From 12907d6624ca9597458e4939e15affff23bed4c6 Mon Sep 17 00:00:00 2001
From: Dan Wells <dbw2@calvin.edu>
Date: Mon, 13 Jun 2011 14:16:47 -0400
Subject: [PATCH] Serial note perms and edit support

This expands the interface to allow for editing notes on serials
objects.  At some point we will likely want to track edit dates as
well, but this gets the ball rolling.

Also renames some methods from 'create' to 'update' to match new
capabilities and make the overall API more consistent, and adds perm
checks based on related objects.

Signed-off-by: Dan Wells <dbw2@calvin.edu>
---
 .../src/perlmods/lib/OpenILS/Application/Serial.pm | 110 ++++++++++++++-------
 .../staff_client/chrome/content/main/constants.js  |   6 +-
 .../server/locale/en-US/serial.properties          |   3 +
 Open-ILS/xul/staff_client/server/serial/notes.xul  |  61 +++++++++---
 4 files changed, 128 insertions(+), 52 deletions(-)

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Serial.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Serial.pm
index a2bab96bda..7acc52dc99 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Serial.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Serial.pm
@@ -1943,39 +1943,39 @@ sub fetch_notes {
 }
 
 __PACKAGE__->register_method(
-    method      => 'create_note',
-    api_name        => 'open-ils.serial.item_note.create',
+    method      => 'update_note',
+    api_name        => 'open-ils.serial.item_note.update',
     signature   => q/
-        Creates a new item note
+        Updates or creates an item note
         @param authtoken The login session key
-        @param note The note object to create
-        @return The id of the new note object
+        @param note The note object to update or create
+        @return The id of the note object
     /
 );
 
 __PACKAGE__->register_method(
-    method      => 'create_note',
-    api_name        => 'open-ils.serial.subscription_note.create',
+    method      => 'update_note',
+    api_name        => 'open-ils.serial.subscription_note.update',
     signature   => q/
-        Creates a new subscription note
+        Updates or creates a subscription note
         @param authtoken The login session key
-        @param note The note object to create
-        @return The id of the new note object
+        @param note The note object to update or create
+        @return The id of the note object
     /
 );
 
 __PACKAGE__->register_method(
-    method      => 'create_note',
-    api_name        => 'open-ils.serial.distribution_note.create',
+    method      => 'update_note',
+    api_name        => 'open-ils.serial.distribution_note.update',
     signature   => q/
-        Creates a new distribution note
+        Updates or creates a distribution note
         @param authtoken The login session key
-        @param note The note object to create
-        @return The id of the new note object
+        @param note The note object to update or create
+        @return The id of the note object
     /
 );
 
-sub create_note {
+sub update_note {
     my( $self, $connection, $authtoken, $note ) = @_;
 
     $self->api_name =~ /serial\.(\w*)_note/;
@@ -1984,22 +1984,42 @@ sub create_note {
     my $e = new_editor(xact=>1, authtoken=>$authtoken);
     return $e->event unless $e->checkauth;
 
-    # FIXME: restore permission support
-#    my $item = $e->retrieve_serial_item(
-#        [
-#            $note->item
-#        ]
-#    );
-#
-#    return $e->event unless
-#        $e->allowed('CREATE_COPY_NOTE', $item->call_number->owning_lib);
+    if ($type eq 'item') {
+        my $sitem = $e->retrieve_serial_item([
+            $note->item, {
+                "flesh" => 2, "flesh_fields" => {
+                    "sitem" => ["stream"], "sstr" => ["distribution"]
+                }
+            }
+        ]) or return $e->die_event;
 
-    $note->create_date('now');
-    $note->creator($e->requestor->id);
-    $note->pub( ($U->is_true($note->pub)) ? 't' : 'f' );
-    $note->clear_id;
+        return $e->die_event unless $e->allowed(
+            "ADMIN_SERIAL_ITEM", $sitem->stream->distribution->holding_lib
+        );
+    } elsif ($type eq 'distribution') {
+        my $sdist = $e->retrieve_serial_distribution($note->distribution)
+            or return $e->die_event;
+
+        return $e->die_event unless
+            $e->allowed("ADMIN_SERIAL_DISTRIBUTION", $sdist->holding_lib);
+    } else { # subscription
+        my $sub = $e->retrieve_serial_subscription($note->subscription)
+            or return $e->die_event;
+
+        return $e->die_event unless
+            $e->allowed("ADMIN_SERIAL_SUBSCRIPTION", $sub->owning_lib);
+    }
 
-    my $method = "create_serial_${type}_note";
+    $note->pub( ($U->is_true($note->pub)) ? 't' : 'f' );
+    my $method;
+    if ($note->isnew) {
+        $note->create_date('now');
+        $note->creator($e->requestor->id);
+        $note->clear_id;
+        $method = "create_serial_${type}_note";
+    } else {
+        $method = "update_serial_${type}_note";
+    }
     $e->$method($note) or return $e->event;
     $e->commit;
     return $note->id;
@@ -2052,11 +2072,31 @@ sub delete_note {
         $noteid,
     ]) or return $e->die_event;
 
-# FIXME: restore permissions check
-#    if( $note->creator ne $e->requestor->id ) {
-#        return $e->die_event unless
-#            $e->allowed('DELETE_COPY_NOTE', $note->item->call_number->owning_lib);
-#    }
+    if ($type eq 'item') {
+        my $sitem = $e->retrieve_serial_item([
+            $note->item, {
+                "flesh" => 2, "flesh_fields" => {
+                    "sitem" => ["stream"], "sstr" => ["distribution"]
+                }
+            }
+        ]) or return $e->die_event;
+
+        return $e->die_event unless $e->allowed(
+            "ADMIN_SERIAL_ITEM", $sitem->stream->distribution->holding_lib
+        );
+    } elsif ($type eq 'distribution') {
+        my $sdist = $e->retrieve_serial_distribution($note->distribution)
+            or return $e->die_event;
+
+        return $e->die_event unless
+            $e->allowed("ADMIN_SERIAL_DISTRIBUTION", $sdist->holding_lib);
+    } else { # subscription
+        my $sub = $e->retrieve_serial_subscription($note->subscription)
+            or return $e->die_event;
+
+        return $e->die_event unless
+            $e->allowed("ADMIN_SERIAL_SUBSCRIPTION", $sub->owning_lib);
+    }
 
     $method = "delete_serial_${type}_note";
     $e->$method($note) or return $e->die_event;
diff --git a/Open-ILS/xul/staff_client/chrome/content/main/constants.js b/Open-ILS/xul/staff_client/chrome/content/main/constants.js
index 9961357bf7..6743d9588f 100644
--- a/Open-ILS/xul/staff_client/chrome/content/main/constants.js
+++ b/Open-ILS/xul/staff_client/chrome/content/main/constants.js
@@ -298,10 +298,10 @@ var api = {
     'FM_SDIST_SEARCH' : { 'app' : 'open-ils.pcrud', 'method' : 'open-ils.pcrud.search.sdist'},
     'FM_SDIST_TREE_LIST_RETRIEVE_VIA_RECORD_ID_AND_ORG_IDS' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.distribution_tree.retrieve', 'secure' : false },
     'FM_SDIST_TREE_LIST_RETRIEVE_VIA_RECORD_ID_AND_ORG_IDS.authoritative' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.distribution_tree.retrieve.authoritative', 'secure' : false },
-    'FM_SDISTN_CREATE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.distribution_note.create' },
+    'FM_SDISTN_UPDATE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.distribution_note.update' },
     'FM_SDISTN_DELETE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.distribution_note.delete', 'secure' : false },
     'FM_SDISTN_RETRIEVE_ALL' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.distribution_note.retrieve.all', 'secure' : false },
-    'FM_SIN_CREATE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.item_note.create' },
+    'FM_SIN_UPDATE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.item_note.update' },
     'FM_SIN_DELETE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.item_note.delete', 'secure' : false },
     'FM_SIN_RETRIEVE_ALL' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.item_note.retrieve.all', 'secure' : false },
     'FM_SISS_FLESHED_BATCH_RETRIEVE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.issuance.fleshed.batch.retrieve', 'secure' : false },
@@ -325,7 +325,7 @@ var api = {
     'FM_SSUB_FLESHED_BATCH_RETRIEVE.authoritative' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.subscription.fleshed.batch.retrieve.authoritative', 'secure' : false },
     'FM_SSUB_TREE_LIST_RETRIEVE_VIA_RECORD_ID_AND_ORG_IDS' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.subscription_tree.retrieve', 'secure' : false },
     'FM_SSUB_TREE_LIST_RETRIEVE_VIA_RECORD_ID_AND_ORG_IDS.authoritative' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.subscription_tree.retrieve.authoritative', 'secure' : false },
-    'FM_SSUBN_CREATE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.subscription_note.create' },
+    'FM_SSUBN_UPDATE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.subscription_note.update' },
     'FM_SSUBN_DELETE' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.subscription_note.delete', 'secure' : false },
     'FM_SSUBN_RETRIEVE_ALL' : { 'app' : 'open-ils.serial', 'method' : 'open-ils.serial.subscription_note.retrieve.all', 'secure' : false },
     'RETRIEVE_Z3950_SERVICES' : { 'app' : 'open-ils.search', 'method' : 'open-ils.search.z3950.retrieve_services', 'secure' : false },
diff --git a/Open-ILS/xul/staff_client/server/locale/en-US/serial.properties b/Open-ILS/xul/staff_client/server/locale/en-US/serial.properties
index 603cfb1303..dd51ce8bc4 100644
--- a/Open-ILS/xul/staff_client/server/locale/en-US/serial.properties
+++ b/Open-ILS/xul/staff_client/server/locale/en-US/serial.properties
@@ -83,6 +83,9 @@ staff.serial.manage_subs.delete_ssub.confirm=Are you sure you would like to dele
 staff.serial.manage_subs.delete_ssub.confirm.plural=Are you sure you would like to delete these %1$s subscriptions?
 staff.serial.manage_subs.delete_ssub.title=Delete Subscriptions?
 staff.serial.manage_subs.delete_ssub.override=Override Delete Failure? Doing so will delete all related data as well!
+staff.serial.notes.do_edit_note.label=Edit This Note
+staff.serial.notes.edit_note.label=Edit Note
+staff.serial.notes.edit_note.accesskey=E
 staff.serial.required_fields_alert=These fields are required: 
 batch_receive.bib_lookup.empty=Enter a search term.
 batch_receive.bib_lookup.multiple=Multiple matching records found. Please use a more specific identifier, or use the catalog to find the exact record you want.
diff --git a/Open-ILS/xul/staff_client/server/serial/notes.xul b/Open-ILS/xul/staff_client/server/serial/notes.xul
index 8f7ae26194..ef13e8e6d6 100644
--- a/Open-ILS/xul/staff_client/server/serial/notes.xul
+++ b/Open-ILS/xul/staff_client/server/serial/notes.xul
@@ -121,15 +121,24 @@
 
 				/* button bar */
 				var hb = document.createElement('hbox'); np.appendChild(hb);
+					var btn0 = document.createElement('button'); hb.appendChild(btn0);
+						btn0.setAttribute('label', $('serialStrings').getString('staff.serial.notes.do_edit_note.label'));
+						btn0.setAttribute('image',"/xul/server/skin/media/images/up_arrow.gif");
+
+						btn0.addEventListener(
+							'command',
+							function(index){ return function() { new_note(index) } }(i),
+							false
+						);
 					var btn1 = document.createElement('button'); hb.appendChild(btn1);
 						btn1.setAttribute('label', $('catStrings').getString('staff.cat.copy_notes.delete_note.label'));
 						btn1.setAttribute('image',"/xul/server/skin/media/images/up_arrow.gif");
 
 						btn1.addEventListener(
 							'command',
-							function(id){ return function() { 
+							function(index){ return function() { 
 								var r = g.error.yns_alert(
-									$('catStrings').getFormattedString('staff.cat.copy_notes.delete_note.prompt.msg', [g.notes[id].title(), g.notes[id].create_date().toString().substr(0,10)]),
+									$('catStrings').getFormattedString('staff.cat.copy_notes.delete_note.prompt.msg', [g.notes[index].title(), g.notes[index].create_date().toString().substr(0,10)]),
 									$('catStrings').getString('staff.cat.copy_notes.delete_note.prompt.title'),
 									$('catStrings').getString('staff.cat.copy_notes.delete_note.prompt.yes'),
 									$('catStrings').getString('staff.cat.copy_notes.delete_note.prompt.no'),
@@ -137,7 +146,7 @@
 									$('commonStrings').getString('common.confirm')
 								); 
 								if (r == 0) {
-									g.network.simple_request('FM_'+g.function_type+'_DELETE',[ses(),g.notes[id].id()]);
+									g.network.simple_request('FM_'+g.function_type+'_DELETE',[ses(),g.notes[index].id()]);
 									setTimeout(function() { 
 										alert($('catStrings').getString('staff.cat.copy_notes.delete_note.success'));
 										refresh(); },0
@@ -154,19 +163,38 @@
 
 		}
 		
-		function new_note() {
+		function new_note(index) {
+			var public = false;
+			var title = '';
+			var value = '';
+			var edit_mode; // for clarity
+			var label_text;
+			var button_accesskey;
+
+			if (typeof index != 'undefined') {
+				edit_mode = true;
+				public = get_bool(g.notes[index].pub());
+				title = g.notes[index].title();
+				value = g.notes[index].value();
+				label_text = $('serialStrings').getString('staff.serial.notes.edit_note.label');
+				button_accesskey = $('serialStrings').getString('staff.serial.notes.edit_note.accesskey');
+			} else {
+				label_text = $('catStrings').getString('staff.cat.copy_notes.new_note.add_note.label');
+				button_accesskey = $('catStrings').getString('staff.cat.copy_notes.new_note.add_note.accesskey');
+			}
+
 			try {
 				netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect UniversalBrowserWrite");
 				var xml = '<groupbox xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul" flex="1"> \
-					<caption label="' + $('catStrings').getString('staff.cat.copy_notes.new_note.label') + '"/> \
+					<caption label="' + label_text + '"/> \
 					<grid flex="1"><columns><column/><column flex="1"/></columns> \
 						<rows> \
-							<row><label value="' + $('catStrings').getString('staff.cat.copy_notes.new_note.public') + '"/><checkbox id="pub" name="fancy_data" checked="false"/></row> \
-							<row><label value="' + $('catStrings').getString('staff.cat.copy_notes.new_note.title') + '"/><textbox id="title" name="fancy_data" context="clipboard"/></row> \
-							<row><label value="' + $('catStrings').getString('staff.cat.copy_notes.new_note.note') + '"/><textbox multiline="true" id="note" name="fancy_data" context="clipboard"/></row> \
+							<row><label value="' + $('catStrings').getString('staff.cat.copy_notes.new_note.public') + '"/><checkbox id="pub" name="fancy_data" checked="' + public + '"/></row> \
+							<row><label value="' + $('catStrings').getString('staff.cat.copy_notes.new_note.title') + '"/><textbox id="title" name="fancy_data" context="clipboard" value="' + title + '"/></row> \
+							<row><label value="' + $('catStrings').getString('staff.cat.copy_notes.new_note.note') + '"/><textbox multiline="true" id="note" name="fancy_data" context="clipboard" value="' + value + '"/></row> \
 							<row><spacer/><hbox> \
 								<button label="' + $('catStrings').getString('staff.cat.copy_notes.new_note.cancel.label') + '" name="fancy_cancel" accesskey="' + $('catStrings').getString('staff.cat.copy_notes.new_note.cancel.accesskey') + '"/> \
-								<button label="' + $('catStrings').getString('staff.cat.copy_notes.new_note.add_note.label') + '" accesskey="' + $('catStrings').getString('staff.cat.copy_notes.new_note.add_note.accesskey') + '" name="fancy_submit"/></hbox></row> \
+								<button label="' + label_text + '" accesskey="' + button_accesskey + '" name="fancy_submit"/></hbox></row> \
 						</rows></grid></groupbox>';
 				//g.data.init({'via':'stash'});
 				//g.data.temp_note_xml = xml; g.data.stash('temp_note_xml');
@@ -177,18 +205,23 @@
 					//+ '&focus=' + window.escape('title')
 					//+ '&title=' + window.escape('Add Note'),
 					'fancy_prompt', 'chrome,resizable,modal,width=700,height=500',
-					{ 'xml' : xml, 'focus' : 'title', 'title' : $('catStrings').getString('staff.cat.copy_notes.new_note.add_note.label') }
+					{ 'xml' : xml, 'focus' : 'title', 'title' : label_text }
 				);
 				//g.data.init({'via':'stash'});
 				if (fancy_prompt_data.fancy_status == 'complete') {
 					//alert(js2JSON(g.data.fancy_prompt_data));
-					var note = new g.constructor();
-					note.isnew(1);
+					var note;
+					if (edit_mode) {
+						note = g.notes[index];
+					} else {
+						note = new g.constructor();
+						note.isnew(1);
+					}
 					note.title( fancy_prompt_data.title );
 					note.value( fancy_prompt_data.note );
 					note.pub( get_bool( fancy_prompt_data.pub ) ? get_db_true() : get_db_false() );
 					note[g.object_type]( g.object_id );
-					var r = g.network.simple_request('FM_'+g.function_type+'_CREATE',[ ses(), note ]);
+					var r = g.network.simple_request('FM_'+g.function_type+'_UPDATE',[ ses(), note ]);
 					if (typeof r.ilsevent != 'undefined') throw(r);
 					setTimeout(function() {
 						refresh();},0
@@ -203,7 +236,7 @@
 	</script>
 
 	<messagecatalog id="catStrings" src="/xul/server/locale/<!--#echo var='locale'-->/cat.properties" />
-	<messagecatalog id="circStrings" src="/xul/server/locale/<!--#echo var='locale'-->/circ.properties" />
+	<messagecatalog id="serialStrings" src="/xul/server/locale/<!--#echo var='locale'-->/serial.properties" />
 
 	<stack hidden="true" id="note_template" flex="1">
 		<groupbox flex="1" style="background-color: black;"/>
-- 
2.11.0