From 5281005f8a55cb93cefe60e2058479f1da9230b5 Mon Sep 17 00:00:00 2001 From: Thomas Berezansky Date: Tue, 11 Oct 2011 16:55:12 -0400 Subject: [PATCH] TPac: Use workstation to determine staff Instead of user agent, which may be set easily by anyone, use the presence of a workstation ID to determine "staff" use of the TPac. This is much less likely to be spoofed or incorrect due to things like previous use of the extension version of the client in Firefox. Signed-off-by: Thomas Berezansky --- Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm index 413747276d..122f08cff7 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader.pm @@ -219,7 +219,7 @@ sub load_common { $ctx->{full_path} = $ctx->{base_path} . $self->cgi->path_info; $ctx->{unparsed_uri} = $self->apache->unparsed_uri; $ctx->{opac_root} = $ctx->{base_path} . "/opac"; # absolute base url - $ctx->{is_staff} = ($self->apache->headers_in->get('User-Agent') =~ /oils_xulrunner/); + $ctx->{is_staff} = 0; # Assume false, check for workstation id later. Was: ($self->apache->headers_in->get('User-Agent') =~ /oils_xulrunner/); $ctx->{orig_loc} = $self->get_orig_loc; # capture some commonly accessed pages @@ -238,6 +238,7 @@ sub load_common { 'open-ils.actor', 'open-ils.actor.user.opac.vital_stats', $e->authtoken, $e->requestor->id); + $ctx->{is_staff} = 1 if $e->requestor->wsid; } else { -- 2.11.0