From f33e65499b0d00637dc7627c6ead4f6849cc2a96 Mon Sep 17 00:00:00 2001 From: Matthias Meusburger Date: Thu, 3 Sep 2009 12:26:07 +0200 Subject: [PATCH] MT 1816: Granular permissions for the serials module Signed-off-by: Henri-Damien LAURENT --- .../mysql/en/mandatory/userpermissions.sql | 10 +++- .../fr-FR/1-Obligatoire/userpermissions.sql | 10 +++- installer/data/mysql/updatedatabase30.pl | 15 +++++ .../intranet-tmpl/prog/en/includes/header.inc | 3 +- .../prog/en/includes/mainmenu.inc | 4 ++ .../prog/en/includes/serials-menu.inc | 15 ++++- .../prog/en/includes/serials-toolbar.inc | 56 +++++++++++++------ .../prog/en/modules/serials/serials-home.tmpl | 2 +- .../en/modules/serials/subscription-add.tmpl | 11 +++- serials/acqui-search-result.pl | 2 +- serials/acqui-search.pl | 2 +- serials/checkexpiration.pl | 2 +- serials/claims.pl | 2 +- serials/member-search.pl | 2 +- serials/routing-preview.pl | 4 +- serials/routing.pl | 2 +- serials/serial-issues.pl | 2 +- serials/serials-collection.pl | 2 +- serials/serials-edit.pl | 2 +- serials/serials-home.pl | 2 +- serials/statecollection.pl | 2 +- serials/subscription-add.pl | 7 ++- serials/subscription-bib-search.pl | 7 +-- serials/subscription-detail.pl | 6 +- serials/subscription-renew.pl | 2 +- serials/viewalerts.pl | 2 +- 26 files changed, 130 insertions(+), 46 deletions(-) diff --git a/installer/data/mysql/en/mandatory/userpermissions.sql b/installer/data/mysql/en/mandatory/userpermissions.sql index 29b3b0526c..5fea3a816c 100644 --- a/installer/data/mysql/en/mandatory/userpermissions.sql +++ b/installer/data/mysql/en/mandatory/userpermissions.sql @@ -15,5 +15,13 @@ INSERT INTO permissions (module_bit, code, description) VALUES (13, 'import_patrons', 'Import patron data'), (13, 'delete_anonymize_patrons', 'Delete old borrowers and anonymize circulation history (deletes borrower reading history)'), (13, 'batch_upload_patron_images', 'Upload patron images in batch or one at a time'), - (13, 'schedule_tasks', 'Schedule tasks to run') + (13, 'schedule_tasks', 'Schedule tasks to run'), + (15, 'check_expiration', 'Check the expiration of a serial'), + (15, 'claim_serials', 'Claim missing serials'), + (15, 'create_subscription', 'Create a new subscription'), + (15, 'delete_subscription', 'Delete an existing subscription'), + (15, 'edit_subscription', 'Edit an existing subscription'), + (15, 'receive_serials', 'Serials receiving'), + (15, 'renew_subscription', 'Renew a subscription'), + (15, 'routing', 'Routing') ; diff --git a/installer/data/mysql/fr-FR/1-Obligatoire/userpermissions.sql b/installer/data/mysql/fr-FR/1-Obligatoire/userpermissions.sql index 29b3b0526c..5fea3a816c 100644 --- a/installer/data/mysql/fr-FR/1-Obligatoire/userpermissions.sql +++ b/installer/data/mysql/fr-FR/1-Obligatoire/userpermissions.sql @@ -15,5 +15,13 @@ INSERT INTO permissions (module_bit, code, description) VALUES (13, 'import_patrons', 'Import patron data'), (13, 'delete_anonymize_patrons', 'Delete old borrowers and anonymize circulation history (deletes borrower reading history)'), (13, 'batch_upload_patron_images', 'Upload patron images in batch or one at a time'), - (13, 'schedule_tasks', 'Schedule tasks to run') + (13, 'schedule_tasks', 'Schedule tasks to run'), + (15, 'check_expiration', 'Check the expiration of a serial'), + (15, 'claim_serials', 'Claim missing serials'), + (15, 'create_subscription', 'Create a new subscription'), + (15, 'delete_subscription', 'Delete an existing subscription'), + (15, 'edit_subscription', 'Edit an existing subscription'), + (15, 'receive_serials', 'Serials receiving'), + (15, 'renew_subscription', 'Renew a subscription'), + (15, 'routing', 'Routing') ; diff --git a/installer/data/mysql/updatedatabase30.pl b/installer/data/mysql/updatedatabase30.pl index 0e0ea3aa5d..6bd1de5679 100644 --- a/installer/data/mysql/updatedatabase30.pl +++ b/installer/data/mysql/updatedatabase30.pl @@ -567,6 +567,21 @@ if (C4::Context->preference("Version") < TransformToNum($DBversion)) { "); SetVersion ($DBversion); } +$DBversion = "3.00.04.017"; +if (C4::Context->preference("Version") < TransformToNum($DBversion)) { + $dbh->do(" + INSERT INTO `permissions` (`module_bit`, `code`, `description`) VALUES + (15, 'check_expiration', 'Check the expiration of a serial'), + (15, 'claim_serials', 'Claim missing serials'), + (15, 'create_subscription', 'Create a new subscription'), + (15, 'delete_subscription', 'Delete an existing subscription'), + (15, 'edit_subscription', 'Edit an existing subscription'), + (15, 'receive_serials', 'Serials receiving'), + (15, 'renew_subscription', 'Renew a subscription'), + (15, 'routing', 'Routing'); + "); + SetVersion ($DBversion); +} =item DropAllForeignKeys($table) diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc index fd28c3e2b3..f6856ea1f1 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc @@ -13,8 +13,9 @@
  • Acquisitions
  • Authorities
    • + -
  • Serials
    • +
  • Serials
  • Reports
  • Tools
    • diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/mainmenu.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/mainmenu.inc index 46a0191fda..1318f6b637 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/mainmenu.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/mainmenu.inc @@ -47,7 +47,11 @@
  • Cataloging
  • Acquisitions
    • diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/serials-menu.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/serials-menu.inc index 6f21f93443..88e32e3db2 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/serials-menu.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/serials-menu.inc @@ -1,12 +1,21 @@ \ No newline at end of file + + diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/serials-toolbar.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/serials-toolbar.inc index b7b773c555..6bed3a076e 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/serials-toolbar.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/serials-toolbar.inc @@ -17,9 +17,15 @@ var editmenu = [ - { text: _("Edit Subscription"), disabled: true, url: "/cgi-bin/koha/serials/subscription-add.pl?op=mod&subscriptionid=" }, - { text: _("Edit as New (Duplicate)"), disabled: true, url: "/cgi-bin/koha/serials/subscription-add.pl?op=dup&subscriptionid=" }, + + { text: _("Edit Subscription"), disabled: true, url: "/cgi-bin/koha/serials/subscription-add.pl?op=mod&subscriptionid=" }, + + + { text: _("Edit as New (Duplicate)"), disabled: true, url: "/cgi-bin/koha/serials/subscription-add.pl?op=dup&subscriptionid=" }, + + { text: _("Delete Subscription"), disabled: true, onclick: {fn: confirm_deletion }} + ]; new YAHOO.widget.Button("newsubscription"); @@ -50,21 +56,39 @@ onclick: {fn:function(){popup()}} //]]> diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/serials/serials-home.tmpl b/koha-tmpl/intranet-tmpl/prog/en/modules/serials/serials-home.tmpl index b2fbc4e308..d4033b494f 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/serials/serials-home.tmpl +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/serials/serials-home.tmpl @@ -116,7 +116,7 @@ Serials updated :   - &serstatus=1,3">Serial receive + &serstatus=1,3">Serial receive diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/serials/subscription-add.tmpl b/koha-tmpl/intranet-tmpl/prog/en/modules/serials/subscription-add.tmpl index 52ee62b306..27ce4d7015 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/serials/subscription-add.tmpl +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/serials/subscription-add.tmpl @@ -971,8 +971,15 @@ $(document).ready(function() { " size="8" /> (" disabled="disabled" readonly="readonly" />) Required -
    Search for Biblio | ); return false;">Edit biblio - Create Biblio
    +
    Search for Biblio + + + | ); return false;">Edit biblio + + | Create Biblio + + +
  • diff --git a/serials/acqui-search-result.pl b/serials/acqui-search-result.pl index df73738cb1..7b856b8933 100755 --- a/serials/acqui-search-result.pl +++ b/serials/acqui-search-result.pl @@ -55,7 +55,7 @@ my ($template, $loggedinuser, $cookie) query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => '*'}, debug => 1, }); diff --git a/serials/acqui-search.pl b/serials/acqui-search.pl index 408ac83740..a629315f94 100755 --- a/serials/acqui-search.pl +++ b/serials/acqui-search.pl @@ -33,7 +33,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user( query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => { serials => 1 }, + flagsrequired => { serials => '*' }, debug => 1, } ); diff --git a/serials/checkexpiration.pl b/serials/checkexpiration.pl index 865e163a72..178d87596e 100755 --- a/serials/checkexpiration.pl +++ b/serials/checkexpiration.pl @@ -60,7 +60,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user ( query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => { serials => 1 }, + flagsrequired => { serials => 'check_expiration' }, debug => 1, } ); diff --git a/serials/claims.pl b/serials/claims.pl index 3c0c4fc804..75f78ed1cb 100755 --- a/serials/claims.pl +++ b/serials/claims.pl @@ -27,7 +27,7 @@ my ($template, $loggedinuser, $cookie) query => $input, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => 'claim_serials'}, debug => 1, }); diff --git a/serials/member-search.pl b/serials/member-search.pl index a2063f8823..f2eb45109b 100755 --- a/serials/member-search.pl +++ b/serials/member-search.pl @@ -38,7 +38,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user( query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => { serials => 1 }, + flagsrequired => { serials => 'routing' }, debug => 1, } ); diff --git a/serials/routing-preview.pl b/serials/routing-preview.pl index d89b28c494..8ef8ee8ce7 100755 --- a/serials/routing-preview.pl +++ b/serials/routing-preview.pl @@ -84,7 +84,7 @@ if($ok){ query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => 'routing'}, debug => 1, }); $template->param("libraryname"=>$branchname); @@ -94,7 +94,7 @@ if($ok){ query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => 'routing'}, debug => 1, }); } diff --git a/serials/routing.pl b/serials/routing.pl index d49d450d4b..1b3da2d3b6 100755 --- a/serials/routing.pl +++ b/serials/routing.pl @@ -89,7 +89,7 @@ my ($template, $loggedinuser, $cookie) query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => 'routing'}, debug => 1, }); # my $date; diff --git a/serials/serial-issues.pl b/serials/serial-issues.pl index 842876a688..467a45891f 100755 --- a/serials/serial-issues.pl +++ b/serials/serial-issues.pl @@ -72,7 +72,7 @@ if ($selectview eq "full"){ query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => '*'}, debug => 1, }); diff --git a/serials/serials-collection.pl b/serials/serials-collection.pl index c80886b3c0..f66d724332 100755 --- a/serials/serials-collection.pl +++ b/serials/serials-collection.pl @@ -42,7 +42,7 @@ my ($template, $loggedinuser, $cookie); query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => 'receive_serials'}, debug => 1, }); my $biblionumber = $query->param('biblionumber'); diff --git a/serials/serials-edit.pl b/serials/serials-edit.pl index 08eae33f88..93caa55588 100755 --- a/serials/serials-edit.pl +++ b/serials/serials-edit.pl @@ -115,7 +115,7 @@ my ($template, $loggedinuser, $cookie) query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => 'receive_serials'}, debug => 1, }); diff --git a/serials/serials-home.pl b/serials/serials-home.pl index ec2ddee948..ee8b08d7d2 100755 --- a/serials/serials-home.pl +++ b/serials/serials-home.pl @@ -67,7 +67,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user( query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => { serials => 1 }, + flagsrequired => { serials => '*' }, debug => 1, } ); diff --git a/serials/statecollection.pl b/serials/statecollection.pl index 715260a3c1..10fbc70be5 100755 --- a/serials/statecollection.pl +++ b/serials/statecollection.pl @@ -46,7 +46,7 @@ my ($template, $loggedinuser, $cookie) query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => '*'}, debug => 1, }); diff --git a/serials/subscription-add.pl b/serials/subscription-add.pl index 4b50819678..57902cab33 100755 --- a/serials/subscription-add.pl +++ b/serials/subscription-add.pl @@ -43,12 +43,17 @@ my ($subscriptionid,$auser,$branchcode,$librarian,$cost,$aqbooksellerid, $aqbook $bibliotitle, $callnumber, $notes, $hemisphere, $letter, $manualhistory,$serialsadditems); my @budgets; + +# Permission needed if it is a modification : edit_subscription +# Permission needed otherwise (nothing or dup) : create_subscription +my $permission = ($op eq "mod") ? "edit_subscription" : "create_subscription"; + my ($template, $loggedinuser, $cookie) = get_template_and_user({template_name => "serials/subscription-add.tmpl", query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => $permission}, debug => 1, }); diff --git a/serials/subscription-bib-search.pl b/serials/subscription-bib-search.pl index fc70f09f94..2493be85f6 100755 --- a/serials/subscription-bib-search.pl +++ b/serials/subscription-bib-search.pl @@ -115,8 +115,7 @@ if ($op eq "do_search" && $query) { query => $input, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, - flagsrequired => {catalogue => 1}, + flagsrequired => {catalogue => 1, serials => '*'}, debug => 1, }); @@ -177,7 +176,7 @@ if ($op eq "do_search" && $query) { query => $input, type => "intranet", authnotrequired => 0, - flagsrequired => {catalogue => 1, serials=>1}, + flagsrequired => {catalogue => 1, serials => '*'}, debug => 1, }); # load the itemtypes @@ -203,7 +202,7 @@ if ($op eq "do_search" && $query) { query => $input, type => "intranet", authnotrequired => 0, - flagsrequired => {catalogue => 1, serials=>1}, + flagsrequired => {catalogue => 1, serials => '*'}, debug => 1, }); # load the itemtypes diff --git a/serials/subscription-detail.pl b/serials/subscription-detail.pl index 87127e2671..f04f3b1fe5 100755 --- a/serials/subscription-detail.pl +++ b/serials/subscription-detail.pl @@ -50,12 +50,16 @@ my ($totalissues,@serialslist) = GetSerials($subscriptionid); $totalissues-- if $totalissues; # the -1 is to have 0 if this is a new subscription (only 1 issue) # the subscription must be deletable if there is NO issues for a reason or another (should not happend, but...) +# Permission needed if it is a deletion (del) : delete_subscription +# Permission needed otherwise : * +my $permission = ($op eq "del") ? "delete_subscription" : "*"; + ($template, $loggedinuser, $cookie) = get_template_and_user({template_name => "serials/subscription-detail.tmpl", query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => $permission}, debug => 1, }); diff --git a/serials/subscription-renew.pl b/serials/subscription-renew.pl index 7402af70d6..219fca7ed2 100755 --- a/serials/subscription-renew.pl +++ b/serials/subscription-renew.pl @@ -68,7 +68,7 @@ my ( $template, $loggedinuser, $cookie ) = get_template_and_user( query => $query, type => "intranet", authnotrequired => 0, - flagsrequired => { serials => 1 }, + flagsrequired => { serials => 'renew_subscription' }, debug => 1, } ); diff --git a/serials/viewalerts.pl b/serials/viewalerts.pl index cf2278d3c7..9aed02ef0d 100755 --- a/serials/viewalerts.pl +++ b/serials/viewalerts.pl @@ -38,7 +38,7 @@ my ($template, $loggedinuser, $cookie) query => $input, type => "intranet", authnotrequired => 0, - flagsrequired => {serials => 1}, + flagsrequired => {serials => '*'}, debug => 1, }); -- 2.20.1