projects / working / Evergreen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f39c99b)
LH#29: ensure that we don't search for providers that we can't retrieve
authorGalen Charlton <gmc@equinoxinitiative.org>
Tue, 1 Sep 2020 16:32:18 +0000 (12:32 -0400)
committerGalen Charlton <gmc@equinoxinitiative.org>
Tue, 1 Sep 2020 16:32:18 +0000 (12:32 -0400)
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>
Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search-form.component.html patch | blob | history
Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search.service.ts patch | blob | history
Open-ILS/src/eg2/src/app/staff/acq/provider/provider-record.service.ts patch | blob | history

diff --git a/Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search-form.component.html b/Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search-form.component.html
index 5fd9681..1dbe407 100644 (file)
--- a/Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search-form.component.html
+++ b/Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search-form.component.html
@@ -8,7 +8,10 @@
       <input i18n-placeholder placeholder="Code" [ngModelOptions]="{standalone: true}" [(ngModel)]="providerCode" type="text" class="form-control" />
     </div>
     <div class="col-lg-4">
-      <eg-org-family-select i18n-labelText labelText="Owner" [ngModelOptions]="{standalone: true}" [(ngModel)]="providerOwners"></eg-org-family-select>
+      <eg-org-family-select i18n-labelText labelText="Owner"
+        [limitPerms]="['VIEW_PROVIDER','MANAGE_PROVIDER','ADMIN_PROVIDER']"
+        [ngModelOptions]="{standalone: true}" [(ngModel)]="providerOwners">
+      </eg-org-family-select>
     </div>
     <div class="col-lg-2 text-right">
       <button class="btn btn-primary mr-1" (click)="submitSearch()" type="submit" i18n>Search</button>
diff --git a/Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search.service.ts b/Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search.service.ts
index 0fb528e..edb311a 100644 (file)
--- a/Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search.service.ts
+++ b/Open-ILS/src/eg2/src/app/staff/acq/provider/acq-provider-search.service.ts
@@ -6,6 +6,7 @@ import {GridDataSource} from '@eg/share/grid/grid';
 import {PcrudService} from '@eg/core/pcrud.service';
 import {Pager} from '@eg/share/util/pager';
 import {EventService} from '@eg/core/event.service';
+import {ProviderRecordService} from './provider-record.service';
 
 export interface AcqProviderSearchTerm {
     classes: string[];
@@ -27,7 +28,8 @@ export class AcqProviderSearchService {
     constructor(
         private evt: EventService,
         private auth: AuthService,
-        private pcrud: PcrudService
+        private pcrud: PcrudService,
+        private providerRecord: ProviderRecordService
     ) {
         this.firstRun = true;
     }
@@ -82,6 +84,14 @@ export class AcqProviderSearchService {
             term.fields.forEach( (field, ind) => {
                 const curr_cls = term.classes[ind];
 
+                // remove any OUs that the user doesn't have provider view
+                // permission for
+                if (curr_cls == 'acqpro' && field == 'owner' && op == 'in') {
+                    val = val.filter(ou => {
+                        return this.providerRecord.getViewOUs().includes(ou);
+                    });
+                }
+
                 if (ind === 1) {
                     // we're OR'ing in other classes/fields
                     // and this is the first so restructure
diff --git a/Open-ILS/src/eg2/src/app/staff/acq/provider/provider-record.service.ts b/Open-ILS/src/eg2/src/app/staff/acq/provider/provider-record.service.ts
index 02bc309..9caccc4 100644 (file)
--- a/Open-ILS/src/eg2/src/app/staff/acq/provider/provider-record.service.ts
+++ b/Open-ILS/src/eg2/src/app/staff/acq/provider/provider-record.service.ts
@@ -34,6 +34,7 @@ export class ProviderRecordService {
     providerUpdated$ = this.providerUpdatedSource.asObservable();
 
     private permissions: any;
+    private viewOUs: number[] = [];
 
     constructor(
         private idl: IdlService,
@@ -46,8 +47,19 @@ export class ProviderRecordService {
     }
 
     loadPerms() {
-        this.perm.hasWorkPermAt(['ADMIN_PROVIDER','MANAGE_PROVIDER'], true).then(permMap => {
+        this.perm.hasWorkPermAt(['ADMIN_PROVIDER','MANAGE_PROVIDER', 'VIEW_PROVIDER'], true).then(permMap => {
             this.permissions = permMap;
+            this.viewOUs.concat(permMap['VIEW_PROVIDER']);
+            this.permissions['ADMIN_PROVIDER'].forEach(ou => {
+                if (!this.viewOUs.includes(ou)) {
+                    this.viewOUs.push(ou);
+                }
+            });
+            this.permissions['MANAGE_PROVIDER'].forEach(ou => {
+                if (!this.viewOUs.includes(ou)) {
+                    this.viewOUs.push(ou);
+                }
+            });
         });
     }
 
@@ -133,6 +145,10 @@ export class ProviderRecordService {
         }
     }
 
+    getViewOUs(): number[] {
+        return this.viewOUs;
+    }
+
     current(): IdlObject {
         return this.currentProvider ? this.currentProvider.record : null;
     }
Evergreen ILS