);
}
+ if ( $in->{type} eq 'opac' ) {
+ my $kick_out;
- # If the user logged in is the SCO user and they try to go out of the SCO module, log the user out removing the CGISESSID cookie
- if ( $in->{type} eq 'opac' and $in->{template_name} !~ m|sco/| ) {
- if ( $user && C4::Context->preference('AutoSelfCheckID') && $user eq C4::Context->preference('AutoSelfCheckID') ) {
- $template = C4::Templates::gettemplate( 'opac-auth.tt', 'opac', $in->{query} );
- my $cookie = $in->{query}->cookie(
- -name => 'CGISESSID',
- -value => '',
- -expires => '',
- -HttpOnly => 1,
- );
-
- $template->param(
- loginprompt => 1,
- script_name => get_script_name(),
- );
- print $in->{query}->header(
- { type => 'text/html',
- charset => 'utf-8',
- cookie => $cookie,
- 'X-Frame-Options' => 'SAMEORIGIN'
- }
- ),
- $template->output;
- safe_exit;
+ if (
+# If the user logged in is the SCO user and they try to go out of the SCO module,
+# log the user out removing the CGISESSID cookie
+ $in->{template_name} !~ m|sco/|
+ && $user
+ && C4::Context->preference('AutoSelfCheckID')
+ && $user eq C4::Context->preference('AutoSelfCheckID')
+ )
+ {
+ $kick_out = 1;
+ }
+ elsif (
+# If the user logged in is the SCI user and they try to go out of the SCI module,
+# kick them out unless it is SCO with a valid permission
+ $in->{template_name} !~ m|sci/|
+ && $user
+ && haspermission( $user, { self_check => 'self_checkin_module' } )
+ && !(
+ $in->{template_name} =~ m|sco/| && haspermission(
+ $user, { self_check => 'self_checkout_module' }
+ )
+ )
+ )
+ {
+ $kick_out = 1;
}
- }
- # If the user logged in is the SCI user and they try to go out of the SCI module,
- # log the user out removing the CGISESSID cookie
- if ( $in->{type} eq 'opac' and $in->{template_name} !~ m|sci/| ) {
- if ( $user && C4::Context->preference('AutoSelfCheckID') && $user eq C4::Context->preference('AutoSelfCheckID') ) {
- $template = C4::Templates::gettemplate( 'opac-auth.tt', 'opac', $in->{query} );
- my $cookie = $in->{query}->cookie(
+ if ($kick_out) {
+ $template = C4::Templates::gettemplate( 'opac-auth.tt', 'opac',
+ $in->{query} );
+ $cookie = $in->{query}->cookie(
-name => 'CGISESSID',
-value => '',
-expires => '',
loginprompt => 1,
script_name => get_script_name(),
);
+
print $in->{query}->header(
- { type => 'text/html',
+ {
+ type => 'text/html',
charset => 'utf-8',
cookie => $cookie,
'X-Frame-Options' => 'SAMEORIGIN'
}
),
- $template->output;
+ $template->output;
safe_exit;
}
}
my $all_permissions = C4::Auth::get_user_subpermissions( $userid );
my ( $has_self_checkout_perm, $has_other_permissions );
while ( my ( $module, $permissions ) = each %$all_permissions ) {
- if ( $module eq 'circulate' ) {
+ if ( $module eq 'self_check' ) {
while ( my ( $permission, $flag ) = each %$permissions ) {
- if ( $permission eq 'self_checkout' ) {
+ if ( $permission eq 'self_checkout_module' ) {
$has_self_checkout_perm = 1;
} else {
$has_other_permissions = 1;
[% END %]
[% IF AutoSelfCheckPatronDoesNotHaveSelfCheckPerm %]
<tr><th scope="row"><b>Warning</b> </th><td>
- The patron used for the self checkout module at the OPAC does not have the circulate => self_checkout permission.
+ The patron used for the self checkout module at the OPAC does not have the self_check => self_checkout_module permission.
</td></tr>
[% END %]
[% IF AutoSelfCheckPatronHasTooManyPerm %]
<tr><th scope="row"><b>Warning</b> </th><td>
- The patron used for the self checkout module at the OPAC has too many permissions. They should only have circulate => self_checkout.
+ The patron used for the self checkout module at the OPAC has too many permissions. They should only have self_check => self_checkout_module.
</td></tr>
[% END %]
[% IF warnNoTemplateCaching %]
{
template_name => "sci/sci-main.tt",
authnotrequired => 0,
- flagsrequired => { circulate => "self_checkout" },
+ flagsrequired => { self_check => 'self_checkin_module' },
query => $cgi,
type => "opac"
}
$template->param( success => \@success, errors => \@errors, checkins => 1 );
}
+# Make sure timeour has a reasonable value
+my $timeout = C4::Context->preference('SelfCheckInTimeout') // 120;
+$template->param( refresh_timeout => $timeout );
+
output_html_with_http_headers $cgi, $cookie, $template->output, undef, { force_no_caching => 1 };
use C4::Output qw(output_html_with_http_headers);
my $query = new CGI;
-my ($template, $borrowernumber, $cookie) = get_template_and_user({
- template_name => "sco/help.tt",
- query => $query,
- type => "opac",
- debug => 1,
- authnotrequired => 1,
- flagsrequired => {circulate => "self_checkout"},
-});
+my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
+ {
+ template_name => "sco/help.tt",
+ query => $query,
+ type => "opac",
+ debug => 1,
+ authnotrequired => 1,
+ flagsrequired => { self_check => "self_checkout_module" },
+ }
+);
if (C4::Context->preference('SelfCheckoutByLogin')) {
$template->param(SelfCheckoutByLogin => 1);
$query->param(-name=>'koha_login_context',-values=>['sco']);
}
$query->param(-name=>'sco_user_login',-values=>[1]);
-my ($template, $loggedinuser, $cookie) = get_template_and_user({
- template_name => "sco/sco-main.tt",
- authnotrequired => 0,
- flagsrequired => { circulate => "self_checkout" },
- query => $query,
- type => "opac",
- debug => 1,
-});
+
+my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
+ {
+ template_name => "sco/sco-main.tt",
+ authnotrequired => 0,
+ flagsrequired => { self_check => "self_checkout_module" },
+ query => $query,
+ type => "opac",
+ debug => 1,
+ }
+);
# Get the self checkout timeout preference, or use 120 seconds as a default
my $selfchecktimeout = 120000;
use Koha::Patrons;
use Koha::Token;
-my ($query, $response) = C4::Service->init(circulate => 'self_checkout');
+my ( $query, $response ) = C4::Service->init( self_check => 'self_checkout_module' );
unless (C4::Context->preference('WebBasedSelfCheck')) {
print $query->header(status => '403 Forbidden - web-based self-check not enabled');