[Koha-bugs] [Bug 30624] Add a permission to control the ability to change the logged in library

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30624

--- Comment #41 from Lucas Gass <lucas at bywatersolutions.com> ---
(In reply to Katrin Fischer from comment #40)
> 1) We have a mix now of $flags->{superlibrarian} == 1 and
> $patron->is_superlibrarian
> 
> I remember that is_superlibrarian was created in order to fix and avoid a
> lot of false/wrong permission checks for superlibrarian in the codebase. I
> am not sure if the flags will work correctly, maybe someone else could weigh
> in? Should we be consistent or doesn't it matter?

The inconsistency is set-library.pl. Instead of building a patron object so
that we can use $patron->is_superlibrarian I think we can use C4::Context for
the check.

> 2) Database update
> 
> UPDATE borrowers SET flags = flags + (1<<29) WHERE flags & 4
> 
> Can you explain that one to me? I have written stuff like that before, but
> it's not coming back to me right now. I had expected something like "where
> flags != 0 and IS NOT NULL"?

Using 1<<29 since borrower.flags is stored in bits. It's the bitwise operator
'<<'. (right shift) I used in order to preserve other permissions set in
borrower.flag. It takes the original value and adds (1<<29).

> 3) Changing home library
> 
> The staff user can still change their own home branch and circumvent the
> limitation that way. Should we make the library read only when the
> permission is missing?
Good point. Do you think that is within the scope of this bug?

-- 
You are receiving this mail because:
You are watching all bug changes.