added support for friends viewing checkouts

git-svn-id: svn://svn.open-ils.org/ILS/trunk@11660 dcc99617-32d9-48b4-a31d-7c20da2025e4

diff --git a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
index f7fcd23..2d183ec 100644 (file)
--- a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
@@ -1845,9 +1845,16 @@ sub checked_out {
 
        my $e = new_editor(authtoken=>$auth);
        return $e->event unless $e->checkauth;
+    my $user = $e->retrieve_actor_user($userid) or return $e->event;
 
        if( $userid ne $e->requestor->id ) {
-               return $e->event unless $e->allowed('VIEW_CIRCULATIONS');
+               unless($e->allowed('VIEW_CIRCULATIONS', $user->home_ou)) {
+
+            # see if there is a friend link allowing circ.view perms
+            my $allowed = OpenILS::Application::Actor::Friends->friend_perm_allowed(
+                $e, $userid, $e->requestor->id, 'circ.view');
+            return $e->event unless $allowed;
+        }
        }
 
        my $count = $self->api_name =~ /count/;