projects / evergreen / pines.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 557b329)
LP#1979345: restrict access to holds pull list
authorJeff Davis <jdavis@sitka.bclibraries.ca>
Wed, 6 Jul 2022 23:04:20 +0000 (16:04 -0700)
committerJeff Davis <jdavis@sitka.bclibraries.ca>
Wed, 3 May 2023 05:31:17 +0000 (22:31 -0700)
This commit adds a new VIEW_HOLD_PULL_LIST permission.  In order to view
a library's holds pull list, you need to have the new permission at that
library.

Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca>
Signed-off-by: Josh Stompro <stompro@stompro.org>
Signed-off-by: Gina Monti <gmonti@biblio.org>
Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html patch | blob | history
Open-ILS/src/sql/Pg/950.data.seed-values.sql patch | blob | history
Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql [new file with mode: 0644] patch | blob
docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc [new file with mode: 0644] patch | blob

diff --git a/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html b/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html
index 8470524..487fae8 100644 (file)
--- a/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html
+++ b/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html
@@ -56,7 +56,7 @@
       <div class="col-lg-4 mb-2">
         <div class="input-group">
           <div class="input-group-text" i18n>View Pull List For:</div>
-          <eg-org-select [initialOrgId]="pullListOrg"
+          <eg-org-select [initialOrgId]="pullListOrg" [limitPerms]="['VIEW_HOLD_PULL_LIST']"
             (onChange)="pullListOrgChanged($event)">
           </eg-org-select>
         </div>
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
index 2bc8a20..2867f6f 100644 (file)
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1976,7 +1976,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
  ( 641, 'ADMIN_FUND_ROLLOVER', oils_i18n_gettext(641,
     'Allow the user to perform fund propagation and rollover', 'ppl', 'description')),
  ( 642, 'UPDATE_COPY_BARCODE', oils_i18n_gettext(642,
-    'Update the barcode for an item.', 'ppl', 'description'))
+    'Update the barcode for an item.', 'ppl', 'description')),
+ ( 643, 'VIEW_HOLD_PULL_LIST', oils_i18n_gettext(643,
+    'View hold pull list', 'ppl', 'description'))
 ;
 
 SELECT SETVAL('permission.perm_list_id_seq'::TEXT, 1000);
@@ -2074,6 +2076,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'VIEW_CIRCULATIONS',
                        'VIEW_COPY_NOTES',
                        'VIEW_HOLD',
+                       'VIEW_HOLD_PULL_LIST',
                        'VIEW_ORG_SETTINGS',
                        'VIEW_TITLE_NOTES',
                        'VIEW_TRANSACTION',
@@ -2140,6 +2143,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'VIEW_HOLD',
                        'VIEW_HOLD_NOTIFICATION',
                        'VIEW_HOLD_PERMIT',
+                       'VIEW_HOLD_PULL_LIST',
                        'VIEW_PERM_GROUPS',
                        'VIEW_PERMISSION',
                        'VIEW_TITLE_NOTES',
@@ -2876,6 +2880,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
                        'VIEW_CIRCS',
                        'VIEW_COPY_CHECKOUT',
                        'VIEW_HOLD',
+                       'VIEW_HOLD_PULL_LIST',
                        'VIEW_TITLE_HOLDS',
                        'VIEW_TRANSACTION',
                        'VIEW_USER',
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql
new file mode 100644 (file)
index 0000000..078f661
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql
@@ -0,0 +1,21 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+INSERT INTO permission.perm_list (id, code, description) VALUES
+ ( 643, 'VIEW_HOLD_PULL_LIST', oils_i18n_gettext(643,
+    'View hold pull list', 'ppl', 'description'));
+
+-- by default, assign VIEW_HOLD_PULL_LIST to everyone who has VIEW_HOLDS
+INSERT INTO permission.grp_perm_map (perm, grp, depth, grantable)
+    SELECT 643, grp, depth, grantable
+    FROM permission.grp_perm_map
+    WHERE perm = 9;
+
+INSERT INTO permission.usr_perm_map (perm, usr, depth, grantable)
+    SELECT 643, usr, depth, grantable
+    FROM permission.usr_perm_map
+    WHERE perm = 9;
+
+COMMIT;
+
diff --git a/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc b/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc
new file mode 100644 (file)
index 0000000..c783f64
--- /dev/null
+++ b/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc
@@ -0,0 +1,6 @@
+== New Permission for Viewing Holds Pull List ==
+
+Access to the holds pull list is now restricted to users with the
+VIEW_HOLD_PULL_LIST permission.  By default, this new permission is granted to
+all users with the VIEW_HOLDS permission.
+
Evergreen working repo (PINES)