=back
-=item id or supplierid
+=item id or booksellerid
The id of the supplier whose baskets we will display
use C4::Dates qw/format_date/;
use C4::Bookseller qw/ GetBookSellerFromId GetBookSeller /;
use C4::Members qw/GetMember/;
+use C4::Context;
my $query = CGI->new;
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
#parameters
my $supplier = $query->param('supplier');
-my $id = $query->param('id') || $query->param('supplierid');
+my $booksellerid = $query->param('booksellerid');
my @suppliers;
-if ($id) {
- push @suppliers, GetBookSellerFromId($id);
+if ($booksellerid) {
+ push @suppliers, GetBookSellerFromId($booksellerid);
} else {
@suppliers = GetBookSeller($supplier);
}
if ( $supplier_count == 1 ) {
$template->param(
supplier_name => $suppliers[0]->{'name'},
- id => $suppliers[0]->{'id'}
+ booksellerid => $suppliers[0]->{'booksellerid'}
);
}
$uid = GetMember( borrowernumber => $loggedinuser )->{userid};
}
+my $userenv = C4::Context::userenv;
+my $viewbaskets = C4::Context->preference('AcqViewBaskets');
+
+my $userbranch = $userenv->{branch};
+
#build result page
my $loop_suppliers = [];
my $baskets = get_vendors_baskets( $vendor->{id} );
my $loop_basket = [];
+
for my $basket ( @{$baskets} ) {
- if (( $basket->{authorisedby}
- && $basket->{authorisedby} eq $loggedinuser
- )
- || haspermission( $uid, { flagsrequired => { acquisition => q{*} } } )
- ) {
+ my $authorisedby = $basket->{authorisedby};
+
+ if ($userenv->{'flags'} & 1 || #user is superlibrarian
+ (haspermission( $uid, { acquisition => q{*} } ) && #user has acq permissions and
+ ($viewbaskets eq 'all' || #user is allowed to see all baskets
+ ($viewbaskets eq 'branch' && $authorisedby && $userbranch eq GetMember( borrowernumber => $authorisedby )->{branchcode}) || #basket belongs to user's branch
+ ($basket->{authorisedby} && $viewbaskets == 'user' && $authorisedby == $loggedinuser) #user created this basket
+ )
+ )
+ ) {
for my $date_field (qw( creationdate closedate)) {
if ( $basket->{$date_field} ) {
- $basket->{$date_field} =
- format_date( $basket->{$date_field} );
+ $basket->{$date_field} = format_date( $basket->{$date_field} );
}
}
- push @{$loop_basket}, $basket;
+ push @{$loop_basket}, $basket;
}
}
push @{$loop_suppliers},
{ loop_basket => $loop_basket,
- supplierid => $vendor->{id},
+ booksellerid => $vendor->{id},
name => $vendor->{name},
active => $vendor->{active},
};
}
$template->param(
loop_suppliers => $loop_suppliers,
- supplier => ( $id || $supplier ),
+ supplier => ( $booksellerid || $supplier ),
count => $supplier_count,
);