From a794eb1453ef2b348a8f5928532e96e5bea39837 Mon Sep 17 00:00:00 2001
From: erickson <erickson@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Wed, 2 Aug 2006 20:35:00 +0000
Subject: [PATCH] implemented the fabled group-groups

git-svn-id: svn://svn.open-ils.org/ILS/trunk@5231 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 Open-ILS/xul/staff_client/server/patron/ue.js      | 44 +++++++++++++++++++---
 Open-ILS/xul/staff_client/server/patron/ue.xhtml   |  2 +-
 .../xul/staff_client/server/patron/ue_config.js    | 18 ++++++---
 Open-ILS/xul/staff_client/server/patron/ue_ui.js   | 19 +++++++++-
 4 files changed, 70 insertions(+), 13 deletions(-)

diff --git a/Open-ILS/xul/staff_client/server/patron/ue.js b/Open-ILS/xul/staff_client/server/patron/ue.js
index 862399c550..2b40112c6b 100644
--- a/Open-ILS/xul/staff_client/server/patron/ue.js
+++ b/Open-ILS/xul/staff_client/server/patron/ue.js
@@ -83,16 +83,15 @@ function uEditBuild() {
 		);
 
 	if(patron.isnew()) {
-		if(clone) 
-			uEditClone(clone);
-		else 
-			uEditCreateNewAddr();
-	}
+		if(clone) uEditClone(clone);
+		else uEditCreateNewAddr();
+
+	} else {
 
-	if(!patron.isnew()) {
 		$('ue_barcode').disabled = true;
 		unHideMe($('ue_mark_card_lost'));
 		unHideMe($('ue_reset_pw'));
+		uEditCheckEditPerm();
 	}
 
 	if(PERMS['BAR_PATRON'] == -1) 
@@ -100,6 +99,39 @@ function uEditBuild() {
 }
 
 
+/* if this user does not have permission to put users into
+	the edited users group, they do not have permission to 
+	edit this user */
+function uEditCheckEditPerm() {
+
+	var perm = uEditFindGroupPerm(groupsCache[patron.profile()]);	
+	_debug("editing user with group app perm "+patron.profile()+' : '+
+		groupsCache[patron.profile()].name() +', and perm = ' + perm);
+
+	if(PERMS[perm] != -1) return;
+
+	/* we can edit our own account, but not others in our group */
+	if( patron.id() != USER.id() ){
+		_debug("we are not allowed to edit this user");
+	
+		$('ue_save').disabled = true;
+		$('ue_save_clone').disabled = true;
+	
+		uEditIterateFields(
+			function(f) {
+				if( f && f.widget && f.widget.node )
+					f.widget.node.disabled = true;
+			}	
+		);	
+
+	}
+
+	var node = $('ue_profile').parentNode;
+	node.removeChild($('ue_profile'));
+	node.appendChild(elem('span',null,groupsCache[patron.profile()].name()));
+}
+
+
 /* creates a new patron object with card attached */
 var uEditCardVirtId = -1;
 function uEditNewPatron() {
diff --git a/Open-ILS/xul/staff_client/server/patron/ue.xhtml b/Open-ILS/xul/staff_client/server/patron/ue.xhtml
index 6a5330bee5..53cd7e6363 100644
--- a/Open-ILS/xul/staff_client/server/patron/ue.xhtml
+++ b/Open-ILS/xul/staff_client/server/patron/ue.xhtml
@@ -84,7 +84,7 @@
 		</style>
 	</head>
 
-	<body onload='try{uEditInit();}catch(e){alert(js2JSON(e));}'>
+	<body onload='uEditInit();'>
 
 	<center>
 
diff --git a/Open-ILS/xul/staff_client/server/patron/ue_config.js b/Open-ILS/xul/staff_client/server/patron/ue_config.js
index cf6312234d..0cf31d8bb8 100644
--- a/Open-ILS/xul/staff_client/server/patron/ue_config.js
+++ b/Open-ILS/xul/staff_client/server/patron/ue_config.js
@@ -21,12 +21,19 @@ const GUARDIAN_NOTE		= 'SYSTEM: Parent/Guardian';
 
 /* if they don't have these perms, they shouldn't be here */
 var myPerms = [ 
-	/*
-	'CREATE_USER', 
-	'UPDATE_USER', 
-	'CREATE_PATRON_STAT_CAT_ENTRY_MAP',
-	*/
 	'BAR_PATRON',
+	'group_application.user',
+ 	'group_application.user.patron',
+ 	'group_application.user.staff',
+ 	'group_application.user.staff.circ',
+ 	'group_application.user.staff.cat',
+ 	'group_application.user.staff.admin.global_admin',
+ 	'group_application.user.staff.admin.local_admin',
+ 	'group_application.user.staff.admin.lib_manager',
+ 	'group_application.user.staff.cat.cat1',
+ 	'group_application.user.staff.supercat',
+ 	'group_application.user.sip_client',
+ 	'group_application.user.vendor'
 	];
 
 var dataFields;
@@ -340,6 +347,7 @@ function uEditDefineData(patron) {
 				regex		: numRegex,
 				onpostchange : function(field, value) {
 					var type			= groupsCache[value];
+					if(!type) return;
 					var interval	= type.perm_interval();
 
 					/* interval_to_seconds expects 'M' for months, 'm' for minutes */
diff --git a/Open-ILS/xul/staff_client/server/patron/ue_ui.js b/Open-ILS/xul/staff_client/server/patron/ue_ui.js
index ec62dfcc80..3b2e462551 100644
--- a/Open-ILS/xul/staff_client/server/patron/ue_ui.js
+++ b/Open-ILS/xul/staff_client/server/patron/ue_ui.js
@@ -122,12 +122,27 @@ function uEditDrawGroups(tree, depth, selector) {
 		depth = 0;
 	}
 	groupsCache[tree.id()] = tree;
-	insertSelectorVal( selector, -1, tree.name(), tree.id(), null, depth++ );	
+
+	/* if the staff does not have perms to access this group, 
+		remove it from the tree and don't add it's children */
+	var perm = uEditFindGroupPerm(tree);
+	var org = PERMS[perm];
+	if( org == -1 ) return;
+
+	var opt = insertSelectorVal( selector, -1, tree.name(), tree.id(), null, depth++ );	
+
 	for( var c in tree.children() ) 
 		uEditDrawGroups( tree.children()[c], depth, selector );
 }
 
 
+function uEditFindGroupPerm(group) {
+	if( group.application_perm() ) 
+		return group.application_perm();
+	return uEditFindGroupPerm(groupsCache[group.parent()]);
+}
+
+
 /* user identification types */
 function uEditDrawIDTypes(types) {
 	var pri_sel = $('ue_primary_ident_type');
@@ -439,3 +454,5 @@ function uEditDrawNetLevels(netLevels) {
 }
 
 
+
+
-- 
2.11.0