Two points as mentioned on Bugzilla comment29.
[1] Improve pref description. Feedback from comment30 incorporated.
[2] Improve code in member-flags. Check if we change librarian flag first.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested the die with "disable_superlibrarian_privs => 0" in member-flags.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
- pref: ProtectSuperlibrarianPrivileges
choices:
yes: Allow only superlibrarians
- pref: ProtectSuperlibrarianPrivileges
choices:
yes: Allow only superlibrarians
- no: Do not block permitted non-superlibrarians
- - to access/change superlibrarian privileges.
+ no: Allow all permitted users
+ - "to access/change superlibrarian privileges. Note: A permitted user needs to have the 'permissions' flag (if no superlibrarian)."
"Norwegian patron database":
-
"Norwegian patron database":
-
}
$sth = $dbh->prepare("UPDATE borrowers SET flags=? WHERE borrowernumber=?");
}
$sth = $dbh->prepare("UPDATE borrowers SET flags=? WHERE borrowernumber=?");
- if( !C4::Context->preference('ProtectSuperlibrarianPrivileges') || C4::Context->IsSuperLibrarian ) {
- $sth->execute($module_flags, $member);
- } else {
- my $old_flags = $patron->flags // 0;
- if( ( $old_flags == 1 || $module_flags == 1 ) &&
- $old_flags != $module_flags ) {
- die "Non-superlibrarian is changing superlibrarian privileges"; # Interface should not allow this, so we can just die here
- } else {
- $sth->execute($module_flags, $member);
- }
+ my $old_flags = $patron->flags // 0;
+ if( ( $old_flags == 1 || $module_flags == 1 ) &&
+ $old_flags != $module_flags ) {
+ die "Non-superlibrarian is changing superlibrarian privileges" if !C4::Context->IsSuperLibrarian && C4::Context->preference('ProtectSuperlibrarianPrivileges'); # Interface should not allow this, so we can just die here
+ $sth->execute($module_flags, $member);
+
# deal with subpermissions
$sth = $dbh->prepare("DELETE FROM user_permissions WHERE borrowernumber = ?");
$sth->execute($member);
# deal with subpermissions
$sth = $dbh->prepare("DELETE FROM user_permissions WHERE borrowernumber = ?");
$sth->execute($member);