From 593fb562d80b9c1fbaa323ad7865f29643b7bb68 Mon Sep 17 00:00:00 2001
From: Thomas Berezansky <tsbere@mvlc.org>
Date: Sun, 25 Sep 2011 15:00:08 -0400
Subject: [PATCH] Add permission for creating report templates

Because we would like people to be able to run them, but not create them.

Signed-off-by: Thomas Berezansky <tsbere@mvlc.org>
---
 Open-ILS/src/perlmods/lib/OpenILS/Application/Reporter.pm | 3 +++
 Open-ILS/src/sql/Pg/950.data.seed-values.sql              | 5 +++++
 2 files changed, 8 insertions(+)

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Reporter.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Reporter.pm
index 6e9468a5a9..e268281ebd 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Reporter.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Reporter.pm
@@ -20,6 +20,7 @@ sub create_folder {
 	my $e = new_rstore_editor(xact=>1, authtoken=>$auth);
 	return $e->die_event unless $e->checkauth;
 	return $e->die_event unless $e->allowed('RUN_REPORTS');
+	return $e->die_event unless ($type ne 'template' || $e->allowed('CREATE_REPORT_TEMPLATE'));
 
 	return 0 if $folder->owner ne $e->requestor->id;
 
@@ -168,6 +169,7 @@ sub create_template {
 	my $e = new_rstore_editor(authtoken=>$auth, xact=>1);
 	return $e->die_event unless $e->checkauth;
 	return $e->die_event unless $e->allowed('RUN_REPORTS');
+	return $e->die_event unless $e->allowed('CREATE_REPORT_TEMPLATE');
 	$template->owner($e->requestor->id);
 
 	my $existing = $e->search_reporter_template( {owner=>$template->owner,
@@ -258,6 +260,7 @@ sub update_template {
 	my $e = new_rstore_editor(authtoken=>$auth, xact=>1);
 	return $e->die_event unless $e->checkauth;
 	return $e->die_event unless $e->allowed('RUN_REPORTS');
+	return $e->die_event unless $e->allowed('CREATE_REPORT_TEMPLATE');
 	my $t = $e->retrieve_reporter_template($tmpl->id)
 		or return $e->die_event;
 	return 0 if $t->owner ne $e->requestor->id;
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
index 628856ff4c..b2cbfb2fc8 100644
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1447,6 +1447,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
     'Allows a user to manually adjust a patron''s active cards', 'ppl', 'description')),
  ( 515, 'UPDATE_PATRON_PRIMARY_CARD', oils_i18n_gettext( 515,
     'Allows a user to manually adjust a patron''s primary card', 'ppl', 'description'));
+    'Allows a user to use debug functions in the staff client', 'ppl', 'description' ));
+ ( 516, 'CREATE_REPORT_TEMPLATE', oils_i18n_gettext( 516,
+    'Allows a user to create report templates', 'ppl', 'description' ));
 
 SELECT SETVAL('permission.perm_list_id_seq'::TEXT, 1000);
 
@@ -1795,6 +1798,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
 			'CREATE_COPY_STAT_CAT_ENTRY',
 			'CREATE_COPY_STAT_CAT_ENTRY_MAP',
 			'RUN_REPORTS',
+            'CREATE_REPORT_TEMPLATE',
 			'SHARE_REPORT_FOLDER',
 			'UPDATE_COPY_LOCATION',
 			'UPDATE_COPY_STAT_CAT',
@@ -2195,6 +2199,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
 			'DELETE_INVOICE_METHOD',
 			'DELETE_PROVIDER',
 			'RUN_REPORTS',
+            'CREATE_REPORT_TEMPLATE',
 			'SHARE_REPORT_FOLDER',
 			'UPDATE_ACQ_FUNDING_SOURCE',
 			'UPDATE_INVOICE_ITEM_TYPE',
-- 
2.11.0