X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=acqui%2Fbooksellers.pl;h=ac3c557c5e1665a536c778c4367cf46b694ea595;hb=aa114f53499b9cffde0571fe7e08622f9c9a332a;hp=fb6b2f17074121b49658275b6660b6fb86af528a;hpb=481f620455d40f93a3cb37136ef2c3964497751e;p=koha.git

diff --git a/acqui/booksellers.pl b/acqui/booksellers.pl
index fb6b2f1707..ac3c557c5e 100755
--- a/acqui/booksellers.pl
+++ b/acqui/booksellers.pl
@@ -41,7 +41,7 @@ C<$supplier> is the string with which we search for a supplier
 
 =back
 
-=item id or supplierid
+=item id or booksellerid
 
 The id of the supplier whose baskets we will display
 
@@ -59,6 +59,7 @@ use CGI;
 use C4::Dates qw/format_date/;
 use C4::Bookseller qw/ GetBookSellerFromId GetBookSeller /;
 use C4::Members qw/GetMember/;
+use C4::Context;
 
 my $query = CGI->new;
 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
@@ -73,11 +74,11 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
 
 #parameters
 my $supplier = $query->param('supplier');
-my $id = $query->param('id') || $query->param('supplierid');
+my $booksellerid = $query->param('booksellerid');
 my @suppliers;
 
-if ($id) {
-    push @suppliers, GetBookSellerFromId($id);
+if ($booksellerid) {
+    push @suppliers, GetBookSellerFromId($booksellerid);
 } else {
     @suppliers = GetBookSeller($supplier);
 }
@@ -86,7 +87,7 @@ my $supplier_count = @suppliers;
 if ( $supplier_count == 1 ) {
     $template->param(
         supplier_name => $suppliers[0]->{'name'},
-        id            => $suppliers[0]->{'id'}
+        booksellerid  => $suppliers[0]->{'booksellerid'}
     );
 }
 
@@ -95,6 +96,11 @@ if ($loggedinuser) {
     $uid = GetMember( borrowernumber => $loggedinuser )->{userid};
 }
 
+my $userenv = C4::Context::userenv;
+my $viewbaskets = C4::Context->preference('AcqViewBaskets');
+
+my $userbranch = $userenv->{branch};
+
 #build result page
 my $loop_suppliers = [];
 
@@ -102,25 +108,30 @@ for my $vendor (@suppliers) {
     my $baskets = get_vendors_baskets( $vendor->{id} );
 
     my $loop_basket = [];
+    
     for my $basket ( @{$baskets} ) {
-        if ((      $basket->{authorisedby}
-                && $basket->{authorisedby} eq $loggedinuser
-            )
-            || haspermission( $uid, { acquisition => q{*} } )
-          ) {
+        my $authorisedby = $basket->{authorisedby};
+        
+        if ($userenv->{'flags'} & 1 || #user is superlibrarian
+               (haspermission( $uid, { acquisition => q{*} } ) && #user has acq permissions and
+                   ($viewbaskets eq 'all' || #user is allowed to see all baskets
+                   ($viewbaskets eq 'branch' && $authorisedby && $userbranch eq GetMember( borrowernumber => $authorisedby )->{branchcode}) || #basket belongs to user's branch
+                   ($basket->{authorisedby} &&  $viewbaskets == 'user' && $authorisedby == $loggedinuser) #user created this basket
+                   ) 
+                ) 
+           ) { 
             for my $date_field (qw( creationdate closedate)) {
                 if ( $basket->{$date_field} ) {
-                    $basket->{$date_field} =
-                      format_date( $basket->{$date_field} );
+                    $basket->{$date_field} = format_date( $basket->{$date_field} );
                 }
             }
-            push @{$loop_basket}, $basket;
+            push @{$loop_basket}, $basket; 
         }
     }
 
     push @{$loop_suppliers},
       { loop_basket => $loop_basket,
-        supplierid  => $vendor->{id},
+        booksellerid  => $vendor->{id},
         name        => $vendor->{name},
         active      => $vendor->{active},
       };
@@ -128,7 +139,7 @@ for my $vendor (@suppliers) {
 }
 $template->param(
     loop_suppliers => $loop_suppliers,
-    supplier       => ( $id || $supplier ),
+    supplier       => ( $booksellerid || $supplier ),
     count          => $supplier_count,
 );