);
if(patron.isnew()) {
- if(clone)
- uEditClone(clone);
- else
- uEditCreateNewAddr();
- }
+ if(clone) uEditClone(clone);
+ else uEditCreateNewAddr();
+
+ } else {
- if(!patron.isnew()) {
$('ue_barcode').disabled = true;
unHideMe($('ue_mark_card_lost'));
unHideMe($('ue_reset_pw'));
+ uEditCheckEditPerm();
}
if(PERMS['BAR_PATRON'] == -1)
}
+/* if this user does not have permission to put users into
+ the edited users group, they do not have permission to
+ edit this user */
+function uEditCheckEditPerm() {
+
+ var perm = uEditFindGroupPerm(groupsCache[patron.profile()]);
+ _debug("editing user with group app perm "+patron.profile()+' : '+
+ groupsCache[patron.profile()].name() +', and perm = ' + perm);
+
+ if(PERMS[perm] != -1) return;
+
+ /* we can edit our own account, but not others in our group */
+ if( patron.id() != USER.id() ){
+ _debug("we are not allowed to edit this user");
+
+ $('ue_save').disabled = true;
+ $('ue_save_clone').disabled = true;
+
+ uEditIterateFields(
+ function(f) {
+ if( f && f.widget && f.widget.node )
+ f.widget.node.disabled = true;
+ }
+ );
+
+ }
+
+ var node = $('ue_profile').parentNode;
+ node.removeChild($('ue_profile'));
+ node.appendChild(elem('span',null,groupsCache[patron.profile()].name()));
+}
+
+
/* creates a new patron object with card attached */
var uEditCardVirtId = -1;
function uEditNewPatron() {
</style>
</head>
- <body onload='try{uEditInit();}catch(e){alert(js2JSON(e));}'>
+ <body onload='uEditInit();'>
<center>
/* if they don't have these perms, they shouldn't be here */
var myPerms = [
- /*
- 'CREATE_USER',
- 'UPDATE_USER',
- 'CREATE_PATRON_STAT_CAT_ENTRY_MAP',
- */
'BAR_PATRON',
+ 'group_application.user',
+ 'group_application.user.patron',
+ 'group_application.user.staff',
+ 'group_application.user.staff.circ',
+ 'group_application.user.staff.cat',
+ 'group_application.user.staff.admin.global_admin',
+ 'group_application.user.staff.admin.local_admin',
+ 'group_application.user.staff.admin.lib_manager',
+ 'group_application.user.staff.cat.cat1',
+ 'group_application.user.staff.supercat',
+ 'group_application.user.sip_client',
+ 'group_application.user.vendor'
];
var dataFields;
regex : numRegex,
onpostchange : function(field, value) {
var type = groupsCache[value];
+ if(!type) return;
var interval = type.perm_interval();
/* interval_to_seconds expects 'M' for months, 'm' for minutes */
depth = 0;
}
groupsCache[tree.id()] = tree;
- insertSelectorVal( selector, -1, tree.name(), tree.id(), null, depth++ );
+
+ /* if the staff does not have perms to access this group,
+ remove it from the tree and don't add it's children */
+ var perm = uEditFindGroupPerm(tree);
+ var org = PERMS[perm];
+ if( org == -1 ) return;
+
+ var opt = insertSelectorVal( selector, -1, tree.name(), tree.id(), null, depth++ );
+
for( var c in tree.children() )
uEditDrawGroups( tree.children()[c], depth, selector );
}
+function uEditFindGroupPerm(group) {
+ if( group.application_perm() )
+ return group.application_perm();
+ return uEditFindGroupPerm(groupsCache[group.parent()]);
+}
+
+
/* user identification types */
function uEditDrawIDTypes(types) {
var pri_sel = $('ue_primary_ident_type');
}
+
+
projects / Evergreen.git / commitdiff