Bug 15386: Checkout / patron pages: Hide menu items leading to 404 pages

Some of the menu items on patron / Checkout related pages lead to a 404 page
depending on the permissions. This patch hides them as appropriate.

To test:

- For a staff member A, set permission 'borrowers' only (+ 'catalogue')
- Log in as A
- Search a patron and display details
- Verify that none of the menu items at the left lead to the 404 page

- For a staff member B, set permission 'circulate_remaining_permission'
  only (+ catalogue)
- Log in as B
- Go to Circulation > Checkout, search a patron
- Click menu items at the left, some of them lead to the 404 page
- Verify that none of the menu items at the left lead to the 404 page

- Do the same for a staff member C with both permissions set
- Verify that menu items appear as expected

Signed-off-by: Lucio Moraes <lmoraes@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amended patch: I have remove the double if
CAN_user_circulate_circulate_remaining_permissions statement (and group
block into one). And also remove unecessary change ('IF a IF b' instead
of existing 'IF a && b')

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc
index 6393a04..f545afa 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc
+++ b/koha-tmpl/intranet-tmpl/prog/en/includes/circ-menu.inc
@@ -63,10 +63,12 @@
 </ul></div>
 <div id="menu">
 <ul>
-    [% IF ( circview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/circ/circulation.pl?borrowernumber=[% borrowernumber %]">Check out</a></li>
-    [% IF Koha.Preference('BatchCheckouts') &&
-          Koha.Preference('BatchCheckoutsValidCategories').split('\|').grep('^' _ categorycode _ '$').size > 0 %]
-      [% IF ( batch_checkout_view ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/circ/circulation.pl?borrowernumber=[% borrowernumber %]&amp;batch=1">Batch check out</a></li>
+    [% IF ( CAN_user_circulate_circulate_remaining_permissions ) %]
+        [% IF ( circview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/circ/circulation.pl?borrowernumber=[% borrowernumber %]">Check out</a></li>
+        [% IF Koha.Preference('BatchCheckouts') &&
+              Koha.Preference('BatchCheckoutsValidCategories').split('\|').grep('^' _ categorycode _ '$').size > 0 %]
+          [% IF ( batch_checkout_view ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/circ/circulation.pl?borrowernumber=[% borrowernumber %]&amp;batch=1">Batch check out</a></li>
+        [% END %]
     [% END %]
     [% IF ( CAN_user_borrowers ) %]
         [% IF ( detailview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/moremember.pl?borrowernumber=[% borrowernumber %]">Details</a></li>
@@ -74,21 +76,27 @@
     [% IF ( CAN_user_updatecharges ) %]
         [% IF ( finesview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/pay.pl?borrowernumber=[% borrowernumber %]">Fines</a></li>
     [% END %]
-    [% IF ( RoutingSerials ) %][% IF ( routinglistview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/routing-lists.pl?borrowernumber=[% borrowernumber %]">Routing lists</a></li>[% END %]
-    <!-- Added check for borrowers permission as this is needed to access Cirulation History -->
-    [% IF ( intranetreadinghistory && CAN_user_borrowers ) %]
-        [% IF ( readingrecordview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/readingrec.pl?borrowernumber=[% borrowernumber %]">Circulation history</a></li>
+    [% IF ( CAN_user_circulate_circulate_remaining_permissions  )  %]
+        [% IF ( RoutingSerials ) %][% IF ( routinglistview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/routing-lists.pl?borrowernumber=[% borrowernumber %]">Routing lists</a></li>[% END %]
+    [% END %]
+    [% IF ( CAN_user_borrowers ) %]
+        [% IF ( intranetreadinghistory ) %]
+            [% IF ( readingrecordview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/readingrec.pl?borrowernumber=[% borrowernumber %]">Circulation history</a></li>
+        [% END %]
     [% END %]
     [% IF ( CAN_user_parameters ) %]
         [% IF ( logview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/tools/viewlog.pl?do_it=1&amp;modules=MEMBERS&amp;modules=circulation&amp;object=[% borrowernumber %]&amp;src=circ">Modification log</a></li>
     [% END %]
+    [% IF ( CAN_user_borrowers ) %]
        [% IF ( sentnotices ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/notices.pl?borrowernumber=[% borrowernumber %]">Notices</a></li>
-    <!-- Added IF statement to check if user has borrowers permission. The menu item will not be shown unless user has borrowers permission  -->
+    [% END %]
     [% IF ( CAN_user_borrowers ) %]
         [% IF (  statisticsview ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/statistics.pl?borrowernumber=[% borrowernumber %]">Statistics</a></li>
     [% END %]
-    [% IF EnableBorrowerFiles %]
-        [% IF ( borrower_files ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/files.pl?borrowernumber=[% borrowernumber %]">Files</a></li>
+    [% IF ( CAN_user_borrowers ) %]
+        [% IF ( EnableBorrowerFiles ) %]
+            [% IF ( borrower_files ) %]<li class="active">[% ELSE %]<li>[% END %]<a href="/cgi-bin/koha/members/files.pl?borrowernumber=[% borrowernumber %]">Files</a></li>
+        [% END %]
     [% END %]
 
     [% IF ( CAN_user_borrowers ) %]