Bug 7673: New patron permissions

    This patch adds the following permissions:

     - editcatalogue.limited_item_edition: Limit item modification to barcode, status and note
     - editcatalogue.delete_all_items: Delete all items at once
     - tools.items_limited_batchmod: Limit batch item modification to item status

    The SubfieldsToAllowForLimitedEdition syspref is used to define which subfields can be edited
    when the editcatalogue.limited_item_edition permission is enabled.

    In the same way, the SubfieldsToAllowForLimitedBatchmod is used to define which subfields
    can be edited when the tools.items_limited_batchmod permission is enabled.

Signed-off-by: Koha Team AMU <koha.aixmarseille@gmail.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>

diff --git a/cataloguing/additem.pl b/cataloguing/additem.pl
index 7110f7f..fe1db82 100755 (executable)
--- a/cataloguing/additem.pl
+++ b/cataloguing/additem.pl
@@ -36,7 +36,7 @@ use List::MoreUtils qw/any/;
 use C4::Search;
 use Storable qw(thaw freeze);
 use URI::Escape;
-
+use C4::Members;
 
 use MARC::File::XML;
 use URI::Escape;
@@ -104,9 +104,10 @@ sub _increment_barcode {
 
 
 sub generate_subfield_form {
-        my ($tag, $subfieldtag, $value, $tagslib,$subfieldlib, $branches, $today_iso, $biblionumber, $temp, $loop_data, $i) = @_;
+        my ($tag, $subfieldtag, $value, $tagslib,$subfieldlib, $branches, $today_iso, $biblionumber, $temp, $loop_data, $i, $limitededition) = @_;
   
-  my $frameworkcode = &GetFrameworkCode($biblionumber);
+        my $frameworkcode = &GetFrameworkCode($biblionumber);
+
         my %subfield_data;
         my $dbh = C4::Context->dbh;
         
@@ -156,6 +157,19 @@ sub generate_subfield_form {
        }
         my $attributes_no_value = qq(id="$subfield_data{id}" name="field_value" class="input_marceditor" size="50" maxlength="$subfield_data{maxlength}" );
         my $attributes_no_value_textarea = qq(id="$subfield_data{id}" name="field_value" class="input_marceditor" rows="5" cols="64" );
+
+        # Getting list of subfields to keep when limited edition is enabled
+        my $subfieldsToAllowForLimitedEdition = C4::Context->preference('SubfieldsToAllowForLimitedEdition');
+        my @subfieldsToAllow = split(/ /, $subfieldsToAllowForLimitedEdition);
+
+        # If we're on limited edition, and our field is not in the list of subfields to allow,
+        # then it is read-only
+        $attributes_no_value .= 'readonly="readonly" '
+            if (
+                $limitededition
+                and !grep { $tag . '$' . $subfieldtag  eq $_ } @subfieldsToAllow
+            );
+
         my $attributes          = qq($attributes_no_value value="$value" );
         
         if ( $subfieldlib->{authorised_value} ) {
@@ -216,7 +230,7 @@ sub generate_subfield_form {
                 $subfield_data{marc_value} = qq(<input type="hidden" $attributes /> $authorised_lib{$value});
             }
             else {
-                $subfield_data{marc_value} =CGI::scrolling_list(      # FIXME: factor out scrolling_list
+                my @scrparam = (
                     -name     => "field_value",
                     -values   => \@authorised_values,
                     -default  => $value,
@@ -227,6 +241,15 @@ sub generate_subfield_form {
                     -id       => "tag_".$tag."_subfield_".$subfieldtag."_".$index_subfield,
                     -class    => "input_marceditor",
                 );
+
+                # If we're on limited edition, and our field is not in the list of subfields to allow,
+                # then it is read-only
+                push @scrparam, (-readonly => "readonly"), (-disabled => "disabled")
+                    if (
+                        $limitededition
+                        and !grep { $tag . '$' . $subfieldtag  eq $_ } @subfieldsToAllow
+                    );
+                $subfield_data{marc_value} =CGI::scrolling_list(@scrparam);
             }
 
         }
@@ -345,6 +368,12 @@ my ($template, $loggedinuser, $cookie)
                  });
 
 
+# Does the user have a limited item edition permission?
+my $uid = GetMember( borrowernumber => $loggedinuser )->{userid} if ($loggedinuser) ;
+my $limitededition = haspermission($uid,  {'editcatalogue' => 'limited_item_edition'}) if ($uid);
+# In case user is a superlibrarian, edition is not limited
+$limitededition = 0 if ($limitededition != 0 && $limitededition->{'superlibrarian'} eq 1);
+
 my $today_iso = C4::Dates->today('iso');
 my $tagslib = &GetMarcStructure(1,$frameworkcode);
 my $record = GetMarcBiblio($biblionumber);
@@ -777,8 +806,7 @@ if($itemrecord){
             next if subfield_is_koha_internal_p($subfieldtag);
             next if ($tagslib->{$tag}->{$subfieldtag}->{'tab'} ne "10");
 
-            my $subfield_data = generate_subfield_form($tag, $subfieldtag, $value, $tagslib, $subfieldlib, $branches, $today_iso, $biblionumber, $temp, \@loop_data, $i);        
-
+            my $subfield_data = generate_subfield_form($tag, $subfieldtag, $value, $tagslib, $subfieldlib, $branches, $today_iso, $biblionumber, $temp, \@loop_data, $i, $limitededition);
             push @fields, "$tag$subfieldtag";
             push (@loop_data, $subfield_data);
             $i++;
@@ -802,7 +830,7 @@ foreach my $tag ( keys %{$tagslib}){
         my @values = (undef);
         @values = $itemrecord->field($tag)->subfield($subtag) if ($itemrecord && defined($itemrecord->field($tag)) && defined($itemrecord->field($tag)->subfield($subtag)));
         for my $value (@values){
-            my $subfield_data = generate_subfield_form($tag, $subtag, $value, $tagslib, $tagslib->{$tag}->{$subtag}, $branches, $today_iso, $biblionumber, $temp, \@loop_data, $i); 
+            my $subfield_data = generate_subfield_form($tag, $subtag, $value, $tagslib, $tagslib->{$tag}->{$subtag}, $branches, $today_iso, $biblionumber, $temp, \@loop_data, $i, $limitededition);
             push (@loop_data, $subfield_data);
             $i++;
         } 

diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/additem.tt b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/additem.tt
index 85a4486..1d11caf 100644 (file)
--- a/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/additem.tt
+++ b/koha-tmpl/intranet-tmpl/prog/en/modules/cataloguing/additem.tt
@@ -61,7 +61,16 @@ function active(numlayer)
 }
 function Check(f) {
     var total_errors = CheckMandatorySubfields(f);
-    if (total_errors > 0) {
+    if (total_errors==0) {
+        // Explanation about this line:
+        // In case of limited edition permission, we have to prevent user from modifying some fields.
+        // But there is no such thing as readonly attribute for select elements.
+        // So we use disabled instead. But disabled prevent values from being passed through the form at submit.
+        // So we "un-disable" the elements just before submitting.
+        // That's a bit clumsy, and if someone comes up with a better solution, feel free to improve that.
+        $("select[name=field_value]").removeAttr("disabled");
+        return true;
+    } else {
         var alertString2 = _("Form not submitted because of the following problem(s)");
         alertString2 += "\n------------------------------------------------------------------------------------\n";
         alertString2 += "\n- " + _("%s mandatory fields empty (highlighted)").format(total_errors);
@@ -192,7 +201,7 @@ $(document).ready(function() {
 </div>
 <div class="yui-u">
 <div id="cataloguing_additem_newitem">
-    <form method="post" action="/cgi-bin/koha/cataloguing/additem.pl" name="f">
+    <form id="f" method="post" action="/cgi-bin/koha/cataloguing/additem.pl" name="f">
     <input type="hidden" name="op" value="[% op %]" />
     [% IF (popup) %]
         <input type="hidden" name="popup" value="1" />

diff --git a/tools/batchMod.pl b/tools/batchMod.pl
index 8cf1204..ca10f61 100755 (executable)
--- a/tools/batchMod.pl
+++ b/tools/batchMod.pl
@@ -33,6 +33,7 @@ use C4::BackgroundJob;
 use C4::ClassSource;
 use C4::Dates;
 use C4::Debug;
+use C4::Members;
 use MARC::File::XML;
 use List::MoreUtils qw/uniq/;
 
@@ -69,6 +70,11 @@ my ($template, $loggedinuser, $cookie)
                  flagsrequired => $template_flag,
                  });
 
+# Does the user have a limited item edition permission?
+my $uid = GetMember( borrowernumber => $loggedinuser )->{userid} if ($loggedinuser) ;
+my $limitededition = haspermission($uid,  {'tools' => 'items_limited_batchmod'}) if ($uid);
+# In case user is a superlibrarian, edition is not limited
+$limitededition = 0 if ($limitededition != 0 && $limitededition->{'superlibrarian'} eq 1);
 
 my $today_iso = C4::Dates->today('iso');
 $template->param(today_iso => $today_iso);
@@ -293,11 +299,15 @@ unshift (@$branches, $nochange_branch);
 
 my $pref_itemcallnumber = C4::Context->preference('itemcallnumber');
 
+# Getting list of subfields to keep when limited batchmod edit is enabled
+my $subfieldsToAllowForBatchmod = C4::Context->preference('SubfieldsToAllowForLimitedBatchmod');
+my @subfieldsToAllow = split(/ /, $subfieldsToAllowForBatchmod);
 
 foreach my $tag (sort keys %{$tagslib}) {
     # loop through each subfield
     foreach my $subfield (sort keys %{$tagslib->{$tag}}) {
        next if subfield_is_koha_internal_p($subfield);
+        next if ($limitededition && !grep { $tag . '$' . $subfield eq $_ } @subfieldsToAllow );
        next if ($tagslib->{$tag}->{$subfield}->{'tab'} ne "10");
         # barcode and stocknumber are not meant to be batch-modified
        next if $tagslib->{$tag}->{$subfield}->{'kohafield'} eq 'items.barcode';