LP#1068287 - Add CREATE_PRECAT permission
authorCesar Velez <cesar.velez@equinoxinitiative.org>
Thu, 13 Dec 2018 23:13:39 +0000 (18:13 -0500)
committerGalen Charlton <gmc@equinoxinitiative.org>
Fri, 6 Sep 2019 22:07:08 +0000 (18:07 -0400)
Add this permission to prevent untrained/un-authorized
circ staff from creating pre-cat items due to mis-scanned
barcodes. Added to all profiles by default, so that staff
admins can pinpoint users who may not have it, i.e Volunteers, etc.

Signed-off by: Cesar Velez <cesar.velez@equinoxinitiative.org>
Signed-off-by: Jason Etheridge <jason@equinoxinitiative.org>
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>
Open-ILS/src/perlmods/lib/OpenILS/Application/Circ/Circulate.pm
Open-ILS/src/sql/Pg/950.data.seed-values.sql
Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1068287_add_create_precat_permission.sql [new file with mode: 0644]
Open-ILS/src/templates/staff/circ/share/t_precat_dialog.tt2
Open-ILS/web/js/ui/default/staff/circ/services/circ.js

index 7a2958a..edf0586 100644 (file)
@@ -262,7 +262,7 @@ sub run_method {
         # requesting a precat checkout implies that any required
         # overrides have been performed.  Go ahead and re-override.
         $circulator->skip_permit_key(1);
-        $circulator->override(1) if $circulator->request_precat;
+        $circulator->override(1) if ( $circulator->request_precat && $circulator->editor->allowed('CREATE_PRECAT') );
         $circulator->do_permit();
         $circulator->is_checkout(1);
         unless( $circulator->bail_out ) {
@@ -2426,6 +2426,8 @@ sub create_due_date {
 sub make_precat_copy {
     my $self = shift;
     my $copy = $self->copy;
+    return $self->bail_on_events(OpenILS::Event->new('PERM_FAILURE'))
+       unless $self->editor->allowed('CREATE_PRECAT');
 
    if($copy) {
         $logger->debug("circulator: Pre-cat copy already exists in checkout: ID=" . $copy->id);
index 364942a..ae42bdf 100644 (file)
@@ -1929,7 +1929,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
  ( 616, 'IMPORT_USE_ORG_UNIT_COPIES', oils_i18n_gettext( 616,
     'Allows users to import records based on the number of org unit copies attached to a record', 'ppl', 'description' )),
  ( 617, 'IMPORT_ON_ORDER_CAT_COPY', oils_i18n_gettext( 617,
-    'Allows users to import copies based on the on-order items attached to a record', 'ppl', 'description' ))
+    'Allows users to import copies based on the on-order items attached to a record', 'ppl', 'description' )),
+ ( 618, 'CREATE_PRECAT', oils_i18n_gettext(618,
+    'Allows a user to create a pre-catalogued copy', 'ppl', 'description'))
 ;
 
 
@@ -2023,6 +2025,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                aout.name = 'Consortium' AND
                perm.code IN (
                        'CREATE_COPY_TRANSIT',
+                       'CREATE_PRECAT',
                        'VIEW_BILLING_TYPE',
                        'VIEW_CIRCULATIONS',
                        'VIEW_COPY_NOTES',
@@ -2165,6 +2168,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'CREATE_BIB_IMPORT_QUEUE',
                        'CREATE_IMPORT_ITEM',
                        'CREATE_MARC',
+                       'CREATE_PRECAT',
                        'CREATE_TITLE_NOTE',
                        'DELETE_BIB_IMPORT_QUEUE',
                        'DELETE_IMPORT_ITEM',
@@ -2258,6 +2262,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'CREATE_IMPORT_TRASH_FIELD',
                        'CREATE_MERGE_PROFILE',
                        'CREATE_MONOGRAPH_PART',
+                       'CREATE_PRECAT',
                        'CREATE_VOLUME_PREFIX',
                        'CREATE_VOLUME_SUFFIX',
                        'DELETE_AUTHORITY_IMPORT_IMPORT_FIELD_DEF',
@@ -2333,6 +2338,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'ADMIN_BOOKING_RESOURCE_ATTR_VALUE',
                        'ADMIN_BOOKING_RESOURCE_TYPE',
                        'ASSIGN_GROUP_PERM',
+                       'CREATE_PRECAT',
                        'MARK_ITEM_AVAILABLE',
                        'MARK_ITEM_BINDERY',
                        'MARK_ITEM_CHECKED_OUT',
@@ -2433,6 +2439,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                perm.code IN (
                        'ADMIN_MAX_FINE_RULE',
                        'CREATE_CIRC_DURATION',
+                       'CREATE_PRECAT',
                        'DELETE_CIRC_DURATION',
                        'MARK_ITEM_MISSING_PIECES',
                        'UPDATE_CIRC_DURATION',
@@ -2614,6 +2621,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'CREATE_INVOICE',
                        'CREATE_MARC',
                        'CREATE_PICKLIST',
+                       'CREATE_PRECAT',
                        'CREATE_PURCHASE_ORDER',
                        'DELETE_BIB_IMPORT_QUEUE',
                        'DELETE_IMPORT_ITEM',
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1068287_add_create_precat_permission.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1068287_add_create_precat_permission.sql
new file mode 100644 (file)
index 0000000..e960c5d
--- /dev/null
@@ -0,0 +1,18 @@
+-- Evergreen DB patch XXXX.data.lp1068287_add_create_precat_perm.sql
+--
+-- Add a permission to prevent untrained/non-authorized staff from
+-- adding pre-cat copies/items due to barcode misscans.
+--
+--BEGIN;
+
+-- check whether patch can be applied
+--SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+INSERT INTO permission.perm_list(id, code, description)
+    VALUES (618, 'CREATE_PRECAT', 'Allows user to create a pre-catalogued copy');
+
+-- Add this new permission to any group with Staff login perm.
+-- Manually remove if needed
+insert into permission.grp_perm_map(perm, grp, depth) select 618, map.grp, 0 from permission.grp_perm_map as map where map.perm = 2;
+
+-- COMMIT;
index f9944b9..d28023a 100644 (file)
@@ -37,6 +37,9 @@
         </div>
       </div>
       <div class="modal-footer">
+        <div ng-show="!can_create_precats" class="alert alert-warning">
+            [% l('You do not have permission to complete this action.') %]
+        </div>
         <input type="submit" class="btn btn-primary" value="[% l('Precat Checkout') %]"/>
         <button class="btn btn-warning" ng-click="cancel()"
             ng-class="{disabled : actionPending}">[% l('Cancel') %]</button>
index acf9d94..8c104cc 100644 (file)
@@ -940,12 +940,14 @@ function($uibModal , $q , egCore , egAlertDialog , egConfirmDialog,  egAddCopyAl
             templateUrl: './circ/share/t_precat_dialog',
             backdrop: 'static',
             controller: 
-                ['$scope', '$uibModalInstance', 'circMods',
-                function($scope, $uibModalInstance, circMods) {
+                ['$scope', '$uibModalInstance', 'circMods', 'has_precat_perm',
+                function($scope, $uibModalInstance, circMods, has_precat_perm) {
                 $scope.focusMe = true;
                 $scope.precatArgs = {
                     copy_barcode : params.copy_barcode
                 };
+
+                $scope.can_create_precats = has_precat_perm;
                 $scope.circModifiers = circMods;
                 $scope.ok = function(args) { $uibModalInstance.close(args) }
                 $scope.cancel = function () { $uibModalInstance.dismiss() }
@@ -958,9 +960,8 @@ function($uibModal , $q , egCore , egAlertDialog , egConfirmDialog,  egAddCopyAl
                 }
             }],
             resolve : {
-                circMods : function() { 
-                    return service.get_circ_mods();
-                }
+                circMods : function() { return service.get_circ_mods(); },
+                has_precat_perm : function(){ return egCore.perm.hasPermHere('CREATE_PRECAT'); }
             }
         }).result.then(
             function(args) {