LP#1068287 - Add CREATE_PRECAT permission

author Cesar Velez <cesar.velez@equinoxinitiative.org>

Thu, 13 Dec 2018 23:13:39 +0000 (18:13 -0500)

committer Cesar Velez <cesar.velez@equinoxinitiative.org>

Mon, 4 Mar 2019 17:02:24 +0000 (12:02 -0500)
author Cesar Velez <cesar.velez@equinoxinitiative.org>
Thu, 13 Dec 2018 23:13:39 +0000 (18:13 -0500)
committer Cesar Velez <cesar.velez@equinoxinitiative.org>
Mon, 4 Mar 2019 17:02:24 +0000 (12:02 -0500)
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Circulate.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Circulate.pm

index 73d69ef..872d8b0 100644 (file)
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Circulate.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Circulate.pm
@@ -262,7 +262,7 @@ sub run_method {
          # requesting a precat checkout implies that any required
          # overrides have been performed.  Go ahead and re-override.
          $circulator->skip_permit_key(1);
-        $circulator->override(1) if $circulator->request_precat;
+        $circulator->override(1) if ( $circulator->request_precat && $circulator->editor->allowed('CREATE_PRECAT') );
          $circulator->do_permit();
          $circulator->is_checkout(1);
          unless( $circulator->bail_out ) {
@@ -1623,6 +1623,8 @@ sub do_checkout {
      }
  
      if( $self->is_precat ) {
+        return $self->bail_on_events(OpenILS::Event->new('PERM_FAILURE'))
+            unless $self->editor->allowed('CREATE_PRECAT');
          $self->make_precat_copy;
          return if $self->bail_out;
  
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql

index 80db671..c439045 100644 (file)
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1915,7 +1915,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
   ( 609, 'MANAGE_CUSTOM_PERM_GRP_TREE', oils_i18n_gettext( 609,
      'Allows a user to manage custom permission group lists.', 'ppl', 'description' )),
   ( 610, 'CLEAR_PURCHASE_REQUEST', oils_i18n_gettext(610,
-    'Clear Completed User Purchase Requests', 'ppl', 'description'))
+    'Clear Completed User Purchase Requests', 'ppl', 'description')),
+ ( 611, 'CREATE_PRECAT', oils_i18n_gettext(611,
+    'Allows a user to create a pre-catalogued copy', 'ppl', 'description'))
  ;
  
  
@@ -2009,6 +2011,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                 aout.name = 'Consortium' AND
                 perm.code IN (
                         'CREATE_COPY_TRANSIT',
+                       'CREATE_PRECAT',
                         'VIEW_BILLING_TYPE',
                         'VIEW_CIRCULATIONS',
                         'VIEW_COPY_NOTES',
@@ -2151,6 +2154,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                         'CREATE_BIB_IMPORT_QUEUE',
                         'CREATE_IMPORT_ITEM',
                         'CREATE_MARC',
+                       'CREATE_PRECAT',
                         'CREATE_TITLE_NOTE',
                         'DELETE_BIB_IMPORT_QUEUE',
                         'DELETE_IMPORT_ITEM',
@@ -2244,6 +2248,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                         'CREATE_IMPORT_TRASH_FIELD',
                         'CREATE_MERGE_PROFILE',
                         'CREATE_MONOGRAPH_PART',
+                       'CREATE_PRECAT',
                         'CREATE_VOLUME_PREFIX',
                         'CREATE_VOLUME_SUFFIX',
                         'DELETE_AUTHORITY_IMPORT_IMPORT_FIELD_DEF',
@@ -2319,6 +2324,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                         'ADMIN_BOOKING_RESOURCE_ATTR_VALUE',
                         'ADMIN_BOOKING_RESOURCE_TYPE',
                         'ASSIGN_GROUP_PERM',
+                       'CREATE_PRECAT',
                         'MARK_ITEM_AVAILABLE',
                         'MARK_ITEM_BINDERY',
                         'MARK_ITEM_CHECKED_OUT',
@@ -2419,6 +2425,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                 perm.code IN (
                         'ADMIN_MAX_FINE_RULE',
                         'CREATE_CIRC_DURATION',
+                       'CREATE_PRECAT',
                         'DELETE_CIRC_DURATION',
                         'MARK_ITEM_MISSING_PIECES',
                         'UPDATE_CIRC_DURATION',
@@ -2599,6 +2606,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                         'CREATE_INVOICE',
                         'CREATE_MARC',
                         'CREATE_PICKLIST',
+                       'CREATE_PRECAT',
                         'CREATE_PURCHASE_ORDER',
                         'DELETE_BIB_IMPORT_QUEUE',
                         'DELETE_IMPORT_ITEM',
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1068287_add_create_precat_permission.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1068287_add_create_precat_permission.sql

new file mode 100644 (file)

index 0000000..6d3b7b3
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1068287_add_create_precat_permission.sql
@@ -0,0 +1,18 @@
+-- Evergreen DB patch XXXX.data.lp1068287_add_create_precat_perm.sql
+--
+-- Add a permission to prevent untrained/non-authorized staff from
+-- adding pre-cat copies/items due to barcode misscans.
+--
+--BEGIN;
+
+-- check whether patch can be applied
+--SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+INSERT INTO permission.perm_list(id, code, description)
+    VALUES (611, 'CREATE_PRECAT', 'Allows user to create a pre-catalogued copy');
+
+-- Add this new permission to any group with Staff login perm.
+-- Manually remove if needed
+insert into permission.grp_perm_map(perm, grp, depth) select 611, map.grp, 0 from permission.grp_perm_map as map where map.perm = 2;
+
+-- COMMIT;
diff --git a/Open-ILS/src/templates/staff/circ/share/t_precat_dialog.tt2 b/Open-ILS/src/templates/staff/circ/share/t_precat_dialog.tt2

index f9944b9..d28023a 100644 (file)
--- a/Open-ILS/src/templates/staff/circ/share/t_precat_dialog.tt2
+++ b/Open-ILS/src/templates/staff/circ/share/t_precat_dialog.tt2
@@ -37,6 +37,9 @@
          </div>
        </div>
        <div class="modal-footer">
+        <div ng-show="!can_create_precats" class="alert alert-warning">
+            [% l('You do not have permission to complete this action.') %]
+        </div>
          <input type="submit" class="btn btn-primary" value="[% l('Precat Checkout') %]"/>
          <button class="btn btn-warning" ng-click="cancel()"
              ng-class="{disabled : actionPending}">[% l('Cancel') %]</button>
diff --git a/Open-ILS/web/js/ui/default/staff/circ/services/circ.js b/Open-ILS/web/js/ui/default/staff/circ/services/circ.js

index 724ae7f..2a1e0c0 100644 (file)
--- a/Open-ILS/web/js/ui/default/staff/circ/services/circ.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/services/circ.js
@@ -934,12 +934,14 @@ function($uibModal , $q , egCore , egAlertDialog , egConfirmDialog,  egAddCopyAl
              templateUrl: './circ/share/t_precat_dialog',
              backdrop: 'static',
              controller: 
-                ['$scope', '$uibModalInstance', 'circMods',
-                function($scope, $uibModalInstance, circMods) {
+                ['$scope', '$uibModalInstance', 'circMods', 'has_precat_perm',
+                function($scope, $uibModalInstance, circMods, has_precat_perm) {
                  $scope.focusMe = true;
                  $scope.precatArgs = {
                      copy_barcode : params.copy_barcode
                  };
+
+                $scope.can_create_precats = has_precat_perm;
                  $scope.circModifiers = circMods;
                  $scope.ok = function(args) { $uibModalInstance.close(args) }
                  $scope.cancel = function () { $uibModalInstance.dismiss() }
@@ -952,9 +954,8 @@ function($uibModal , $q , egCore , egAlertDialog , egConfirmDialog,  egAddCopyAl
                  }
              }],
              resolve : {
-                circMods : function() { 
-                    return service.get_circ_mods();
-                }
+                circMods : function() { return service.get_circ_mods(); },
+                has_precat_perm : function(){ return egCore.perm.hasPermHere('CREATE_PRECAT'); }
              }
          }).result.then(
              function(args) {
author	Cesar Velez <cesar.velez@equinoxinitiative.org>
	Thu, 13 Dec 2018 23:13:39 +0000 (18:13 -0500)
committer	Cesar Velez <cesar.velez@equinoxinitiative.org>
	Mon, 4 Mar 2019 17:02:24 +0000 (12:02 -0500)
Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Circulate.pm		patch \| blob \| history
Open-ILS/src/sql/Pg/950.data.seed-values.sql		patch \| blob \| history
Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1068287_add_create_precat_permission.sql	[new file with mode: 0644]	patch \| blob
Open-ILS/src/templates/staff/circ/share/t_precat_dialog.tt2		patch \| blob \| history
Open-ILS/web/js/ui/default/staff/circ/services/circ.js		patch \| blob \| history