearch->{'time'} . "))";
-                                               if ($icount < @recentSearches) { $query .= ", ";}
-                                               $icount++;
-                                       }
-
-                                       my $sth = $dbh->prepare($query);
-                                       $sth->execute;
+                               my @recentSearches = @{thaw($searchcookie) || []};
+                               if (@recentSearches) {
+                                       my $sth = $dbh->prepare($SEARCH_HISTORY_INSERT_SQL);
+                                       $sth->execute( $borrowernumber,
+                                                      $in->{'query'}->cookie("CGISESSID"),
+                                                      $_->{'query_desc'},
+                                                      $_->{'query_cgi'},
+                                                      $_->{'total'},
+                                                      $_->{'time'},
+                                        ) foreach @recentSearches;
 
                                        # And then, delete the cookie's content
                                        my $newsearchcookie = $in->{'query'}->cookie(
 
                                        # And then, delete the cookie's content
                                        my $newsearchcookie = $in->{'query'}->cookie(
@@ -313,16 +297,30 @@ sub get_template_and_user {
     }
        # Anonymous opac search history
        # If opac search history is enabled and at least one search has already been performed
     }
        # Anonymous opac search history
        # If opac search history is enabled and at least one search has already been performed
-       if (C4::Context->preference('EnableOpacSearchHistory') && $in->{'query'}->cookie('KohaOpacRecentSearches')) {
+       if (C4::Context->preference('EnableOpacSearchHistory')) {
+               my $searchcookie = $in->{'query'}->cookie('KohaOpacRecentSearches');
+               if ($searchcookie){
+                       $searchcookie = uri_unescape($searchcookie);
+                       my @recentSearches = @{thaw($searchcookie) || []};
            # We show the link in opac
            # We show the link in opac
-           if (thaw(uri_unescape($in->{'query'}->cookie('KohaOpacRecentSearches')))) {
-                       my @recentSearches = @{thaw(uri_unescape($in->{'query'}->cookie('KohaOpacRecentSearches')))};
-                       if (@recentSearches > 0) {
+                       if (@recentSearches) {
                                $template->param(ShowOpacRecentSearchLink => 1);
                        }
            }
        }
 
                                $template->param(ShowOpacRecentSearchLink => 1);
                        }
            }
        }
 
+    if(C4::Context->preference('dateformat')){
+        if(C4::Context->preference('dateformat') eq "metric"){
+            $template->param(dateformat_metric => 1);
+        } elsif(C4::Context->preference('dateformat') eq "us"){
+            $template->param(dateformat_us => 1);
+        } else {
+            $template->param(dateformat_iso => 1);
+        }
+    } else {
+        $template->param(dateformat_iso => 1);
+    }
+
     # these template parameters are set the same regardless of $in->{'type'}
     $template->param(
             "BiblioDefaultView".C4::Context->preference("BiblioDefaultView")         => 1,
     # these template parameters are set the same regardless of $in->{'type'}
     $template->param(
             "BiblioDefaultView".C4::Context->preference("BiblioDefaultView")         => 1,
@@ -337,13 +335,18 @@ sub get_template_and_user {
             'item-level_itypes'          => C4::Context->preference('item-level_itypes'),
             patronimages                 => C4::Context->preference("patronimages"),
             singleBranchMode             => C4::Context->preference("singleBranchMode"),
             'item-level_itypes'          => C4::Context->preference('item-level_itypes'),
             patronimages                 => C4::Context->preference("patronimages"),
             singleBranchMode             => C4::Context->preference("singleBranchMode"),
-            XSLTDetailsDisplay        => C4::Context->preference("XSLTDetailsDisplay"),
-            XSLTResultsDisplay        => C4::Context->preference("XSLTResultsDisplay"),
-                 );
+            XSLTDetailsDisplay           => C4::Context->preference("XSLTDetailsDisplay"),
+            XSLTResultsDisplay           => C4::Context->preference("XSLTResultsDisplay"),
+            BranchesLoop                 => GetBranchesLoop(),
+            using_https                  => $in->{'query'}->https() ? 1 : 0,
+            noItemTypeImages            => C4::Context->preference("noItemTypeImages"),
+    );
 
     if ( $in->{'type'} eq "intranet" ) {
         $template->param(
             AmazonContent               => C4::Context->preference("AmazonContent"),
 
     if ( $in->{'type'} eq "intranet" ) {
         $template->param(
             AmazonContent               => C4::Context->preference("AmazonContent"),
+            AmazonCoverImages           => C4::Context->preference("AmazonCoverImages"),
+            AmazonEnabled               => C4::Context->preference("AmazonEnabled"),
             AmazonSimilarItems          => C4::Context->preference("AmazonSimilarItems"),
             AutoLocation                => C4::Context->preference("AutoLocation"),
             "BiblioDefaultView".C4::Context->preference("IntranetBiblioDefaultView") => 1,
             AmazonSimilarItems          => C4::Context->preference("AmazonSimilarItems"),
             AutoLocation                => C4::Context->preference("AutoLocation"),
             "BiblioDefaultView".C4::Context->preference("IntranetBiblioDefaultView") => 1,
@@ -354,15 +357,14 @@ sub get_template_and_user {
             IntranetmainUserblock       => C4::Context->preference("IntranetmainUserblock"),
             LibraryName                 => C4::Context->preference("LibraryName"),
             LoginBranchname             => (C4::Context->userenv?C4::Context->userenv->{"branchname"}:"insecure"),
             IntranetmainUserblock       => C4::Context->preference("IntranetmainUserblock"),
             LibraryName                 => C4::Context->preference("LibraryName"),
             LoginBranchname             => (C4::Context->userenv?C4::Context->userenv->{"branchname"}:"insecure"),
-            TemplateEncoding            => C4::Context->preference("TemplateEncoding"),
             advancedMARCEditor          => C4::Context->preference("advancedMARCEditor"),
             canreservefromotherbranches => C4::Context->preference('canreservefromotherbranches'),
             intranetcolorstylesheet     => C4::Context->preference("intranetcolorstylesheet"),
             intranetreadinghistory      => C4::Context->preference("intranetreadinghistory"),
             intranetstylesheet          => C4::Context->preference("intranetstylesheet"),
             advancedMARCEditor          => C4::Context->preference("advancedMARCEditor"),
             canreservefromotherbranches => C4::Context->preference('canreservefromotherbranches'),
             intranetcolorstylesheet     => C4::Context->preference("intranetcolorstylesheet"),
             intranetreadinghistory      => C4::Context->preference("intranetreadinghistory"),
             intranetstylesheet          => C4::Context->preference("intranetstylesheet"),
+            IntranetUserCSS             => C4::Context->preference("IntranetUserCSS"),
             intranetuserjs              => C4::Context->preference("intranetuserjs"),
             intranetbookbag             => C4::Context->preference("intranetbookbag"),
             intranetuserjs              => C4::Context->preference("intranetuserjs"),
             intranetbookbag             => C4::Context->preference("intranetbookbag"),
-            noItemTypeImages            => C4::Context->preference("noItemTypeImages"),
             suggestion                  => C4::Context->preference("suggestion"),
             virtualshelves              => C4::Context->preference("virtualshelves"),
             StaffSerialIssueDisplayCount => C4::Context->preference("StaffSerialIssueDisplayCount"),
             suggestion                  => C4::Context->preference("suggestion"),
             virtualshelves              => C4::Context->preference("virtualshelves"),
             StaffSerialIssueDisplayCount => C4::Context->preference("StaffSerialIssueDisplayCount"),
@@ -392,8 +394,12 @@ sub get_template_and_user {
             LibraryName               => "" . C4::Context->preference("LibraryName"),
             LibraryNameTitle          => "" . $LibraryNameTitle,
             LoginBranchname           => C4::Context->userenv?C4::Context->userenv->{"branchname"}:"",
             LibraryName               => "" . C4::Context->preference("LibraryName"),
             LibraryNameTitle          => "" . $LibraryNameTitle,
             LoginBranchname           => C4::Context->userenv?C4::Context->userenv->{"branchname"}:"",
-            OPACAmazonSimilarItems    => "" . C4::Context->preference("OPACAmazonSimilarItems"),
+            OPACAmazonEnabled         => C4::Context->preference("OPACAmazonEnabled"),
+            OPACAmazonSimilarItems    => C4::Context->preference("OPACAmazonSimilarItems"),
+            OPACAmazonCoverImages     => C4::Context->preference("OPACAmazonCoverImages"),
+            OPACAmazonReviews         => C4::Context->preference("OPACAmazonReviews"),
             OPACFRBRizeEditions       => C4::Context->preference("OPACFRBRizeEditions"),
             OPACFRBRizeEditions       => C4::Context->preference("OPACFRBRizeEditions"),
+            OpacHighlightedWords       => C4::Context->preference("OpacHighlightedWords"),
             OPACItemHolds             => C4::Context->preference("OPACItemHolds"),
             OPACShelfBrowser          => "". C4::Context->preference("OPACShelfBrowser"),
             OPACURLOpenInNewWindow    => "" . C4::Context->preference("OPACURLOpenInNewWindow"),
             OPACItemHolds             => C4::Context->preference("OPACItemHolds"),
             OPACShelfBrowser          => "". C4::Context->preference("OPACShelfBrowser"),
             OPACURLOpenInNewWindow    => "" . C4::Context->preference("OPACURLOpenInNewWindow"),
@@ -415,7 +421,6 @@ sub get_template_and_user {
             OPACFinesTab              => C4::Context->preference("OPACFinesTab"),
             OpacTopissue              => C4::Context->preference("OpacTopissue"),
             RequestOnOpac             => C4::Context->preference("RequestOnOpac"),
             OPACFinesTab              => C4::Context->preference("OPACFinesTab"),
             OpacTopissue              => C4::Context->preference("OpacTopissue"),
             RequestOnOpac             => C4::Context->preference("RequestOnOpac"),
-            TemplateEncoding          => "". C4::Context->preference("TemplateEncoding"),
             'Version'                 => C4::Context->preference('Version'),
             hidelostitems             => C4::Context->preference("hidelostitems"),
             mylibraryfirst            => (C4::Context->preference("SearchMyLibraryFirst") && C4::Context->userenv) ? C4::Context->userenv->{'branch'} : '',
             'Version'                 => C4::Context->preference('Version'),
             hidelostitems             => C4::Context->preference("hidelostitems"),
             mylibraryfirst            => (C4::Context->preference("SearchMyLibraryFirst") && C4::Context->userenv) ? C4::Context->userenv->{'branch'} : '',
@@ -433,14 +438,29 @@ sub get_template_and_user {
             reviewson                 => C4::Context->preference("reviewson"),
             suggestion                => "" . C4::Context->preference("suggestion"),
             virtualshelves            => "" . C4::Context->preference("virtualshelves"),
             reviewson                 => C4::Context->preference("reviewson"),
             suggestion                => "" . C4::Context->preference("suggestion"),
             virtualshelves            => "" . C4::Context->preference("virtualshelves"),
-                       OPACSerialIssueDisplayCount => C4::Context->preference("OPACSerialIssueDisplayCount"),
+            OPACSerialIssueDisplayCount => C4::Context->preference("OPACSerialIssueDisplayCount"),
+            OpacAddMastheadLibraryPulldown => C4::Context->preference("OpacAddMastheadLibraryPulldown"),
+            OPACXSLTDetailsDisplay           => C4::Context->preference("OPACXSLTDetailsDisplay"),
+            OPACXSLTResultsDisplay           => C4::Context->preference("OPACXSLTResultsDisplay"),
+            SyndeticsClientCode          => C4::Context->preference("SyndeticsClientCode"),
+            SyndeticsEnabled             => C4::Context->preference("SyndeticsEnabled"),
+            SyndeticsCoverImages         => C4::Context->preference("SyndeticsCoverImages"),
+            SyndeticsTOC                 => C4::Context->preference("SyndeticsTOC"),
+            SyndeticsSummary             => C4::Context->preference("SyndeticsSummary"),
+            SyndeticsEditions            => C4::Context->preference("SyndeticsEditions"),
+            SyndeticsExcerpt             => C4::Context->preference("SyndeticsExcerpt"),
+            SyndeticsReviews             => C4::Context->preference("SyndeticsReviews"),
+            SyndeticsAuthorNotes         => C4::Context->preference("SyndeticsAuthorNotes"),
+            SyndeticsAwards              => C4::Context->preference("SyndeticsAwards"),
+            SyndeticsSeries              => C4::Context->preference("SyndeticsSeries"),
+            SyndeticsCoverImageSize      => C4::Context->preference("SyndeticsCoverImageSize"),
         );
     }
        $template->param(listloop=>[{shelfname=>"Freelist", shelfnumber=>110}]);
     return ( $template, $borrowernumber, $cookie, $flags);
 }
 
         );
     }
        $template->param(listloop=>[{shelfname=>"Freelist", shelfnumber=>110}]);
     return ( $template, $borrowernumber, $cookie, $flags);
 }
 
-=item checkauth
+=head2 checkauth
 
   ($userid, $cookie, $sessionID) = &checkauth($query, $noauth, $flagsrequired, $type);
 
 
   ($userid, $cookie, $sessionID) = &checkauth($query, $noauth, $flagsrequired, $type);
 
@@ -475,21 +495,22 @@ that the user must have the "circulate" privilege in order to
 proceed. To make sure that access control is correct, the
 C<$flagsrequired> parameter must be specified correctly.
 
 proceed. To make sure that access control is correct, the
 C<$flagsrequired> parameter must be specified correctly.
 
-If the GranularPermissions system preference is ON, the
-value of each key in the C<flagsrequired> hash takes on an additional
-meaning, e.g.,
+Koha also has a concept of sub-permissions, also known as
+granular permissions.  This makes the value of each key
+in the C<flagsrequired> hash take on an additional
+meaning, i.e.,
 
 
-=item 1
+ 1
 
 The user must have access to all subfunctions of the module
 specified by the hash key.
 
 
 The user must have access to all subfunctions of the module
 specified by the hash key.
 
-=item *
+ *
 
 The user must have access to at least one subfunction of the module
 specified by the hash key.
 
 
 The user must have access to at least one subfunction of the module
 specified by the hash key.
 
-=item specific permission, e.g., 'export_catalog'
+ specific permission, e.g., 'export_catalog'
 
 The user must have access to the specific subfunction list, which
 must correspond to a row in the permissions table.
 
 The user must have access to the specific subfunction list, which
 must correspond to a row in the permissions table.
@@ -697,7 +718,7 @@ sub checkauth {
                    ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password, $query );
                }
                if ($return) {
                    ( $return, $cardnumber ) = checkpw( $dbh, $userid, $password, $query );
                }
                if ($return) {
-               _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},localtime);
+               _session_log(sprintf "%20s from %16s logged in  at %30s.\n", $userid,$ENV{'REMOTE_ADDR'},(strftime '%c', localtime));
                if ( $flags = haspermission(  $userid, $flagsrequired ) ) {
                                        $loggedin = 1;
                }
                if ( $flags = haspermission(  $userid, $flagsrequired ) ) {
                                        $loggedin = 1;
                }
@@ -918,7 +939,6 @@ sub checkauth {
         intranetbookbag    => C4::Context->preference("intranetbookbag"),
         IntranetNav        => C4::Context->preference("IntranetNav"),
         intranetuserjs     => C4::Context->preference("intranetuserjs"),
         intranetbookbag    => C4::Context->preference("intranetbookbag"),
         IntranetNav        => C4::Context->preference("IntranetNav"),
         intranetuserjs     => C4::Context->preference("intranetuserjs"),
-        TemplateEncoding   => C4::Context->preference("TemplateEncoding"),
         IndependantBranches=> C4::Context->preference("IndependantBranches"),
         AutoLocation       => C4::Context->preference("AutoLocation"),
                wrongip            => $info{'wrongip'}
         IndependantBranches=> C4::Context->preference("IndependantBranches"),
         AutoLocation       => C4::Context->preference("AutoLocation"),
                wrongip            => $info{'wrongip'}
@@ -949,7 +969,7 @@ sub checkauth {
     exit;
 }
 
     exit;
 }
 
-=item check_api_auth
+=head2 check_api_auth
 
   ($status, $cookie, $sessionId) = check_api_auth($query, $userflags);
 
 
   ($status, $cookie, $sessionId) = check_api_auth($query, $userflags);
 
@@ -969,7 +989,7 @@ are OK.
 
 Possible return values in C<$status> are:
 
 
 Possible return values in C<$status> are:
 
-=over 4
+=over
 
 =item "ok" -- user authenticated; C<$cookie> and C<$sessionid> have valid values.
 
 
 =item "ok" -- user authenticated; C<$cookie> and C<$sessionid> have valid values.
 
@@ -1183,7 +1203,7 @@ sub check_api_auth {
     }
 }
 
     }
 }
 
-=item check_cookie_auth
+=head2 check_cookie_auth
 
   ($status, $sessionId) = check_api_auth($cookie, $userflags);
 
 
   ($status, $sessionId) = check_api_auth($cookie, $userflags);
 
@@ -1196,7 +1216,7 @@ have been authenticated in the usual way.
 
 Possible return values in C<$status> are:
 
 
 Possible return values in C<$status> are:
 
-=over 4
+=over
 
 =item "ok" -- user authenticated; C<$sessionID> have valid values.
 
 
 =item "ok" -- user authenticated; C<$sessionID> have valid values.
 
@@ -1292,7 +1312,7 @@ sub check_cookie_auth {
     }
 }
 
     }
 }
 
-=item get_session
+=head2 get_session
 
   use CGI::Session;
   my $session = get_session($sessionID);
 
   use CGI::Session;
   my $session = get_session($sessionID);
@@ -1396,7 +1416,7 @@ sub checkpw {
     return 0;
 }
 
     return 0;
 }
 
-=item getuserflags
+=head2 getuserflags
 
     my $authflags = getuserflags($flags, $userid, [$dbh]);
 
 
     my $authflags = getuserflags($flags, $userid, [$dbh]);
 
@@ -1436,24 +1456,20 @@ sub getuserflags {
     return $userflags;
 }
 
     return $userflags;
 }
 
-=item get_user_subpermissions
-
-=over 4
-
-my $user_perm_hashref = get_user_subpermissions($userid);
+=head2 get_user_subpermissions
 
 
-=back
+  $user_perm_hashref = get_user_subpermissions($userid);
 
 Given the userid (note, not the borrowernumber) of a staff user,
 return a hashref of hashrefs of the specific subpermissions
 accorded to the user.  An example return is
 
 
 Given the userid (note, not the borrowernumber) of a staff user,
 return a hashref of hashrefs of the specific subpermissions
 accorded to the user.  An example return is
 
-{
+ {
     tools => {
         export_catalog => 1,
         import_patrons => 1,
     }
     tools => {
         export_catalog => 1,
         import_patrons => 1,
     }
-}
+ }
 
 The top-level hash-key is a module or function code from
 userflags.flag, while the second-level key is a code
 
 The top-level hash-key is a module or function code from
 userflags.flag, while the second-level key is a code
@@ -1484,13 +1500,9 @@ sub get_user_subpermissions {
     return $user_perms;
 }
 
     return $user_perms;
 }
 
-=item get_all_subpermissions
-
-=over 4
+=head2 get_all_subpermissions
 
 
-my $perm_hashref = get_all_subpermissions();
-
-=back
+  my $perm_hashref = get_all_subpermissions();
 
 Returns a hashref of hashrefs defining all specific
 permissions currently defined.  The return value
 
 Returns a hashref of hashrefs defining all specific
 permissions currently defined.  The return value
@@ -1514,7 +1526,7 @@ sub get_all_subpermissions {
     return $all_perms;
 }
 
     return $all_perms;
 }
 
-=item haspermission
+=head2 haspermission
 
   $flags = ($userid, $flagsrequired);
 
 
   $flags = ($userid, $flagsrequired);
 
@@ -1540,20 +1552,16 @@ sub haspermission {
     }
     return $flags if $flags->{superlibrarian};
     foreach my $module ( keys %$flagsrequired ) {
     }
     return $flags if $flags->{superlibrarian};
     foreach my $module ( keys %$flagsrequired ) {
-        if (C4::Context->preference('GranularPermissions')) {
-            my $subperm = $flagsrequired->{$module};
-            if ($subperm eq '*') {
-                return 0 unless ( $flags->{$module} == 1 or ref($flags->{$module}) );
-            } else {
-                return 0 unless ( $flags->{$module} == 1 or
-                                    ( ref($flags->{$module}) and
-                                      exists $flags->{$module}->{$subperm} and
-                                      $flags->{$module}->{$subperm} == 1
-                                    )
-                                );
-            }
+        my $subperm = $flagsrequired->{$module};
+        if ($subperm eq '*') {
+            return 0 unless ( $flags->{$module} == 1 or ref($flags->{$module}) );
         } else {
         } else {
-            return 0 unless ( $flags->{$module} );
+            return 0 unless ( $flags->{$module} == 1 or
+                                ( ref($flags->{$module}) and
+                                  exists $flags->{$module}->{$subperm} and
+                                  $flags->{$module}->{$subperm} == 1
+                                )
+                            );
         }
     }
     return $flags;
         }
     }
     return $flags;
@@ -1584,8 +1592,6 @@ END { }    # module clean-up code here (global destructor)
 1;
 __END__
 
 1;
 __END__
 
-=back
-
 =head1 SEE ALSO
 
 CGI(3)
 =head1 SEE ALSO
 
 CGI(3)
Koha ILS @ FFZG - based on git://git.koha.org/pub/scm/koha.git