From ff2f86b94f445a87d1b7c937e275d9e454b735c5 Mon Sep 17 00:00:00 2001 From: Thomas Berezansky Date: Tue, 11 Oct 2011 16:55:12 -0400 Subject: [PATCH] TPac: Use workstation to determine staff Instead of user agent, which may be set easily by anyone, use the presence of a workstation ID to determine "staff" use of the TPac. This is much less likely to be spoofed or incorrect due to things like previous use of the extension version of the client in Firefox. Signed-off-by: Thomas Berezansky Signed-off-by: Bill Erickson --- Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm index 413747276d..122f08cff7 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm @@ -219,7 +219,7 @@ sub load_common { $ctx->{full_path} = $ctx->{base_path} . $self->cgi->path_info; $ctx->{unparsed_uri} = $self->apache->unparsed_uri; $ctx->{opac_root} = $ctx->{base_path} . "/opac"; # absolute base url - $ctx->{is_staff} = ($self->apache->headers_in->get('User-Agent') =~ /oils_xulrunner/); + $ctx->{is_staff} = 0; # Assume false, check for workstation id later. Was: ($self->apache->headers_in->get('User-Agent') =~ /oils_xulrunner/); $ctx->{orig_loc} = $self->get_orig_loc; # capture some commonly accessed pages @@ -238,6 +238,7 @@ sub load_common { 'open-ils.actor', 'open-ils.actor.user.opac.vital_stats', $e->authtoken, $e->requestor->id); + $ctx->{is_staff} = 1 if $e->requestor->wsid; } else { -- 2.11.0