The borrow permission was used but uselessly.
For instance, at the opac, the flagsrequired parameter was set to
'borrow' but the 'authnotrequired' was set also (which means no auth
required).
At the end, this permission was used at only 1 place: for the basket,
intranet side.
This can be replaced with the catalogue permission (which is used to
search).
Test plan:
1/ Confirm that you are able to show/download/sent the cart (intranet side)
with the catalogue permission.
2/ At the OPAC, you should be able to access the same pages as before
with any other permissions.
Concretely it is quite difficult to test this patch, you should have a
look at the code.
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => {borrow => 1, catalogue => '*', tools => 'import_patrons' },
+ flagsrequired => { catalogue => '*', tools => 'import_patrons' },
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => {borrow => 1, catalogue => '*', tools => 'import_patrons' },
+ flagsrequired => { catalogue => '*', tools => 'import_patrons' },
}
);
$template->param( CAN_user_borrowers => 1 );
$template->param( CAN_user_permissions => 1 );
$template->param( CAN_user_reserveforothers => 1 );
- $template->param( CAN_user_borrow => 1 );
$template->param( CAN_user_editcatalogue => 1 );
$template->param( CAN_user_updatecharges => 1 );
$template->param( CAN_user_acquisition => 1 );
my $query = new CGI;
- my ($template, $borrowernumber, $cookie)
- = get_template_and_user({template_name => "opac-main.tt",
- query => $query,
- type => "opac",
- authnotrequired => 1,
- flagsrequired => {borrow => 1},
- });
+ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
+ { template_name => "opac-main.tt",
+ query => $query,
+ type => "opac",
+ authnotrequired => 1,
+ flagsrequired => { acquisition => '*' },
+ }
+ );
output_html_with_http_headers $query, $cookie, $template->output;
=item get_template_and_user
- my ($template, $borrowernumber, $cookie)
- = get_template_and_user({template_name => "opac-main.tt",
- query => $query,
- type => "opac",
- authnotrequired => 1,
- flagsrequired => {borrow => 1},
- });
+ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
+ { template_name => "opac-main.tt",
+ query => $query,
+ type => "opac",
+ authnotrequired => 1,
+ flagsrequired => { acquisition => '*' },
+ }
+ );
This call passes the C<query>, C<flagsrequired> and C<authnotrequired>
to C<&checkauth> (in this module) to perform authentification.
$template->param( CAN_user_borrowers => 1 );
$template->param( CAN_user_permission => 1 );
$template->param( CAN_user_reserveforothers => 1 );
- $template->param( CAN_user_borrow => 1 );
$template->param( CAN_user_editcatalogue => 1 );
$template->param( CAN_user_updatecharges => 1 );
$template->param( CAN_user_acquisition => 1 );
template_name => "basket/basket.tt",
query => $query,
type => "intranet",
- flagsrequired => { borrow => 1 },
+ flagsrequired => { catalogue => 1 },
}
);
query => $query,
type => "intranet",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
+ flagsrequired => { catalogue => 1 },
}
);
query => $query,
type => "intranet",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
+ flagsrequired => { catalogue => 1 },
}
);
INSERT INTO `userflags` VALUES(4,'borrowers','Benutzer anlegen/ändern',0);
INSERT INTO `userflags` VALUES(5,'permissions','Berechtigungen für Benutzer vergeben',0);
INSERT INTO `userflags` VALUES(6,'reserveforothers','Vormerkungen für Benutzer setzen/ändern',0);
-INSERT INTO `userflags` VALUES(7,'borrow','Medien entleihen',1);
INSERT INTO `userflags` VALUES(9,'editcatalogue','Katalogdaten ändern (Titel- und Bestandsdaten ändern)',0);
INSERT INTO `userflags` VALUES(10,'updatecharges','Gebühren verwalten',0);
INSERT INTO `userflags` VALUES(11,'acquisition','Erwerbung und Verwaltung von Anschaffungsvorschlägen',0);
(4,'borrowers','Add or modify patrons',0),
(5,'permissions','Set user permissions',0),
(6,'reserveforothers','Place and modify holds for patrons',0),
-(7,'borrow','Borrow books',1),
(9,'editcatalogue','Edit catalog (Modify bibliographic/holdings data)',0),
(10,'updatecharges','Manage patrons fines and fees',0),
(11,'acquisition','Acquisition and/or suggestion management',0),
INSERT INTO `userflags` VALUES(4,'borrowers','Add or modify borrowers',0);
INSERT INTO `userflags` VALUES(5,'permissions','Set user permissions',0);
INSERT INTO `userflags` VALUES(6,'reserveforothers','Place and modify holds for patrons',0);
-INSERT INTO `userflags` VALUES(7,'borrow','Borrow books',1);
INSERT INTO `userflags` VALUES(9,'editcatalogue','Edit Catalog (Modify bibliographic/holdings data)',0);
INSERT INTO `userflags` VALUES(10,'updatecharges','Update borrower charges',0);
INSERT INTO `userflags` VALUES(11,'acquisition','Acquisition and/or suggestion management',0);
INSERT INTO `userflags` VALUES(4,'borrowers','Gestion des lecteurs',0);
INSERT INTO `userflags` VALUES(5,'permissions','Définition des habilitations',0);
INSERT INTO `userflags` VALUES(6,'reserveforothers','Ajout et modifications des réservations des adhérents',0);
-INSERT INTO `userflags` VALUES(7,'borrow','Circulation (inutile normalement)',1);
INSERT INTO `userflags` VALUES(9,'editcatalogue','fonctions de catalogage',0);
INSERT INTO `userflags` VALUES(10,'updatecharges','Gestion des pénalités financières',0);
INSERT INTO `userflags` VALUES(11,'acquisition','Gestion des acquisitions',0);
INSERT INTO `userflags` VALUES(4,'borrowers','Aggiungi o modifica gli utenti',0);
INSERT INTO `userflags` VALUES(5,'permissions','Imposta i permessi utente',0);
INSERT INTO `userflags` VALUES(6,'reserveforothers','Prenota i libri per gli utenti',0);
-INSERT INTO `userflags` VALUES(7,'borrow','Presta i libri',1);
INSERT INTO `userflags` VALUES(9,'editcatalogue','Modifica il catalogo (modifica i dati bibliografici e titoli)',0);
INSERT INTO `userflags` VALUES(10,'updatecharges','Aggiorna le tariffe del prestito',0);
INSERT INTO `userflags` VALUES(11,'acquisition','Gestione delle acquisizioni e dei suggerimenti d\'acquisto',0);
INSERT INTO `userflags` VALUES(4,'borrowers','Legge til og endre lånere',0);
INSERT INTO `userflags` VALUES(5,'permissions','Endre brukerrettigheter',0);
INSERT INTO `userflags` VALUES(6,'reserveforothers','Reservere og endre reservasjoner for lånere',0);
-INSERT INTO `userflags` VALUES(7,'borrow','Låne dokumenter',1);
INSERT INTO `userflags` VALUES(9,'editcatalogue','Endre katalogen (Endre bibliografiske poster og eksemplaropplysninger)',0);
INSERT INTO `userflags` VALUES(10,'updatecharges','Endre gebyrer for lånere',0);
INSERT INTO `userflags` VALUES(11,'acquisition','Innkjøp og/eller behandling av forslag',0);
(4,'borrowers','Dodawanie i modyfikowanie użytkowników',0),
(5,'permissions','Ustawianie uprawnień użytkownikom',0),
(6,'reserveforothers','Składanie i modyfikacja zamówień w imieniu użytkowników',0),
-(7,'borrow','Wypożyczanie książek',1),
(9,'editcatalogue','Modyfikowanie katalogu (Modyfikacja rekordów bibliograficznych/egzemplarza)',0),
(10,'updatecharges','Zarządzanie należnościami',0),
(11,'acquisition','Gromadzenie oraz/lub zarządzanie propozycjami zakupu',0),
(4, 'borrowers', 'Внесение и изменение посетителей',0),
(5, 'permissions', 'Установка привилегий пользователя',0),
(6, 'reserveforothers','Резервирование книжек для посетителей',0),
- (7, 'borrow', 'Заем книг',1),
(9, 'editcatalogue', 'Изменение каталога (изменение библиографических/локальных данных)',0),
(10,'updatecharges', 'Обновление оплат пользователей',0),
(11,'acquisition', 'Управление поступлениями и/или предложениями',0),
(4, 'borrowers', 'Внесення та зміна відвідувачів',0),
(5, 'permissions', 'Встановлення привілеїв користувача',0),
(6, 'reserveforothers','Резервування книжок для відвідувачів',0),
- (7, 'borrow', 'Випозичання книжок',1),
(9, 'editcatalogue', 'Редагування каталогу (зміна бібліографічних/локальних даних)',0),
(10,'updatecharges', 'Оновлення сплат користувачів',0),
(11,'acquisition', 'Управління надходженнями і/чи пропозиціями',0),
SetVersion ($DBversion);
}
+
$DBversion = "3.19.00.018";
if ( CheckVersion($DBversion) ) {
$dbh->do(q|
}
}
+
+$DBversion = "3.19.00.XXX";
+if ( CheckVersion($DBversion) ) {
+ $dbh->do(q|
+ DELETE FROM userflags WHERE bit=7;
+ |);
+ print "Upgrade to $DBversion done (Bug 7976 - Remove the 'borrow' permission)\n";
+ SetVersion($DBversion);
+}
+
+
=head1 FUNCTIONS
=head2 TableExists($table)
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
- flagsrequired => { borrow => 1 },
}
);
query => $query,
type => "opac",
authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
- flagsrequired => { borrow => 1 },
}
);
template_name => "opac-downloadcart.tt",
query => $query,
type => "opac",
- authnotrequired => 1,
- flagsrequired => { borrow => 1 },
+ authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
}
);
template_name => "opac-downloadshelf.tt",
query => $query,
type => "opac",
- authnotrequired => 1,
- flagsrequired => { borrow => 1 },
+ authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
- flagsrequired => { borrow => 1 },
}
);
type => "opac",
query => $input,
authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
- flagsrequired => { borrow => 1 },
}
);
query => $query,
type => 'opac',
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => 'opac',
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
}
);
query => $query,
type => "opac",
authnotrequired => 1,
- flagsrequired => { borrow => 1 },
}
);
query => $query,
type => "opac",
authnotrequired => 0,
- flagsrequired => { borrow => 1 },
debug => 1,
}
);
query => $cgi,
type => "opac",
authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 ),
- flagsrequired => { borrow => 1 },
}
);