#!/usr/bin/perl
-# $Id$
-
#script to delete items
#written 2/5/00
#by chris@katipo.co.nz
-
# Copyright 2000-2002 Katipo Communications
#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along with
-# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
-# Suite 330, Boston, MA 02111-1307 USA
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use strict;
+#use warnings; FIXME - Bug 2505
-use CGI;
+use CGI qw ( -utf8 );
use C4::Context;
use C4::Output;
use C4::Auth;
use C4::Members;
+use Module::Load;
+use Koha::Patrons;
+use Koha::Patron::Images;
+use Koha::Token;
+if ( C4::Context->preference('NorwegianPatronDBEnable') && C4::Context->preference('NorwegianPatronDBEnable') == 1 ) {
+ load Koha::NorwegianPatronDB, qw( NLMarkForDeletion NLSync );
+}
my $input = new CGI;
-my $flagsrequired;
-$flagsrequired->{borrowers}=1;
-my ($loggedinuser, $cookie, $sessionID) = checkauth($input, 0, $flagsrequired);
+my ($template, $borrowernumber, $cookie)
+ = get_template_and_user({template_name => "members/deletemem.tt",
+ query => $input,
+ type => "intranet",
+ authnotrequired => 0,
+ flagsrequired => {borrowers => 1},
+ debug => 1,
+ });
+#print $input->header;
+my $member = $input->param('member');
+#Do not delete yourself...
+if ($borrowernumber == $member ) {
+ print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member&error=CANT_DELETE_YOURSELF");
+ exit 0; # Exit without error
+}
-#print $input->header;
-my $member=$input->param('member');
-my %member2;
-$member2{'borrowernumber'}=$member;
-my ($countissues,$issues)=GetPendingIssues($member);
-
-my ($bor,$flags)=GetMemberDetails($member,'');
-if (C4::Context->preference("IndependantBranches")) {
- my $userenv = C4::Context->userenv;
- unless ($userenv->{flags} == 1){
- unless ($userenv->{'branch'} eq $bor->{'branchcode'}){
-# warn "user ".$userenv->{'branch'} ."borrower :". $bor->{'branchcode'};
- print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member");
- exit 1;
- }
- }
+# Handle deletion from the Norwegian national patron database, if it is enabled
+# If the "deletelocal" parameter is set to "false", the regular deletion will be
+# short circuited, and only a deletion from the national database can be carried
+# out. If "deletelocal" is set to "true", or not set to anything normal
+# deletion will be done.
+my $deletelocal = $input->param('deletelocal') eq 'false' ? 0 : 1; # Deleting locally is the default
+if ( C4::Context->preference('NorwegianPatronDBEnable') && C4::Context->preference('NorwegianPatronDBEnable') == 1 ) {
+ if ( $input->param('deleteremote') eq 'true' ) {
+ # Mark for deletion, then try a live sync
+ NLMarkForDeletion( $member );
+ NLSync({ 'borrowernumber' => $member });
+ }
}
-my $dbh = C4::Context->dbh;
-my $sth=$dbh->prepare("Select * from borrowers where guarantorid=?");
-$sth->execute($member);
-my $data=$sth->fetchrow_hashref;
-$sth->finish;
-if ($countissues > 0 or $flags->{'CHARGES'} or $data->{'borrowernumber'}){
-
- my ($template, $borrowernumber, $cookie)
- = get_template_and_user({template_name => "members/deletemem.tmpl",
- query => $input,
- type => "intranet",
- authnotrequired => 0,
- flagsrequired => {borrowers => 1},
- debug => 1,
- });
- # print $input->header;
- $template->param(borrowernumber => $member);
- if ($countissues >0) {
- $template->param(ItemsOnIssues => $countissues);
- }
- if ($flags->{'CHARGES'} ne '') {
- $template->param(charges => $flags->{'CHARGES'}->{'message'});
- }
- if ($data ne '') {
- $template->param(guarantees => 1);
- }
-# print "<table border=1>";
-# if ($i > 0){
-# print "<TR><TD>Items on Issue</td><td align=right>$i</td></tr>";
-# }
-# if ($flags->{'CHARGES'} ne ''){
-# print "<TR><TD>Charges</td><td>$flags->{'CHARGES'}->{'message'}</tr>";
-# }
-# if ($data ne ''){
-# print "<TR><TD>Guarantees</td></tr>";
-# }
-# print "</table>";
-$template->param(intranetcolorstylesheet => C4::Context->preference("intranetcolorstylesheet"),
- intranetstylesheet => C4::Context->preference("intranetstylesheet"),
- IntranetNav => C4::Context->preference("IntranetNav"),
- );
-output_html_with_http_headers $input, $cookie, $template->output;
+my $issues = GetPendingIssues($member); # FIXME: wasteful call when really, we only want the count
+my $countissues = scalar(@$issues);
+
+my $bor = C4::Members::GetMember( borrowernumber => $member );
+my $flags = C4::Members::patronflags( $bor );
+my $userenv = C4::Context->userenv;
+
+
+
+if ($bor->{category_type} eq "S") {
+ unless(C4::Auth::haspermission($userenv->{'id'},{'staffaccess'=>1})) {
+ print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member&error=CANT_DELETE_STAFF");
+ exit 0; # Exit without error
+ }
} else {
- MoveMemberToDeleted($member);
- DelMember($member);
- print $input->redirect("/cgi-bin/koha/members/members-home.pl");
+ unless(C4::Auth::haspermission($userenv->{'id'},{'borrowers'=>1})) {
+ print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member&error=CANT_DELETE");
+ exit 0; # Exit without error
+ }
+}
+
+if (C4::Context->preference("IndependentBranches")) {
+ my $userenv = C4::Context->userenv;
+ if ( !C4::Context->IsSuperLibrarian() && $bor->{'branchcode'}){
+ unless ($userenv->{branch} eq $bor->{'branchcode'}){
+ print $input->redirect("/cgi-bin/koha/members/moremember.pl?borrowernumber=$member&error=CANT_DELETE_OTHERLIBRARY");
+ exit 0; # Exit without error
+ }
+ }
}
+my $op = $input->param('op') || 'delete_confirm';
+my $dbh = C4::Context->dbh;
+my $is_guarantor = $dbh->selectrow_array("SELECT COUNT(*) FROM borrowers WHERE guarantorid=?", undef, $member);
+if ( $op eq 'delete_confirm' or $countissues > 0 or $flags->{'CHARGES'} or $is_guarantor or $deletelocal == 0) {
+ my $patron_image = Koha::Patron::Images->find($bor->{borrowernumber});
+ $template->param( picture => 1 ) if $patron_image;
+
+ $template->param(borrowernumber => $member,
+ surname => $bor->{'surname'},
+ title => $bor->{'title'},
+ cardnumber => $bor->{'cardnumber'},
+ firstname => $bor->{'firstname'},
+ categorycode => $bor->{'categorycode'},
+ category_type => $bor->{'category_type'},
+ categoryname => $bor->{'description'},
+ address => $bor->{'address'},
+ address2 => $bor->{'address2'},
+ city => $bor->{'city'},
+ zipcode => $bor->{'zipcode'},
+ country => $bor->{'country'},
+ phone => $bor->{'phone'},
+ email => $bor->{'email'},
+ branchcode => $bor->{'branchcode'},
+ RoutingSerials => C4::Context->preference('RoutingSerials'),
+ );
+ if ($countissues >0) {
+ $template->param(ItemsOnIssues => $countissues);
+ }
+ if ($flags->{'CHARGES'} ne '') {
+ $template->param(charges => $flags->{'CHARGES'}->{'amount'});
+ }
+ if ($is_guarantor) {
+ $template->param(guarantees => 1);
+ }
+ if ($deletelocal == 0) {
+ $template->param(keeplocal => 1);
+ }
+ # This is silly written but reflect the same conditions as above
+ if ( not $countissues > 0 and not $flags->{CHARGES} ne '' and not $is_guarantor and not $deletelocal == 0 ) {
+ $template->param(
+ op => 'delete_confirm',
+ csrf_token => Koha::Token->new->generate_csrf({ session_id => scalar $input->cookie('CGISESSID') }),
+ );
+ }
+} elsif ( $op eq 'delete_confirmed' ) {
+
+ die "Wrong CSRF token"
+ unless Koha::Token->new->check_csrf( {
+ session_id => $input->cookie('CGISESSID'),
+ token => scalar $input->param('csrf_token'),
+ });
+ my $patron = Koha::Patrons->find( $member );
+ $patron->move_to_deleted;
+ $patron->delete;
+ # TODO Tell the user everything went ok
+ print $input->redirect("/cgi-bin/koha/members/members-home.pl");
+ exit 0; # Exit without error
+}
+output_html_with_http_headers $input, $cookie, $template->output;