From: Jeff Davis Date: Wed, 6 Jul 2022 23:04:20 +0000 (-0700) Subject: LP#1979345: restrict access to holds pull list X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=c47ae135371b2680c64b59e9a1086f63c7d7aa62;p=working%2FEvergreen.git LP#1979345: restrict access to holds pull list This commit adds a new VIEW_HOLD_PULL_LIST permission. In order to view a library's holds pull list, you need to have the new permission at that library. Signed-off-by: Jeff Davis --- diff --git a/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html b/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html index d30526d826..59cbc6912d 100644 --- a/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html +++ b/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html @@ -60,7 +60,7 @@
View Pull List For:
- diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql index 93b7481231..4e214edcba 100644 --- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql +++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql @@ -1974,7 +1974,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES ( 640, 'ACCESS_ANGULAR_CIRC', oils_i18n_gettext(640, 'Allow a user to access the experimental Angular circulation interfaces', 'ppl', 'description')), ( 641, 'ADMIN_FUND_ROLLOVER', oils_i18n_gettext(641, - 'Allow the user to perform fund propagation and rollover', 'ppl', 'description')) + 'Allow the user to perform fund propagation and rollover', 'ppl', 'description')), + ( 642, 'VIEW_HOLD_PULL_LIST', oils_i18n_gettext(642, + 'View hold pull list', 'ppl', 'description')) ; SELECT SETVAL('permission.perm_list_id_seq'::TEXT, 1000); @@ -2072,6 +2074,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) 'VIEW_CIRCULATIONS', 'VIEW_COPY_NOTES', 'VIEW_HOLD', + 'VIEW_HOLD_PULL_LIST', 'VIEW_ORG_SETTINGS', 'VIEW_TITLE_NOTES', 'VIEW_TRANSACTION', @@ -2138,6 +2141,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) 'VIEW_HOLD', 'VIEW_HOLD_NOTIFICATION', 'VIEW_HOLD_PERMIT', + 'VIEW_HOLD_PULL_LIST', 'VIEW_PERM_GROUPS', 'VIEW_PERMISSION', 'VIEW_TITLE_NOTES', @@ -2871,6 +2875,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) 'VIEW_CIRCS', 'VIEW_COPY_CHECKOUT', 'VIEW_HOLD', + 'VIEW_HOLD_PULL_LIST', 'VIEW_TITLE_HOLDS', 'VIEW_TRANSACTION', 'VIEW_USER', diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql new file mode 100644 index 0000000000..f30ba03d6e --- /dev/null +++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql @@ -0,0 +1,21 @@ +BEGIN; + +SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version); + +INSERT INTO permission.perm_list (id, code, description) VALUES + ( 642, 'VIEW_HOLD_PULL_LIST', oils_i18n_gettext(642, + 'View hold pull list', 'ppl', 'description')); + +-- by default, assign VIEW_HOLD_PULL_LIST to everyone who has VIEW_HOLDS +INSERT INTO permission.grp_perm_map (perm, grp, depth, grantable) + SELECT 642, grp, depth, grantable + FROM permission.grp_perm_map + WHERE perm = 9; + +INSERT INTO permission.usr_perm_map (perm, usr, depth, grantable) + SELECT 642, usr, depth, grantable + FROM permission.usr_perm_map + WHERE perm = 9; + +COMMIT; + diff --git a/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc b/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc new file mode 100644 index 0000000000..c783f64aeb --- /dev/null +++ b/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc @@ -0,0 +1,6 @@ +== New Permission for Viewing Holds Pull List == + +Access to the holds pull list is now restricted to users with the +VIEW_HOLD_PULL_LIST permission. By default, this new permission is granted to +all users with the VIEW_HOLDS permission. +