From 1f3b8dc16977fcb1a76b22443b79fbc204be7ed2 Mon Sep 17 00:00:00 2001 From: Thomas Berezansky Date: Sat, 24 Sep 2011 22:31:41 -0400 Subject: [PATCH] Username Change Limits Default is "Only allowed to change username if it looks like a barcode". There is a "Lock Username Changes" option to disallow username changing via the OPAC entirely, useful if syncing usernames to an outside source. There is also a username change limit disabling option that, if enabled and the Lock option is disabled, allows the previous behaviour of unlimited username changes. Signed-off-by: Thomas Berezansky Signed-off-by: Bill Erickson --- .../lib/OpenILS/WWW/EGCatLoader/Account.pm | 50 +++++++++++++++++++++- Open-ILS/src/sql/Pg/950.data.seed-values.sql | 18 ++++++++ Open-ILS/src/templates/opac/myopac/prefs.tt2 | 4 ++ Open-ILS/web/opac/skin/default/js/myopac.js | 18 +++++++- 4 files changed, 88 insertions(+), 2 deletions(-) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm index 60e33d7b87..b63f89a32c 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Account.pm @@ -91,6 +91,25 @@ sub load_myopac_prefs { $self->prepare_extended_user_info; my $user = $self->ctx->{user}; + my $lock_usernames = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.lock_usernames'); + if($lock_usernames == 1) { + # Policy says no username changes + $self->ctx->{username_change_disallowed} = 1; + } else { + my $username_unlimit = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.unlimit_usernames'); + if($username_unlimit != 1) { + my $regex_check = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.barcode_regex'); + if(!$regex_check) { + # Default is "starts with a number" + $regex_check = '^\d+'; + } + # You already have a username? + if($regex_check and $self->ctx->{user}->usrname !~ /$regex_check/) { + $self->ctx->{username_change_disallowed} = 1; + } + } + } + return Apache2::Const::OK unless $pending_addr or $replace_addr or $delete_pending; @@ -1178,6 +1197,36 @@ sub load_myopac_update_username { my $username = $self->cgi->param('username') || ''; my $current_pw = $self->cgi->param('current_pw') || ''; + $self->prepare_extended_user_info; + + my $allow_change = 1; + my $regex_check; + my $lock_usernames = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.lock_usernames'); + if($lock_usernames == 1) { + # Policy says no username changes + $allow_change = 0; + } else { + # We want this further down. + $regex_check = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.barcode_regex'); + my $username_unlimit = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.unlimit_usernames'); + if($username_unlimit != 1) { + if(!$regex_check) { + # Default is "starts with a number" + $regex_check = '^\d+'; + } + # You already have a username? + if($regex_check and $self->ctx->{user}->usrname !~ /$regex_check/) { + $allow_change = 0; + } + } + } + if(!$allow_change) { + my $url = $self->apache->unparsed_uri; + $url =~ s/update_username/prefs/; + + return $self->generic_redirect($url); + } + return Apache2::Const::OK unless $self->cgi->request_method eq 'POST'; @@ -1187,7 +1236,6 @@ sub load_myopac_update_username { } # New username can't look like a barcode if we have a barcode regex - my $regex_check = $ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.barcode_regex'); if($regex_check and $username =~ /$regex_check/) { $ctx->{invalid_username} = $username; return Apache2::Const::OK; diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql index eff9a54b43..e605528866 100644 --- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql +++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql @@ -3653,6 +3653,15 @@ INSERT into config.org_unit_setting_type 'coust', 'description'), 'bool', null) +,( 'opac.lock_usernames', 'glob', + oils_i18n_gettext('opac.lock_usernames', + 'Lock Usernames', + 'coust', 'label'), + oils_i18n_gettext('opac.lock_usernames', + 'If enabled username changing via the OPAC will be disabled', + 'coust', 'description'), + 'bool', null) + ,( 'opac.org_unit_hiding.depth', 'opac', oils_i18n_gettext('opac.org_unit_hiding.depth', 'Org Unit Hiding Depth', @@ -3671,6 +3680,15 @@ INSERT into config.org_unit_setting_type 'coust', 'description'), 'interval', null) +,( 'opac.unlimit_usernames', 'glob', + oils_i18n_gettext('opac.unlimit_usernames', + 'Allow multiple username changes', + 'coust', 'label'), + oils_i18n_gettext('opac.unlimit_usernames', + 'If enabled (and Lock Usernames is not set) patrons will be allowed to change their username when it does not look like a barcode. Otherwise username changing in the OPAC will only be allowed when the patron''s username looks like a barcode.', + 'coust', 'description'), + 'bool', null) + ,( 'opac.username_regex', 'glob', oils_i18n_gettext('opac.username_regex', 'Patron username format', diff --git a/Open-ILS/src/templates/opac/myopac/prefs.tt2 b/Open-ILS/src/templates/opac/myopac/prefs.tt2 index 2aeea79fb1..87cdfd093b 100644 --- a/Open-ILS/src/templates/opac/myopac/prefs.tt2 +++ b/Open-ILS/src/templates/opac/myopac/prefs.tt2 @@ -84,7 +84,11 @@ [% l("Username") %] [% ctx.user.usrname | html %] + [% IF ctx.username_change_disallowed %] + + [% ELSE %] [% l("Change") %] + [% END %] [% l("Password") %] diff --git a/Open-ILS/web/opac/skin/default/js/myopac.js b/Open-ILS/web/opac/skin/default/js/myopac.js index 8ac144893a..24caa23cff 100644 --- a/Open-ILS/web/opac/skin/default/js/myopac.js +++ b/Open-ILS/web/opac/skin/default/js/myopac.js @@ -890,6 +890,22 @@ function _myOPACSummaryShowUer(r) { req.callback(myopacDrawNotes); req.send(); + r = fetchOrgSettingDefault(G.user.home_ou(), 'opac.lock_usernames'); + if(r) { + // No changing username - Policy Lock + hideMe($('myopac_summary_username_change')); + } else { + r = fetchOrgSettingDefault(G.user.home_ou(), 'opac.unlimit_usernames'); + if(!r) { + r = fetchOrgSettingDefault(G.user.home_ou(), 'opac.barcode_regex'); + if(r) REGEX_BARCODE = new RegExp(r); + + if(!user.usrname().match(REGEX_BARCODE)) { + // No changing username - You already have one! + hideMe($('myopac_summary_username_change')); + } + } + } var tbody = $('myopac_addr_tbody'); var template; @@ -1068,7 +1084,7 @@ function myOPACUpdateUsername() { return; } - r = fetchOrgSettingDefault(globalOrgTree.id(), 'opac.barcode_regex'); + r = fetchOrgSettingDefault(G.user.home_ou(), 'opac.barcode_regex'); if(r) REGEX_BARCODE = new RegExp(r); if(username.match(REGEX_BARCODE)) { -- 2.11.0