Prevent deletion of a user with open circulations or unpaid bills

Signed-off-by: Michael Peters <mrpeters@library.in.gov>

diff --git a/Open-ILS/src/extras/ils_events.xml b/Open-ILS/src/extras/ils_events.xml
index 0297eff..066ad82 100644 (file)
--- a/Open-ILS/src/extras/ils_events.xml
+++ b/Open-ILS/src/extras/ils_events.xml
@@ -757,6 +757,9 @@
        <event code='2003' textcode='INTERNAL_SERVER_ERROR'>
                <desc xml:lang="en-US">There was an internal server error</desc>
        </event>
+        <event code='2004' textcode='ACTOR_USER_DELETE_OPEN_XACTS'>
+                <desc xml:lang="en-US">The user you have attempted to delete cannot be deleted because it has open circulations and/or unpaid bills.</desc>
+        </event>
 
     <!-- CREDIT EVENTS -->
        <event code='4001' textcode='CREDIT_PROCESSOR_NOT_ENABLED'>

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
index ad6fabc..dd4d16e 100644 (file)
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Actor.pm
@@ -3514,7 +3514,21 @@ sub really_delete_user {
     my($self, $conn, $auth, $user_id, $dest_user_id) = @_;
     my $e = new_editor(authtoken => $auth, xact => 1);
     return $e->die_event unless $e->checkauth;
+
+    # Find all unclosed billings for for user $user_id, thereby, also checking for open circs
+    my $open_bills = $e->json_query({
+        select => { mbts => ['id'] },
+        from => 'mbts',
+        where => {
+            xact_finish => { '=' => undef },
+            usr => { '=' => $user_id },
+        }
+    }) or return $e->die_event;
+
     my $user = $e->retrieve_actor_user($user_id) or return $e->die_event;
+
+    # No deleting patrons with open billings or checked out copies
+    return $e->die_event(OpenILS::Event->new('ACTOR_USER_DELETE_OPEN_XACTS')) if @$open_bills;
     # No deleting yourself - UI is supposed to stop you first, though.
     return $e->die_event unless $e->requestor->id != $user->id;
     return $e->die_event unless $e->allowed('DELETE_USER', $user->home_ou);
@@ -3523,14 +3537,13 @@ sub really_delete_user {
     my $evt = group_perm_failed($session, $e->requestor, $user);
     return $e->die_event($evt) if $evt;
     my $stat = $e->json_query(
-        {from => ['actor.usr_delete', $user_id, $dest_user_id]})->[0] 
+        {from => ['actor.usr_delete', $user_id, $dest_user_id]})->[0]
         or return $e->die_event;
     $e->commit;
     return 1;
 }
 
 
-
 __PACKAGE__->register_method (
        method          => 'user_payments',
        api_name    => 'open-ils.actor.user.payments.retrieve',