[Koha-patches] [PATCH] bug 4896: granular permissions now always on (DB rev 138)
Galen Charlton
gmcharlt at gmail.com
Fri Jun 25 11:17:04 CEST 2010
Per the following koha-devel thread, the use of
staff user subpermissions, AKA granular permissions, is
now the default behavior in Koha. This patch removes
the GranularPermissions system preference.
[1] http://lists.koha-community.org/pipermail/koha-devel/2010-February/033670.html
Signed-off-by: Galen Charlton <gmcharlt at gmail.com>
---
C4/Auth.pm | 55 ++++------
admin/authorised_values.pl | 6 +-
admin/systempreferences.pl | 1 -
installer/data/mysql/de-DE/mandatory/sysprefs.sql | 1 -
installer/data/mysql/en/mandatory/sysprefs.sql | 1 -
.../1-Obligatoire/unimarc_standard_systemprefs.sql | 1 -
installer/data/mysql/pl-PL/mandatory/sysprefs.sql | 1 -
...m_preferences_full_optimal_for_install_only.sql | 1 -
...ystem_preferences_only_translation_updating.sql | 2 -
...m_preferences_full_optimal_for_install_only.sql | 1 -
...ystem_preferences_only_translation_updating.sql | 3 -
installer/data/mysql/updatedatabase.pl | 6 +
.../prog/en/modules/admin/preferences/admin.pref | 9 +--
.../prog/en/modules/help/members/member-flags.tmpl | 21 +----
kohaversion.pl | 2 +-
members/member-flags.pl | 106 ++++++++++----------
svc/config/systempreferences | 4 +-
17 files changed, 85 insertions(+), 136 deletions(-)
diff --git a/C4/Auth.pm b/C4/Auth.pm
index cb52a66..593f36e 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -206,24 +206,16 @@ sub get_template_and_user {
}
}
- if (C4::Context->preference('GranularPermissions')) {
- if ( $flags ) {
- foreach my $module (keys %$all_perms) {
- if ( $flags->{$module} == 1) {
- foreach my $subperm (keys %{ $all_perms->{$module} }) {
- $template->param( "CAN_user_${module}_${subperm}" => 1 );
- }
- } elsif ( ref($flags->{$module}) ) {
- foreach my $subperm (keys %{ $flags->{$module} } ) {
- $template->param( "CAN_user_${module}_${subperm}" => 1 );
- }
- }
- }
- }
- } else {
+ if ( $flags ) {
foreach my $module (keys %$all_perms) {
- foreach my $subperm (keys %{ $all_perms->{$module} }) {
- $template->param( "CAN_user_${module}_${subperm}" => 1 );
+ if ( $flags->{$module} == 1) {
+ foreach my $subperm (keys %{ $all_perms->{$module} }) {
+ $template->param( "CAN_user_${module}_${subperm}" => 1 );
+ }
+ } elsif ( ref($flags->{$module}) ) {
+ foreach my $subperm (keys %{ $flags->{$module} } ) {
+ $template->param( "CAN_user_${module}_${subperm}" => 1 );
+ }
}
}
}
@@ -504,9 +496,10 @@ that the user must have the "circulate" privilege in order to
proceed. To make sure that access control is correct, the
C<$flagsrequired> parameter must be specified correctly.
-If the GranularPermissions system preference is ON, the
-value of each key in the C<flagsrequired> hash takes on an additional
-meaning, e.g.,
+Koha also has a concept of sub-permissions, also known as
+granular permissions. This makes the value of each key
+in the C<flagsrequired> hash take on an additional
+meaning, i.e.,
1
@@ -1561,20 +1554,16 @@ sub haspermission {
}
return $flags if $flags->{superlibrarian};
foreach my $module ( keys %$flagsrequired ) {
- if (C4::Context->preference('GranularPermissions')) {
- my $subperm = $flagsrequired->{$module};
- if ($subperm eq '*') {
- return 0 unless ( $flags->{$module} == 1 or ref($flags->{$module}) );
- } else {
- return 0 unless ( $flags->{$module} == 1 or
- ( ref($flags->{$module}) and
- exists $flags->{$module}->{$subperm} and
- $flags->{$module}->{$subperm} == 1
- )
- );
- }
+ my $subperm = $flagsrequired->{$module};
+ if ($subperm eq '*') {
+ return 0 unless ( $flags->{$module} == 1 or ref($flags->{$module}) );
} else {
- return 0 unless ( $flags->{$module} );
+ return 0 unless ( $flags->{$module} == 1 or
+ ( ref($flags->{$module}) and
+ exists $flags->{$module}->{$subperm} and
+ $flags->{$module}->{$subperm} == 1
+ )
+ );
}
}
return $flags;
diff --git a/admin/authorised_values.pl b/admin/authorised_values.pl
index 32acb5b..de05512 100755
--- a/admin/authorised_values.pl
+++ b/admin/authorised_values.pl
@@ -52,14 +52,10 @@ $searchfield =~ s/\,//g;
my $script_name = "/cgi-bin/koha/admin/authorised_values.pl";
my $dbh = C4::Context->dbh;
-# my $subpermission = C4::Context->preference('GranularPermissions') ?
-# { editcatalogue => ... } :
-# { parameters => 1 } ;
-
my ($template, $borrowernumber, $cookie)= get_template_and_user({
template_name => "admin/authorised_values.tmpl",
authnotrequired => 0,
- flagsrequired => {parameters => 1}, # soon $subpermission
+ flagsrequired => {parameters => 1},
query => $input,
type => "intranet",
debug => 1,
diff --git a/admin/systempreferences.pl b/admin/systempreferences.pl
index 6ed5310..9e90d61 100755
--- a/admin/systempreferences.pl
+++ b/admin/systempreferences.pl
@@ -97,7 +97,6 @@ $tabsysprefs{DebugLevel} = "Admin";
$tabsysprefs{SessionStorage} = "Admin";
$tabsysprefs{noItemTypeImages} = "Admin";
$tabsysprefs{OPACBaseURL} = "Admin";
-$tabsysprefs{GranularPermissions} = "Admin";
# Authorities
$tabsysprefs{authoritysep} = "Authorities";
diff --git a/installer/data/mysql/de-DE/mandatory/sysprefs.sql b/installer/data/mysql/de-DE/mandatory/sysprefs.sql
index 276c7cd..2a0be55 100644
--- a/installer/data/mysql/de-DE/mandatory/sysprefs.sql
+++ b/installer/data/mysql/de-DE/mandatory/sysprefs.sql
@@ -184,7 +184,6 @@ INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OAI-PMH:ConfFile','','If empty, Koha OAI Server operates in normal mode, otherwise it operates in extended mode.',NULL,'File');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OPACItemHolds','1','Allow OPAC users to place hold on specific items. If OFF, users can only request next available copy.','','YesNo');
-INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('GranularPermissions','0','Use detailed staff user permissions',NULL,'YesNo');
INSERT INTO `systempreferences` (variable, value,options,type, explanation) VALUES ('AddPatronLists','categorycode','categorycode|category_type','Choice','Allow user to choose what list to pick up from when adding patrons');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('ExtendedPatronAttributes','0','Use extended patron IDs and attributes',NULL,'YesNo');
diff --git a/installer/data/mysql/en/mandatory/sysprefs.sql b/installer/data/mysql/en/mandatory/sysprefs.sql
index 7060fa2..49a02ea 100644
--- a/installer/data/mysql/en/mandatory/sysprefs.sql
+++ b/installer/data/mysql/en/mandatory/sysprefs.sql
@@ -184,7 +184,6 @@ INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OAI-PMH:ConfFile','','If empty, Koha OAI Server operates in normal mode, otherwise it operates in extended mode.',NULL,'File');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OPACItemHolds','1','Allow OPAC users to place hold on specific items. If OFF, users can only request next available copy.','','YesNo');
-INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('GranularPermissions','0','Use detailed staff user permissions',NULL,'YesNo');
INSERT INTO `systempreferences` (variable, value,options,type, explanation) VALUES ('AddPatronLists','categorycode','categorycode|category_type','Choice','Allow user to choose what list to pick up from when adding patrons');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('ExtendedPatronAttributes','0','Use extended patron IDs and attributes',NULL,'YesNo');
diff --git a/installer/data/mysql/fr-FR/1-Obligatoire/unimarc_standard_systemprefs.sql b/installer/data/mysql/fr-FR/1-Obligatoire/unimarc_standard_systemprefs.sql
index d6d6dc6..76db9c9 100644
--- a/installer/data/mysql/fr-FR/1-Obligatoire/unimarc_standard_systemprefs.sql
+++ b/installer/data/mysql/fr-FR/1-Obligatoire/unimarc_standard_systemprefs.sql
@@ -187,7 +187,6 @@ INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('CircControl',"ItemHomeLibrary",'Précise la bibliothèque qui contrôle les règles de prêt et d''amende',"PickupLibrary|PatronLibrary|ItemHomeLibrary",'Choice');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OPACItemHolds','1','Si activé, les adhérents peuvent placer des réservations sur un exemplaire spécifique. Sinon, il ne peuvent que réserver le prochain disponible.','','YesNo');
-INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('GranularPermissions','0','Utiliser les permissions détaillées',NULL,'YesNo');
INSERT INTO `systempreferences` (variable, value,options,type, explanation) VALUES ('AddPatronLists','categorycode','categorycode|category_type','Choice','Slectionner categorycode ou category_type permet d''afficher la liste des catégories ou des types de catégories à l''ajout d''un lecteur');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('ExtendedPatronAttributes','0','Utiliser les attributs étendus pour les adhérents',NULL,'YesNo');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('RenewSerialAddsSuggestion','0','Si activé, génère une suggestion d''achat à chaque Renouvellement d''abonnement',NULL,'YesNo');
diff --git a/installer/data/mysql/pl-PL/mandatory/sysprefs.sql b/installer/data/mysql/pl-PL/mandatory/sysprefs.sql
index 54f4194..3707294 100644
--- a/installer/data/mysql/pl-PL/mandatory/sysprefs.sql
+++ b/installer/data/mysql/pl-PL/mandatory/sysprefs.sql
@@ -185,7 +185,6 @@ INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OAI-PMH:Subset','itemtype=\'BOOK\'','Restrict answer to matching raws of the biblioitems table EXPERIMENTAL',NULL,'Free');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OPACItemHolds','1','Allow OPAC users to place hold on specific items. If OFF, users can only request next available copy.','','YesNo');
-INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('GranularPermissions','0','Use detailed staff user permissions',NULL,'YesNo');
INSERT INTO `systempreferences` (variable, value,options,type, explanation) VALUES ('AddPatronLists','categorycode','categorycode|category_type','Choice','Allow user to choose what list to pick up from when adding patrons');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('ExtendedPatronAttributes','0','Use extended patron IDs and attributes',NULL,'YesNo');
diff --git a/installer/data/mysql/ru-RU/mandatory/system_preferences_full_optimal_for_install_only.sql b/installer/data/mysql/ru-RU/mandatory/system_preferences_full_optimal_for_install_only.sql
index 0f8dd9f..2edbe10 100644
--- a/installer/data/mysql/ru-RU/mandatory/system_preferences_full_optimal_for_install_only.sql
+++ b/installer/data/mysql/ru-RU/mandatory/system_preferences_full_optimal_for_install_only.sql
@@ -213,7 +213,6 @@ INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OAI-PMH:Subset','itemtype=\'BOOK\'','Restrict answer to matching raws of the biblioitems table EXPERIMENTAL',NULL,'Free');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OPACItemHolds','1','Allow OPAC users to place hold on specific items. If OFF, users can only request next available copy.','','YesNo');
-INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('GranularPermissions','0','Use detailed staff user permissions',NULL,'YesNo');
INSERT INTO `systempreferences` (variable, value,options,type, explanation) VALUES ('AddPatronLists','categorycode','categorycode|category_type','Choice','Allow user to choose what list to pick up from when adding patrons');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('ExtendedPatronAttributes','1','Use extended patron IDs and attributes',NULL,'YesNo');
diff --git a/installer/data/mysql/ru-RU/mandatory/system_preferences_only_translation_updating.sql b/installer/data/mysql/ru-RU/mandatory/system_preferences_only_translation_updating.sql
index dc295d2..5d9ce1a 100644
--- a/installer/data/mysql/ru-RU/mandatory/system_preferences_only_translation_updating.sql
+++ b/installer/data/mysql/ru-RU/mandatory/system_preferences_only_translation_updating.sql
@@ -13,8 +13,6 @@ UPDATE systempreferences SET explanation='Символ-ÑазделиÑÐµÐ»Ñ Ð¿
UPDATE systempreferences SET explanation='СпиÑок загÑÑженнÑÑ
ÑÑÑÑкÑÑÑ Ð² веб-инÑÑаллÑÑоÑе' WHERE variable='FrameworksLoaded';
-- Frameworks loaded through webinstaller
-UPDATE systempreferences SET explanation='ÐÑполÑзование подÑÐ°Ð·Ð´ÐµÐ»ÐµÐ½Ð¸Ñ Ð¿Ñивилегий Ð´Ð»Ñ ÑабоÑников' WHERE variable='GranularPermissions';
--- Use detailed staff user permissions
UPDATE systempreferences SET explanation='ÐÑли вклÑÑено, Ñо повÑÑÐ°ÐµÑ Ð±ÐµÐ·Ð¾Ð¿Ð°ÑноÑÑÑ Ð¼ÐµÐ¶Ð´Ñ Ð±Ð¸Ð±Ð»Ð¸Ð¾Ñеками. ÐÑполÑзÑеÑÑÑ, когда библиоÑеки иÑполÑзÑÑÑ Ð¾Ð´Ð½Ñ Ð¸Ð½ÑÑаллÑÑÐ¸Ñ ÐоÑ
а.' WHERE variable='IndependantBranches';
-- If ON, increases security between libraries
diff --git a/installer/data/mysql/uk-UA/mandatory/system_preferences_full_optimal_for_install_only.sql b/installer/data/mysql/uk-UA/mandatory/system_preferences_full_optimal_for_install_only.sql
index e45ad31..130b46b 100644
--- a/installer/data/mysql/uk-UA/mandatory/system_preferences_full_optimal_for_install_only.sql
+++ b/installer/data/mysql/uk-UA/mandatory/system_preferences_full_optimal_for_install_only.sql
@@ -239,7 +239,6 @@ INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OAI-PMH:Subset','itemtype=\'BOOK\'','Restrict answer to matching raws of the biblioitems table EXPERIMENTAL',NULL,'Free');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('OPACItemHolds','1','Allow OPAC users to place hold on specific items. If OFF, users can only request next available copy.','','YesNo');
-INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('GranularPermissions','0','Use detailed staff user permissions',NULL,'YesNo');
INSERT INTO `systempreferences` (variable, value,options,type, explanation) VALUES ('AddPatronLists','categorycode','categorycode|category_type','Choice','Allow user to choose what list to pick up from when adding patrons');
INSERT INTO `systempreferences` (variable,value,explanation,options,type) VALUES('ExtendedPatronAttributes','1','Use extended patron IDs and attributes',NULL,'YesNo');
diff --git a/installer/data/mysql/uk-UA/mandatory/system_preferences_only_translation_updating.sql b/installer/data/mysql/uk-UA/mandatory/system_preferences_only_translation_updating.sql
index 5a8bb0d..0c8c523 100644
--- a/installer/data/mysql/uk-UA/mandatory/system_preferences_only_translation_updating.sql
+++ b/installer/data/mysql/uk-UA/mandatory/system_preferences_only_translation_updating.sql
@@ -13,9 +13,6 @@ UPDATE systempreferences SET explanation='Символ-ÑоздÑлÑник по
UPDATE systempreferences SET explanation='ÐеÑелÑк заванÑажениÑ
ÑÑÑÑкÑÑÑ Ñ Ð²ÐµÐ±-вÑÑановлÑваÑÑ' WHERE variable='FrameworksLoaded';
-- Frameworks loaded through webinstaller
-UPDATE systempreferences SET explanation='ÐикоÑиÑÑÐ°Ð½Ð½Ñ Ð¿ÑдÑоздÑÐ»ÐµÐ½Ð½Ñ Ð¿ÑивÑлеÑв Ð´Ð»Ñ Ð¿ÑаÑÑвникÑв' WHERE variable='GranularPermissions';
--- Use detailed staff user permissions
-
UPDATE systempreferences SET explanation='ЯкÑо ввÑмкнÑÑо, Ñо пÑдвиÑÑÑ Ð±ÐµÐ·Ð¿ÐµÐºÑ Ð¼Ñж бÑблÑоÑеками. ÐикоÑиÑÑовÑÑÑÑÑÑ, коли бÑблÑоÑеки викоÑиÑÑовÑÑÑÑ Ð¾Ð´Ð½Ñ ÑнÑÑалÑÑÑÑ ÐоÑ
а.' WHERE variable='IndependantBranches';
-- If ON, increases security between libraries
diff --git a/installer/data/mysql/updatedatabase.pl b/installer/data/mysql/updatedatabase.pl
index b65bdd1..7ea266e 100755
--- a/installer/data/mysql/updatedatabase.pl
+++ b/installer/data/mysql/updatedatabase.pl
@@ -3642,6 +3642,12 @@ if (C4::Context->preference("Version") < TransformToNum($DBversion)) {
}
+$DBversion = "3.01.00.138";
+if (C4::Context->preference("Version") < TransformToNum($DBversion)) {
+ $dbh->do("DELETE FROM systempreferences WHERE variable = 'GranularPermissions'");
+ print "Upgrade to $DBversion done (bug 4896: removing GranularPermissions syspref; use of granular permissions is now the default)";
+ SetVersion ($DBversion);
+}
=item DropAllForeignKeys($table)
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref
index 069ea9d..2dbd086 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref
@@ -71,13 +71,6 @@ Administration:
Pg: in the PostgreSQL database (not supported).
tmp: as temporary files.
-
- - Control staff access to pages within Koha based on
- - pref: GranularPermissions
- default: 0
- choices:
- yes: the specific page.
- no: the general module (such as administration or circulation).
- -
- pref: IndependantBranches
default: 0
choices:
@@ -101,4 +94,4 @@ Administration:
- of CAS when logging out of Koha.
-
- The CAS Authentication Server can be found at
- - pref: casServerUrl
\ No newline at end of file
+ - pref: casServerUrl
diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/help/members/member-flags.tmpl b/koha-tmpl/intranet-tmpl/prog/en/modules/help/members/member-flags.tmpl
index 6caa517..f0d744e 100644
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/help/members/member-flags.tmpl
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/help/members/member-flags.tmpl
@@ -13,17 +13,6 @@
<span style="background-color: #ffe599">
TIP: If a staff member is set to 'superlibrarian' they have access to all functions and do not need any other permissions checked</span></li>
</ul></li>
- <li>To give staff members more granular permissions, you can turn on the GranularPermissions system preference
- <ul>
- <li><em>Get there:</em> More > Administration > General preferences > Admin > GranularPermissions</li>
- <li>If this setting is on the permissions menu will offer more granual permissions</li>
- <li>This allows staff members access to specific tools
- <ul>
- <li>
- <span style="background-color: #ffe599">
-TIP: If this preference is turned OFF after being ON, the system reverts to the original behavior, although the specific permissions are retained. This means if a staff member has been given granular permissions they will retain those even if this is turned OFF</span></li>
- </ul></li>
- </ul></li>
</ul>
<h3>What will each permission level do?</h3>
@@ -37,10 +26,6 @@ TIP: If this preference is turned OFF after being ON, the system reverts to the
<li><strong>circulate</strong>
<ul>
<li>Ability for logged in user to check books out and back in</li>
- <li>With GranularPermissions on this section will be expanded to allow access to specific ciculation functions.
- <ul>
- <li><em>Get there:</em> More > Administration > Global System Preferences > Admin > GranularPermissions</li>
- </ul></li>
</ul></li>
<li><strong>catalog</strong>
<ul>
@@ -86,10 +71,6 @@ TIP: If this preference is turned OFF after being ON, the system reverts to the
<li><strong>tools</strong>
<ul>
<li>Use tools (export, import, barcodes)</li>
- <li>With GranularPermissions on this section will be expanded to allow access only to specific tools
- <ul>
- <li><em>Get there:</em> More > Administration > Global System Preferences > Admin > GranularPermissions</li>
- </ul></li>
</ul></li>
<li><strong>editauthorities</strong>
<ul>
@@ -107,4 +88,4 @@ TIP: If this preference is turned OFF after being ON, the system reverts to the
<ul>
<li>Provides the ability to modify login / permissions for staff users</li>
</ul></li>
- </ul><!-- TMPL_INCLUDE NAME="help-bottom.inc" -->
\ No newline at end of file
+ </ul><!-- TMPL_INCLUDE NAME="help-bottom.inc" -->
diff --git a/kohaversion.pl b/kohaversion.pl
index e7972f8..8da986b 100644
--- a/kohaversion.pl
+++ b/kohaversion.pl
@@ -10,7 +10,7 @@
use strict;
sub kohaversion {
- our $VERSION = '3.01.00.137';
+ our $VERSION = '3.01.00.138';
# version needs to be set this way
# so that it can be picked up by Makefile.PL
# during install
diff --git a/members/member-flags.pl b/members/member-flags.pl
index 749cecc..321e526 100755
--- a/members/member-flags.pl
+++ b/members/member-flags.pl
@@ -66,19 +66,17 @@ if ($input->param('newflags')) {
$sth = $dbh->prepare("UPDATE borrowers SET flags=? WHERE borrowernumber=?");
$sth->execute($module_flags, $member);
- if (C4::Context->preference('GranularPermissions')) {
- # deal with subpermissions
- $sth = $dbh->prepare("DELETE FROM user_permissions WHERE borrowernumber = ?");
- $sth->execute($member);
- $sth = $dbh->prepare("INSERT INTO user_permissions (borrowernumber, module_bit, code)
- SELECT ?, bit, ?
- FROM userflags
- WHERE flag = ?");
- foreach my $module (keys %sub_perms) {
- next if exists $all_module_perms{$module};
- foreach my $sub_perm (@{ $sub_perms{$module} }) {
- $sth->execute($member, $sub_perm, $module);
- }
+ # deal with subpermissions
+ $sth = $dbh->prepare("DELETE FROM user_permissions WHERE borrowernumber = ?");
+ $sth->execute($member);
+ $sth = $dbh->prepare("INSERT INTO user_permissions (borrowernumber, module_bit, code)
+ SELECT ?, bit, ?
+ FROM userflags
+ WHERE flag = ?");
+ foreach my $module (keys %sub_perms) {
+ next if exists $all_module_perms{$module};
+ foreach my $sub_perm (@{ $sub_perms{$module} }) {
+ $sth->execute($member, $sub_perm, $module);
}
}
@@ -104,53 +102,51 @@ if ($input->param('newflags')) {
checked => $checked,
flagdesc => $flagdesc );
- if (C4::Context->preference('GranularPermissions')) {
- my @sub_perm_loop = ();
- my $expand_parent = 0;
- if ($checked) {
- if (exists $all_perms->{$flag}) {
- $expand_parent = 1;
- foreach my $sub_perm (sort keys %{ $all_perms->{$flag} }) {
- push @sub_perm_loop, {
- id => "${flag}_$sub_perm",
- perm => "$flag:$sub_perm",
- code => $sub_perm,
- description => $all_perms->{$flag}->{$sub_perm},
- checked => 1
- };
- }
+ my @sub_perm_loop = ();
+ my $expand_parent = 0;
+ if ($checked) {
+ if (exists $all_perms->{$flag}) {
+ $expand_parent = 1;
+ foreach my $sub_perm (sort keys %{ $all_perms->{$flag} }) {
+ push @sub_perm_loop, {
+ id => "${flag}_$sub_perm",
+ perm => "$flag:$sub_perm",
+ code => $sub_perm,
+ description => $all_perms->{$flag}->{$sub_perm},
+ checked => 1
+ };
}
- } else {
- if (exists $user_perms->{$flag}) {
- $expand_parent = 1;
- # put selected ones first
- foreach my $sub_perm (sort keys %{ $user_perms->{$flag} }) {
- push @sub_perm_loop, {
- id => "${flag}_$sub_perm",
- perm => "$flag:$sub_perm",
- code => $sub_perm,
- description => $all_perms->{$flag}->{$sub_perm},
- checked => 1
- };
- }
+ }
+ } else {
+ if (exists $user_perms->{$flag}) {
+ $expand_parent = 1;
+ # put selected ones first
+ foreach my $sub_perm (sort keys %{ $user_perms->{$flag} }) {
+ push @sub_perm_loop, {
+ id => "${flag}_$sub_perm",
+ perm => "$flag:$sub_perm",
+ code => $sub_perm,
+ description => $all_perms->{$flag}->{$sub_perm},
+ checked => 1
+ };
}
- # then ones not selected
- if (exists $all_perms->{$flag}) {
- foreach my $sub_perm (sort keys %{ $all_perms->{$flag} }) {
- push @sub_perm_loop, {
- id => "${flag}_$sub_perm",
- perm => "$flag:$sub_perm",
- code => $sub_perm,
- description => $all_perms->{$flag}->{$sub_perm},
- checked => 0
- } unless exists $user_perms->{$flag} and exists $user_perms->{$flag}->{$sub_perm};
- }
+ }
+ # then ones not selected
+ if (exists $all_perms->{$flag}) {
+ foreach my $sub_perm (sort keys %{ $all_perms->{$flag} }) {
+ push @sub_perm_loop, {
+ id => "${flag}_$sub_perm",
+ perm => "$flag:$sub_perm",
+ code => $sub_perm,
+ description => $all_perms->{$flag}->{$sub_perm},
+ checked => 0
+ } unless exists $user_perms->{$flag} and exists $user_perms->{$flag}->{$sub_perm};
}
}
- $row{expand} = $expand_parent;
- if ($#sub_perm_loop > -1) {
+ }
+ $row{expand} = $expand_parent;
+ if ($#sub_perm_loop > -1) {
$row{sub_perm_loop} = \@sub_perm_loop;
- }
}
push @loop, \%row;
}
diff --git a/svc/config/systempreferences b/svc/config/systempreferences
index 6fe714a..8622f6a 100755
--- a/svc/config/systempreferences
+++ b/svc/config/systempreferences
@@ -83,9 +83,9 @@ pref_$pref1=$value1&pref_$pref2=$value2
Used to set several system preferences at once. Each preference you want to set
should be sent prefixed with pref. If you wanted to turn off the
-GranularPermissions syspref, for instance, you would POST the following:
+virtualshelves syspref, for instance, you would POST the following:
-pref_GranularPermissions=0
+pref_virtualshelves=0
=cut
--
1.7.0
More information about the Koha-patches
mailing list