[Koha-patches] [PATCH 1/4] user privacy managing and dealing with AnonymousPatron new syspref
Nicole Engard
nengard at gmail.com
Sun Feb 7 14:01:08 CET 2010
Has this been pushed to HEAD? If so there is an error because I don't
see the privacy option with the system preference set to ON.
Nicole
On Thu, Dec 10, 2009 at 12:51 PM, <paul.poulain at biblibre.com> wrote:
> From: Paul Poulain <paul.poulain at biblibre.com>
>
> Add a new option in patron table that let the user decide how to deal with his reading history.
>
> 3 options are available :
> * never remove my reading list (keep it forever)
> * let the library decide (legally keep my reading list, the default value)
> * immediatly remove my reading history when I return a book (don't keep any reading history at all)
>
> the OpacPrivacy syspref let the library decide if this option is active or not.
>
> This patch also creates a new syspref, AnonymousPatron, that contains the borrowernumber of the Patron to attach anonymised issues.
> The existing AnonSuggestion is modified to become a YesNo.
> ---
> C4/Auth.pm | 1 +
> C4/Circulation.pm | 24 +++++--
> C4/Members.pm | 26 +++++++
> admin/systempreferences.pl | 2 +
> installer/data/mysql/updatedatabase.pl | 16 ++++
> koha-tmpl/opac-tmpl/prog/en/includes/usermenu.inc | 3 +
> .../opac-tmpl/prog/en/modules/opac-privacy.tmpl | 74 ++++++++++++++++++++
> opac/opac-privacy.pl | 65 +++++++++++++++++
> opac/opac-suggestions.pl | 2 +-
> 9 files changed, 206 insertions(+), 7 deletions(-)
> create mode 100644 koha-tmpl/opac-tmpl/prog/en/modules/opac-privacy.tmpl
> create mode 100755 opac/opac-privacy.pl
>
> diff --git a/C4/Auth.pm b/C4/Auth.pm
> index afe5fbf..048a5dc 100644
> --- a/C4/Auth.pm
> +++ b/C4/Auth.pm
> @@ -372,6 +372,7 @@ sub get_template_and_user {
> reviewson => C4::Context->preference("reviewson"),
> suggestion => "" . C4::Context->preference("suggestion"),
> virtualshelves => "" . C4::Context->preference("virtualshelves"),
> + OpacPrivacy => "" . C4::Context->preference("OpacPrivacy"),
> OPACSerialIssueDisplayCount => C4::Context->preference("OPACSerialIssueDisplayCount"),
> );
> }
> diff --git a/C4/Circulation.pm b/C4/Circulation.pm
> index e2c9e94..b3e5d9e 100644
> --- a/C4/Circulation.pm
> +++ b/C4/Circulation.pm
> @@ -1457,7 +1457,6 @@ sub AddReturn {
> # if the book returned in an other branch, update the holding branch
> # update issues, thereby returning book (should push this out into another subroutine
> $borrower = C4::Members::GetMemberDetails( $iteminformation->{borrowernumber}, 0 );
> -
> # case of a return of document (deal with issues and holdingbranch)
>
> if ($doreturn) {
> @@ -1474,7 +1473,7 @@ sub AddReturn {
> # FIXME - is this right ? are we sure that the holdingbranch is still the pickup branch?
> }
> }
> - MarkIssueReturned($borrower->{'borrowernumber'}, $iteminformation->{'itemnumber'},$circControlBranch);
> + MarkIssueReturned($borrower->{'borrowernumber'}, $iteminformation->{'itemnumber'},$circControlBranch, '', $borrower->{'privacy'});
> $messages->{'WasReturned'} = 1; # FIXME is the "= 1" right?
>
> # continue to deal with returns cases, but not only if we have an issue
> @@ -1587,7 +1586,7 @@ sub AddReturn {
>
> =over 4
>
> -MarkIssueReturned($borrowernumber, $itemnumber, $dropbox_branch, $returndate);
> +MarkIssueReturned($borrowernumber, $itemnumber, $dropbox_branch, $returndate, $privacy);
>
> =back
>
> @@ -1601,6 +1600,9 @@ it's safe to do this, i.e. last non-holiday > issuedate.
> if C<$returndate> is specified (in iso format), it is used as the date
> of the return. It is ignored when a dropbox_branch is passed in.
>
> +C<$privacy> contains the privacy parameter. If the patron has set his privacy to 2,
> +the old_issue is immediately anonymised
> +
> Ideally, this function would be internal to C<C4::Circulation>,
> not exported, but it is currently needed by one
> routine in C<C4::Accounts>.
> @@ -1608,7 +1610,7 @@ routine in C<C4::Accounts>.
> =cut
>
> sub MarkIssueReturned {
> - my ( $borrowernumber, $itemnumber, $dropbox_branch, $returndate ) = @_;
> + my ( $borrowernumber, $itemnumber, $dropbox_branch, $returndate, $privacy ) = @_;
> my $dbh = C4::Context->dbh;
> my $query = "UPDATE issues SET returndate=";
> my @bind;
> @@ -1632,6 +1634,13 @@ sub MarkIssueReturned {
> WHERE borrowernumber = ?
> AND itemnumber = ?");
> $sth_copy->execute($borrowernumber, $itemnumber);
> + # immediately anonymize if needed, by setting AnonymousPatron as 'issuer'
> + if ( $privacy == 2 ) {
> + my $sth_ano = $dbh->prepare("UPDATE old_issues SET borrowernumber=?
> + WHERE borrowernumber = ?
> + AND itemnumber = ?");
> + $sth_ano->execute(C4::Context->preference('AnonymousPatron'), $borrowernumber, $itemnumber);
> + }
> my $sth_del = $dbh->prepare("DELETE FROM issues
> WHERE borrowernumber = ?
> AND itemnumber = ?");
> @@ -2331,7 +2340,7 @@ sub DeleteTransfer {
>
> =head2 AnonymiseIssueHistory
>
> -$rows = AnonymiseIssueHistory($borrowernumber,$date)
> +$rows = AnonymiseIssueHistory($date,$borrowernumber)
>
> This function write NULL instead of C<$borrowernumber> given on input arg into the table issues.
> if C<$borrowernumber> is not set, it will delete the issue history for all borrower older than C<$date>.
> @@ -2344,11 +2353,14 @@ sub AnonymiseIssueHistory {
> my $date = shift;
> my $borrowernumber = shift;
> my $dbh = C4::Context->dbh;
> + # prepare query
> + # note that we don't anonymize patrons that have requested keeping their record forever (privacy=0)
> my $query = "
> UPDATE old_issues
> - SET borrowernumber = NULL
> + SET borrowernumber = ".C4::Context->preference('AnonymousPatron')."
> WHERE returndate < '".$date."'
> AND borrowernumber IS NOT NULL
> + AND (SELECT privacy FROM borrowers WHERE borrowers.borrowernumber=old_issues.borrowernumber)<>0
> ";
> $query .= " AND borrowernumber = '".$borrowernumber."'" if defined $borrowernumber;
> my $rows_affected = $dbh->do($query);
> diff --git a/C4/Members.pm b/C4/Members.pm
> index b2ce916..3e318d2 100644
> --- a/C4/Members.pm
> +++ b/C4/Members.pm
> @@ -81,6 +81,7 @@ BEGIN {
> push @EXPORT, qw(
> &ModMember
> &changepassword
> + &ModPrivacy
> );
>
> #Delete data
> @@ -2045,6 +2046,31 @@ sub DebarMember {
>
> }
>
> +=head2 ModPrivacy
> +
> +=over 4
> +
> +my $success = DebarMember( $borrowernumber, $privacy );
> +
> +Update the privacy of a patron.
> +
> +return :
> +true on success, false on failure
> +
> +=back
> +
> +=cut
> +
> +sub ModPrivacy {
> + my $borrowernumber = shift;
> + my $privacy = shift;
> + return unless defined $borrowernumber;
> + return unless $borrowernumber =~ /^\d+$/;
> +
> + return ModMember( borrowernumber => $borrowernumber,
> + privacy => $privacy );
> +}
> +
> END { } # module clean-up code here (global destructor)
>
> 1;
> diff --git a/admin/systempreferences.pl b/admin/systempreferences.pl
> index 4a84b13..5bfe689 100755
> --- a/admin/systempreferences.pl
> +++ b/admin/systempreferences.pl
> @@ -198,6 +198,7 @@ $tabsysprefs{AutoEmailOpacUser} = "Patrons";
> $tabsysprefs{AutoEmailPrimaryAddress} = "Patrons";
> $tabsysprefs{EnhancedMessagingPreferences} = "Patrons";
> $tabsysprefs{'SMSSendDriver'} = 'Patrons';
> +$tabsysprefs{AnonymousPatron} = "Patrons";
>
> # I18N/L10N
> $tabsysprefs{dateformat} = "I18N/L10N";
> @@ -327,6 +328,7 @@ $tabsysprefs{kohaspsuggest} = "OPAC";
> $tabsysprefs{OpacRenewalAllowed} = "OPAC";
> $tabsysprefs{OPACItemHolds} = "OPAC";
> $tabsysprefs{OPACGroupResults} = "OPAC";
> +$tabsysprefs{OpacPrivacy} = "OPAC";
> $tabsysprefs{XSLTDetailsDisplay} = "OPAC";
> $tabsysprefs{XSLTResultsDisplay} = "OPAC";
> $tabsysprefs{OPACShowCheckoutName} = "OPAC";
> diff --git a/installer/data/mysql/updatedatabase.pl b/installer/data/mysql/updatedatabase.pl
> index 9061daa..de3edec 100755
> --- a/installer/data/mysql/updatedatabase.pl
> +++ b/installer/data/mysql/updatedatabase.pl
> @@ -2434,6 +2434,22 @@ $DBversion = "3.01.00.034";
> if (C4::Context->preference("Version") < TransformToNum($DBversion)) {
> $dbh->do("ALTER TABLE `subscription` ADD COLUMN `graceperiod` INT(11) NOT NULL default '0';");
> print "Upgrade to $DBversion done (Adding graceperiod column to subscription table)\n";
> + $dbh->do("INSERT INTO systempreferences (variable,value,explanation,options,type) VALUES('OpacPrivacy', '0', 'if ON, allows patrons to define their privacy rules (reading history)',NULL,'YesNo')");
> + # create a new syspref for the 'Mr anonymous' patron
> + $dbh->do("INSERT INTO systempreferences (variable,value,explanation,options,type) VALUES('AnonymousPatron', '0', \"Set the identifier (borrowernumber) of the 'Mister anonymous' patron. Used for Suggestion and reading history privacy\",NULL,'')");
> + # fill AnonymousPatron with AnonymousSuggestion value (copy)
> + my $sth=$dbh->prepare("SELECT value FROM systempreferences WHERE variable='AnonSuggestions'");
> + $sth->execute;
> + my ($value) = $sth->fetchrow();
> + $dbh->do("UPDATE systempreferences SET value=$value WHERE variable='AnonymousPatron'");
> + # set AnonymousSuggestion do YesNo
> + # 1st, set the value (1/True if it had a borrowernumber)
> + $dbh->do("UPDATE systempreferences SET value=1 WHERE variable='AnonSuggestions' AND value>0");
> + # 2nd, change the type to Choice
> + $dbh->do("UPDATE systempreferences SET type='YesNo' WHERE variable='AnonSuggestions'");
> + # borrower reading record privacy : 0 : forever, 1 : laws, 2 : don't keep at all
> + $dbh->do("ALTER TABLE `borrowers` ADD `privacy` INTEGER NOT NULL DEFAULT 1;");
> + print "Upgrade to $DBversion done (add new syspref and column in borrowers)\n";
> SetVersion ($DBversion);
> }
>
> diff --git a/koha-tmpl/opac-tmpl/prog/en/includes/usermenu.inc b/koha-tmpl/opac-tmpl/prog/en/includes/usermenu.inc
> index 2efc1da..8e8ee6a 100644
> --- a/koha-tmpl/opac-tmpl/prog/en/includes/usermenu.inc
> +++ b/koha-tmpl/opac-tmpl/prog/en/includes/usermenu.inc
> @@ -21,6 +21,9 @@
> <!-- TMPL_IF NAME="EnhancedMessagingPreferences" -->
> <!-- TMPL_IF NAME="messagingview" --><li class="active"><!-- TMPL_ELSE --><li><!-- /TMPL_IF --><a href="/cgi-bin/koha/opac-messaging.pl">my messaging</a></li>
> <!-- /TMPL_IF -->
> + <!-- TMPL_IF NAME="OpacPrivacy" -->
> + <!-- TMPL_IF NAME="privacyview" --><li class="active"><!-- TMPL_ELSE --><li><!-- /TMPL_IF --><a href="/cgi-bin/koha/opac-privacy.pl">my privacy</a></li>
> + <!-- /TMPL_IF -->
> <!-- TMPL_IF NAME="virtualshelves" -->
> <!-- TMPL_IF NAME="listsview" --><li class="active"><!-- TMPL_ELSE --><li><!-- /TMPL_IF --><a href="/cgi-bin/koha/opac-shelves.pl?display=privateshelves">my lists</a></li>
> <!-- /TMPL_IF -->
> diff --git a/koha-tmpl/opac-tmpl/prog/en/modules/opac-privacy.tmpl b/koha-tmpl/opac-tmpl/prog/en/modules/opac-privacy.tmpl
> new file mode 100644
> index 0000000..c25f73a
> --- /dev/null
> +++ b/koha-tmpl/opac-tmpl/prog/en/modules/opac-privacy.tmpl
> @@ -0,0 +1,74 @@
> +<!-- TMPL_INCLUDE name="doc-head-open.inc" --><!-- TMPL_IF NAME="LibraryNameTitle" --><!-- TMPL_VAR NAME="LibraryNameTitle" --><!-- TMPL_ELSE -->Koha Online<!-- /TMPL_IF --> Catalog › Privacy management for <!-- TMPL_VAR name="firstname" --> <!-- TMPL_VAR name="surname" -->
> +<!-- TMPL_INCLUDE NAME="doc-head-close.inc" -->
> +</head>
> +<body>
> +<div id="doc3" class="yui-t1">
> + <div id="bd">
> +<!-- TMPL_INCLUDE name="masthead.inc" -->
> +
> + <div id="yui-main">
> + <div class="yui-b"><div class="yui-g">
> + <div class="container">
> + <h3><a href="/cgi-bin/koha/opac-user.pl"><!-- TMPL_VAR NAME="firstname" --> <!-- TMPL_VAR NAME="surname" -->'s account</a> <img src="<!-- TMPL_VAR NAME="themelang" -->l../../images/caret.gif" width="16" height="16" alt=">" border="0" /> Privacy policy </h3>
> +
> + <!-- TMPL_IF name="deleted" -->
> + <div class="dialog message">Your reading history has been deleted.</div>
> + <!-- /TMPL_IF -->
> + <!-- TMPL_IF NAME= "privacy_updated" -->
> + <div class="dialog message">Your privacy rules have been updated</div>
> + <!-- /TMPL_IF -->
> +
> + <h2>Privacy rule</h2>
> + <!-- TMPL_IF NAME= "Ask_data" -->
> + <p>We take great care in protecting your privacy. On this screen, you can define how long we keep your reading history.</p>
> + <p>You have 3 possibilities : <p>
> + <form action="/cgi-bin/koha/opac-privacy.pl" method="post">
> + <input type="hidden" name="op" value="update_privacy" />
> + <ul>
> + <li>Forever: keep my reading history without limit. This is the option for users who want to keep track of what they are reading.</li>
> + <li>Default: keep my reading history according to local laws. This is the default option : the library will keep your reading history for the duration permitted by local laws.</li>
> + <li>Maximum: Delete my reading history immediatly. This will delete all record of the item that was checked-out upon check-in.</li>
> + </ul>
> + <p>Please note that information on any book still checked-out must be kept by the library no matter which privacy option you choose.</p>
> + <p>Please also note that the library staff can't update these values for you : it's your privacy !</p>
> + <p>
> + Please choose your privacy rule:
> + <select name="privacy">
> + <!-- TMPL_IF name="privacy0" -->
> + <option value="0" selected="1">Forever</option>
> + <!-- TMPL_ELSE -->
> + <option value="0">Forever</option>
> + <!-- /TMPL_IF -->
> + <!-- TMPL_IF name="privacy1" -->
> + <option value="1" selected="1">Default</option>
> + <!-- TMPL_ELSE -->
> + <option value="1">Default</option>
> + <!-- /TMPL_IF -->
> + <!-- TMPL_IF name="privacy2" -->
> + <option value="2" selected="1">Maximum</option>
> + <!-- TMPL_ELSE -->
> + <option value="2">Maximum</option>
> + <!-- /TMPL_IF -->
> + </select>
> + <input type="Submit" value="Submit" />
> + </form>
> + <h2>Immediate deletion</h2>
> + <form action="/cgi-bin/koha/opac-privacy.pl" method="post">
> + <input type="hidden" name="op" value="delete_record" />
> + <p>Whatever your privacy rules, you can delete all your reading history immediatly by clicking here. <b>BE CAREFUL</b>. Once you've confirmed the deletion, no one can retrieve the list ! That's your privacy !</p>
> + <p><label for="confirmed">Confirm immediate deletion of your reading history</label><input type="checkbox" name="confirmed" id="confirmed" /></p>
> + <input type="submit" value="Immediate deletion" onclick="return confirmDelete(_('Warning: Cannot be undone. Please confirm once again'));" />
> + </form>
> + <!-- /TMPL_IF -->
> + </div>
> +</div>
> +</div>
> +</div>
> +<div class="yui-b">
> +<div class="container">
> +<!--TMPL_INCLUDE NAME="navigation.inc" -->
> +<!-- TMPL_INCLUDE name="usermenu.inc" -->
> +</div>
> +</div>
> +</div>
> +<!-- TMPL_INCLUDE NAME="opac-bottom.inc" -->
> diff --git a/opac/opac-privacy.pl b/opac/opac-privacy.pl
> new file mode 100755
> index 0000000..e2497d7
> --- /dev/null
> +++ b/opac/opac-privacy.pl
> @@ -0,0 +1,65 @@
> +#!/usr/bin/perl
> +# This script lets the users change their privacy rules
> +#
> +# copyright 2009, BibLibre, paul.poulain at biblibre.com
> +#
> +# Koha is free software; you can redistribute it and/or modify it under the
> +# terms of the GNU General Public License as published by the Free Software
> +# Foundation; either version 2 of the License, or (at your option) any later
> +# version.
> +#
> +# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
> +# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
> +# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
> +#
> +# You should have received a copy of the GNU General Public License along with
> +# Koha; if not, write to the Free Software Foundation, Inc., 59 Temple Place,
> +# Suite 330, Boston, MA 02111-1307 USA
> +
> +use strict;
> +use CGI;
> +
> +use C4::Auth; # checkauth, getborrowernumber.
> +use C4::Context;
> +use C4::Circulation;
> +use C4::Members;
> +use C4::Output;
> +
> +my $query = new CGI;
> +my $dbh = C4::Context->dbh;
> +
> +my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
> + {
> + template_name => "opac-privacy.tmpl",
> + query => $query,
> + type => "opac",
> + authnotrequired => 0,
> + flagsrequired => { borrow => 1 },
> + debug => 1,
> + }
> +);
> +
> +my $op = $query->param("op");
> +
> +# get borrower privacy ....
> +my ( $borr ) = GetMemberDetails( $borrowernumber );
> +if ($op eq "update_privacy")
> +{
> + ModPrivacy($borrowernumber,$query->param('privacy'));
> + $template->param('privacy_updated' => 1);
> +}
> +if ($op eq "delete_record") {
> + # delete all reading records. The hardcoded date should never be reached
> + # even if Koha is a long leaving project ;-)
> + AnonymiseIssueHistory('2999-31-12',$borrowernumber);
> + # confirm the user the deletion has been done
> + $template->param('deleted' => 1);
> +}
> +$template->param( 'Ask_data' => '1',
> + 'privacy'.$borr->{'privacy'} => 1,
> + 'firstname' => $borr->{'firstname'},
> + 'surname' => $borr->{'surname'},
> + 'privacyview' => 1,
> +);
> +
> +output_html_with_http_headers $query, $cookie, $template->output;
> \ No newline at end of file
> diff --git a/opac/opac-suggestions.pl b/opac/opac-suggestions.pl
> index b739817..12aefb1 100755
> --- a/opac/opac-suggestions.pl
> +++ b/opac/opac-suggestions.pl
> @@ -53,7 +53,7 @@ if ( C4::Context->preference("AnonSuggestions") ) {
> }
> );
> if ( !$borrowernumber ) {
> - $borrowernumber = C4::Context->preference("AnonSuggestions");
> + $borrowernumber = C4::Context->preference("AnonymousPatron");
> }
> }
> else {
> --
> 1.6.3.3
>
> _______________________________________________
> Koha-patches mailing list
> Koha-patches at lists.koha.org
> http://lists.koha.org/mailman/listinfo/koha-patches
>
More information about the Koha-patches
mailing list