projects / working / Evergreen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: baa6ad1)
LP#1979345: restrict access to holds pull list user/jeffdavis/lp1979345-scope-ang-pull-list-3
authorJeff Davis <jdavis@sitka.bclibraries.ca>
Wed, 6 Jul 2022 23:04:20 +0000 (16:04 -0700)
committerJeff Davis <jdavis@sitka.bclibraries.ca>
Tue, 1 Nov 2022 18:03:40 +0000 (11:03 -0700)
This commit adds a new VIEW_HOLD_PULL_LIST permission.  In order to view
a library's holds pull list, you need to have the new permission at that
library.

Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html patch | blob | history
Open-ILS/src/sql/Pg/950.data.seed-values.sql patch | blob | history
Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql [new file with mode: 0644] patch | blob
docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc [new file with mode: 0644] patch | blob

diff --git a/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html b/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html
index d30526d..59cbc69 100644 (file)
--- a/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html
+++ b/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html
@@ -60,7 +60,7 @@
           <div class="input-group-prepend">
             <div class="input-group-text" i18n>View Pull List For:</div>
           </div>
-          <eg-org-select [initialOrgId]="pullListOrg"
+          <eg-org-select [initialOrgId]="pullListOrg" [limitPerms]="['VIEW_HOLD_PULL_LIST']"
             (onChange)="pullListOrgChanged($event)">
           </eg-org-select>
         </div>
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
index 93b7481..4e214ed 100644 (file)
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1974,7 +1974,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
  ( 640, 'ACCESS_ANGULAR_CIRC', oils_i18n_gettext(640,
     'Allow a user to access the experimental Angular circulation interfaces', 'ppl', 'description')),
  ( 641, 'ADMIN_FUND_ROLLOVER', oils_i18n_gettext(641,
-    'Allow the user to perform fund propagation and rollover', 'ppl', 'description'))    
+    'Allow the user to perform fund propagation and rollover', 'ppl', 'description')),
+ ( 642, 'VIEW_HOLD_PULL_LIST', oils_i18n_gettext(642,
+    'View hold pull list', 'ppl', 'description'))
 ;
 
 SELECT SETVAL('permission.perm_list_id_seq'::TEXT, 1000);
@@ -2072,6 +2074,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'VIEW_CIRCULATIONS',
                        'VIEW_COPY_NOTES',
                        'VIEW_HOLD',
+                       'VIEW_HOLD_PULL_LIST',
                        'VIEW_ORG_SETTINGS',
                        'VIEW_TITLE_NOTES',
                        'VIEW_TRANSACTION',
@@ -2138,6 +2141,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'VIEW_HOLD',
                        'VIEW_HOLD_NOTIFICATION',
                        'VIEW_HOLD_PERMIT',
+                       'VIEW_HOLD_PULL_LIST',
                        'VIEW_PERM_GROUPS',
                        'VIEW_PERMISSION',
                        'VIEW_TITLE_NOTES',
@@ -2871,6 +2875,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'VIEW_CIRCS',
                        'VIEW_COPY_CHECKOUT',
                        'VIEW_HOLD',
+                       'VIEW_HOLD_PULL_LIST',
                        'VIEW_TITLE_HOLDS',
                        'VIEW_TRANSACTION',
                        'VIEW_USER',
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql
new file mode 100644 (file)
index 0000000..f30ba03
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql
@@ -0,0 +1,21 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+INSERT INTO permission.perm_list (id, code, description) VALUES
+ ( 642, 'VIEW_HOLD_PULL_LIST', oils_i18n_gettext(642,
+    'View hold pull list', 'ppl', 'description'));
+
+-- by default, assign VIEW_HOLD_PULL_LIST to everyone who has VIEW_HOLDS
+INSERT INTO permission.grp_perm_map (perm, grp, depth, grantable)
+    SELECT 642, grp, depth, grantable
+    FROM permission.grp_perm_map
+    WHERE perm = 9;
+
+INSERT INTO permission.usr_perm_map (perm, usr, depth, grantable)
+    SELECT 642, usr, depth, grantable
+    FROM permission.usr_perm_map
+    WHERE perm = 9;
+
+COMMIT;
+
diff --git a/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc b/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc
new file mode 100644 (file)
index 0000000..c783f64
--- /dev/null
+++ b/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc
@@ -0,0 +1,6 @@
+== New Permission for Viewing Holds Pull List ==
+
+Access to the holds pull list is now restricted to users with the
+VIEW_HOLD_PULL_LIST permission.  By default, this new permission is granted to
+all users with the VIEW_HOLDS permission.
+
Evergreen ILS