From ca56ae76165f3f8e5c47fc6b04621e05063566f8 Mon Sep 17 00:00:00 2001
From: Jason Etheridge <jason@esilibrary.com>
Date: Tue, 26 Jul 2011 12:02:39 -0400
Subject: [PATCH] make perm checking non-optional for z39.50 services
 retrieval.  attempt to link use_perm to permission.perm_list.code

Signed-off-by: Jason Etheridge <jason@esilibrary.com>
---
 Open-ILS/examples/fm_IDL.xml                       |  3 +-
 .../lib/OpenILS/Application/Search/Z3950.pm        | 32 +++++++++-------------
 Open-ILS/src/sql/Pg/002.schema.config.sql          |  2 +-
 .../Pg/upgrade/XXXX.schema.czs_use_perm_column.sql |  3 +-
 .../web/js/ui/default/acq/picklist/bib_search.js   |  2 +-
 Open-ILS/xul/staff_client/server/cat/z3950.js      |  2 +-
 6 files changed, 20 insertions(+), 24 deletions(-)

diff --git a/Open-ILS/examples/fm_IDL.xml b/Open-ILS/examples/fm_IDL.xml
index f73a2d4c3f..4a65cb7627 100644
--- a/Open-ILS/examples/fm_IDL.xml
+++ b/Open-ILS/examples/fm_IDL.xml
@@ -819,10 +819,11 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
             <field reporter:label="Transmission Format" name="transmission_format"  reporter:datatype="text"/>
             <field reporter:label="Auth" name="auth"  reporter:datatype="bool"/>
             <field reporter:label="Attrs" name="attrs" oils_persist:virtual="true"  reporter:datatype="link"/>
-            <field reporter:label="Use Permission" name="use_perm"  reporter:datatype="text"/>
+            <field reporter:label="Use Permission" name="use_perm"  reporter:datatype="link"/>
         </fields>
         <links>
             <link field="attrs" reltype="has_many" key="source" map="" class="cza"/>
+            <link field="use_perm" reltype="has_a" key="code" map="" class="ppl"/>
         </links>
         <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
             <actions>
diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/Search/Z3950.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/Search/Z3950.pm
index 5f3c0abfe8..2914472237 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/Search/Z3950.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/Search/Z3950.pm
@@ -74,8 +74,6 @@ __PACKAGE__->register_method(
     api_name  => "open-ils.search.z3950.retrieve_services",
     signature => q/
         @param auth The login session key
-        @param check_use_perm If true, checks the Use Perm on the services
-            against the requestor
         Returns a list of service names that we have config
         data for
     /
@@ -87,12 +85,12 @@ __PACKAGE__->register_method(
 # What services do we have config info for?
 # -------------------------------------------------------------------
 sub query_services {
-    my( $self, $client, $auth, $check_use_perm ) = @_;
+    my( $self, $client, $auth ) = @_;
     my $e = new_editor(authtoken=>$auth);
     return $e->event unless $e->checkauth;
     return $e->event unless $e->allowed('REMOTE_Z3950_QUERY');
 
-    return fetch_service_defs($check_use_perm,$e);
+    return fetch_service_defs($e);
 }
 
 # -------------------------------------------------------------------
@@ -100,7 +98,6 @@ sub query_services {
 # -------------------------------------------------------------------
 sub fetch_service_defs {
 
-    my $check_use_perm = shift;
     my $editor_with_authtoken = shift;
 
     my $hash = $sclient->config_value('z3950', 'services');
@@ -158,20 +155,17 @@ sub fetch_service_defs {
         }
     };
 
-    # If checking use_perm, then filter out any services which the requestor
-    # lacks the perm for
-    if ($check_use_perm) {
-        foreach my $s (keys %{ $hash }) {
-            if ($$hash{$s}{use_perm}) {
-                if ($U->check_perms(
-                    $e->requestor->id,
-                    $e->requestor->ws_ou,
-                    $$hash{$s}{use_perm}
-                )) {
-                    delete $$hash{$s};
-                }
-            };
-        }
+    # then filter out any services which the requestor lacks the perm for
+    foreach my $s (keys %{ $hash }) {
+        if ($$hash{$s}{use_perm}) {
+            if ($U->check_perms(
+                $e->requestor->id,
+                $e->requestor->ws_ou,
+                $$hash{$s}{use_perm}
+            )) {
+                delete $$hash{$s};
+            }
+        };
     }
 
     %services = %$hash; # cache these internally so we can actually use the db-configured sources
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index f89194c071..8498819fed 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -441,7 +441,7 @@ CREATE TABLE config.z3950_source (
     record_format       TEXT    NOT NULL DEFAULT 'FI',
     transmission_format TEXT    NOT NULL DEFAULT 'usmarc',
     auth                BOOL    NOT NULL DEFAULT TRUE,
-    use_perm            TEXT
+    use_perm            TEXT    REFERENCES permission.perm_list (code)
 );
 
 COMMENT ON TABLE config.z3950_source IS $$
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.czs_use_perm_column.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.czs_use_perm_column.sql
index ff8888f1d1..be4bf19bd7 100644
--- a/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.czs_use_perm_column.sql
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.schema.czs_use_perm_column.sql
@@ -10,7 +10,8 @@ BEGIN;
 -- check whether patch can be applied
 SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
 
-ALTER TABLE config.z3950_source ADD COLUMN use_perm TEXT;
+ALTER TABLE config.z3950_source
+    ADD COLUMN use_perm TEXT REFERENCES permission.perm_list (code)
 
 COMMENT ON COLUMN config.z3950_source.use_perm IS $$
 If set, this permission is required for the source to be listed in the staff
diff --git a/Open-ILS/web/js/ui/default/acq/picklist/bib_search.js b/Open-ILS/web/js/ui/default/acq/picklist/bib_search.js
index b1f2295253..43457289e2 100644
--- a/Open-ILS/web/js/ui/default/acq/picklist/bib_search.js
+++ b/Open-ILS/web/js/ui/default/acq/picklist/bib_search.js
@@ -30,7 +30,7 @@ function drawForm() {
     fieldmapper.standardRequest(
         ['open-ils.search', 'open-ils.search.z3950.retrieve_services'], 
         {   async: true,
-            params: [user.authtoken, true],
+            params: [user.authtoken],
             oncomplete: _drawForm
         }
     );
diff --git a/Open-ILS/xul/staff_client/server/cat/z3950.js b/Open-ILS/xul/staff_client/server/cat/z3950.js
index ce7fc09ca1..dc600e8562 100644
--- a/Open-ILS/xul/staff_client/server/cat/z3950.js
+++ b/Open-ILS/xul/staff_client/server/cat/z3950.js
@@ -371,7 +371,7 @@ cat.z3950.prototype = {
 
                                         var robj = obj.network.simple_request(
                                             'RETRIEVE_Z3950_SERVICES',
-                                            [ ses(), true ]
+                                            [ ses() ]
                                         );
                                         if (typeof robj.ilsevent != 'undefined') throw(robj);
                                         obj.services = robj;
-- 
2.11.0