# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 3 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use Modern::Perl;
-use Carp;
use C4::Auth;
-use Koha::Borrowers;
+use Koha::Patrons;
use Koha::Database;
use Koha::DateUtils qw( dt_from_string );
use Koha::Exceptions;
+use Koha::Exceptions::Virtualshelf;
use Koha::Virtualshelfshare;
use Koha::Virtualshelfshares;
use Koha::Virtualshelfcontent;
+use Koha::Virtualshelfcontents;
use base qw(Koha::Object);
=head1 API
-=head2 Class Methods
+=head2 Class methods
=cut
-=head3 type
-
-=cut
-
-our $PRIVATE = 1;
-our $PUBLIC = 2;
-
sub store {
my ( $self ) = @_;
unless ( $self->owner ) {
- Koha::Exceptions::Virtualshelves::UseDbAdminAccount->throw;
+ Koha::Exceptions::Virtualshelf::UseDbAdminAccount->throw;
}
unless ( $self->is_shelfname_valid ) {
- Koha::Exceptions::Virtualshelves::DuplicateObject->throw;
+ Koha::Exceptions::Virtualshelf::DuplicateObject->throw;
}
- $self->allow_add( 0 )
- unless defined $self->allow_add;
- $self->allow_delete_own( 1 )
- unless defined $self->allow_delete_own;
- $self->allow_delete_other( 0 )
- unless defined $self->allow_delete_other;
+ $self->allow_change_from_owner( 1 )
+ unless defined $self->allow_change_from_owner;
+ $self->allow_change_from_others( 0 )
+ unless defined $self->allow_change_from_others;
+ $self->allow_change_from_staff( 0 )
+ unless defined $self->allow_change_from_staff;
- $self->created_on( dt_from_string );
+ $self->created_on( dt_from_string )
+ unless defined $self->created_on;
return $self->SUPER::store( $self );
}
+sub is_public {
+ my ( $self ) = @_;
+ return $self->public;
+}
+
+sub is_private {
+ my ( $self ) = @_;
+ return !$self->public;
+}
+
sub is_shelfname_valid {
my ( $self ) = @_;
( $self->shelfnumber ? ( "me.shelfnumber" => { '!=', $self->shelfnumber } ) : () ),
};
- if ( $self->category == $PRIVATE and defined $self->owner ) {
+ if ( $self->is_private and defined $self->owner ) {
$conditions->{-or} = {
"virtualshelfshares.borrowernumber" => $self->owner,
"me.owner" => $self->owner,
};
- $conditions->{category} = $PRIVATE;
+ $conditions->{public} = 0;
}
- elsif ( $self->category == $PRIVATE and not defined $self->owner ) {
+ elsif ( $self->is_private and not defined $self->owner ) {
$conditions->{owner} = undef;
- $conditions->{category} = $PRIVATE;
+ $conditions->{public} = 0;
}
else {
- $conditions->{category} = $PUBLIC;
+ $conditions->{public} = 1;
}
my $count = Koha::Virtualshelves->search(
sub get_shares {
my ( $self ) = @_;
- my $shares = $self->{_result}->virtualshelfshares;
+ my $rs = $self->{_result}->virtualshelfshares;
+ my $shares = Koha::Virtualshelfshares->_new_from_dbic( $rs );
return $shares;
}
sub get_contents {
my ( $self ) = @_;
- my $contents = $self->{_result}->virtualshelfcontents;
+ my $rs = $self->{_result}->virtualshelfcontents;
+ my $contents = Koha::Virtualshelfcontents->_new_from_dbic( $rs );
return $contents;
}
sub share {
my ( $self, $key ) = @_;
unless ( $key ) {
- Koha::Exceptions::Virtualshelves::InvalidKeyOnSharing->throw;
+ Koha::Exceptions::Virtualshelf::InvalidKeyOnSharing->throw;
}
Koha::Virtualshelfshare->new(
{
}
)->count;
return if $already_exists;
+
+ # Check permissions
+ my $patron = Koha::Patrons->find( $borrowernumber ) or return 0;
+ return 0 unless ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) || ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) || $self->allow_change_from_others;
+
my $content = Koha::Virtualshelfcontent->new(
{
shelfnumber => $self->shelfnumber,
return unless @$biblionumbers;
my $number_removed = 0;
- for my $biblionumber ( @$biblionumbers ) {
- if ( $self->owner == $borrowernumber or $self->allow_delete_own ) {
- $number_removed += $self->get_contents->search(
- {
- biblionumber => $biblionumber,
- borrowernumber => $borrowernumber,
- }
- )->delete;
- }
- if ( $self->allow_delete_other ) {
- $number_removed += $self->get_contents->search(
- {
- biblionumber => $biblionumber,
- # FIXME
- # This does not make sense, but it's has been backported from DelFromShelf.
- # Why shouldn't we allow to remove his own contribution if allow_delete_other is on?
- borrowernumber => {
- -or => {
- '!=' => $borrowernumber,
- '=' => undef
- }
- },
- }
- )->delete;
- }
+ my $patron = Koha::Patrons->find( $borrowernumber ) or return 0;
+ if( ( $self->owner == $borrowernumber && $self->allow_change_from_owner )
+ || ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists )
+ || $self->allow_change_from_others ) {
+ $number_removed += $self->get_contents->search({
+ biblionumber => $biblionumbers,
+ })->delete;
}
return $number_removed;
}
sub can_be_viewed {
my ( $self, $borrowernumber ) = @_;
- return 1 if $self->category == $PUBLIC;
+ return 1 if $self->is_public;
return 0 unless $borrowernumber;
return 1 if $self->owner == $borrowernumber;
return $self->get_shares->search(
return 0 unless $borrowernumber;
return 1 if $self->owner == $borrowernumber;
- my $patron = Koha::Borrowers->find( $borrowernumber );
+ my $patron = Koha::Patrons->find( $borrowernumber ) or return 0;
- return 1 if $self->category == $PUBLIC and C4::Auth::haspermission( $patron->userid, { lists => 'delete_public_lists' } );
+ return 1 if $self->is_public and C4::Auth::haspermission( $patron->userid, { lists => 'delete_public_lists' } );
return 0;
}
my ( $self, $borrowernumber ) = @_;
return 1
if $borrowernumber and $self->owner == $borrowernumber;
+
+ my $patron = Koha::Patrons->find( $borrowernumber ) or return 0;
+ return 1
+ if $self->is_public and C4::Auth::haspermission( $patron->userid, { lists => 'edit_public_lists' } );
return 0;
}
sub can_biblios_be_added {
my ( $self, $borrowernumber ) = @_;
+ my $patron = Koha::Patrons->find( $borrowernumber ) or return 0;
return 1
if $borrowernumber
- and ( $self->owner == $borrowernumber
- or $self->allow_add );
+ and ( ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) or ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) or $self->allow_change_from_others );
return 0;
}
sub can_biblios_be_removed {
my ( $self, $borrowernumber ) = @_;
+ return $self->can_biblios_be_added( $borrowernumber );
+ # Same answer since bug 18228
+}
- return 1
- if $borrowernumber
- and ( $self->owner == $borrowernumber
- or $self->allow_delete_own
- or $self->allow_delete_other );
- return 0;
+=head3 cannot_be_transferred
+
+ $shelf->cannot_be_transferred({
+ by => $p1, to => $p2, interface => opac|intranet|undef,
+ # p1 and p2 are borrowernumbers
+ });
+
+ This routine has two main goals:
+ [1] Decide if patron may transfer a shared list to another
+ sharee (patron).
+ [2] Decide if staff member may transfer a public list.
+
+ If you pass interface, we'll check if it supports transfer too.
+ NOTE: The explicit passing is still more reliable than via context,
+ since we could switch interface after login in the same session.
+
+ Returns a true value (read: error_code) when not allowed.
+ The following error codes are possible:
+ unauthorized_transfer, missing_by_parameter, new_owner_not_found,
+ new_owner_has_no_share, missing_to_parameter.
+ Otherwise returns false (zero).
+
+=cut
+
+sub cannot_be_transferred {
+ my ( $self, $params ) = @_;
+ my $to = $params->{to};
+ my $by = $params->{by};
+ my $interface = $params->{interface};
+
+ # Check on interface: currently we don't support transfer shared on intranet, transfer public on OPAC
+ if( $interface ) {
+ return 'unauthorized_transfer'
+ if ( $self->public && $interface eq 'opac' ) or
+ ( $self->is_private && $interface eq 'intranet' );
+ # is_private call is enough here, get_shares tested below
+ }
+
+ my $shares = $self->public ? undef : $self->get_shares->search({ borrowernumber => { '!=' => undef } });
+ return 'unauthorized_transfer' if $self->is_private && !$shares->count;
+
+ if( $by ) {
+ if( $self->public ) {
+ my $by_patron = Koha::Patrons->find($by);
+ return 'unauthorized_transfer'
+ if !$by_patron || !C4::Auth::haspermission( $by_patron->userid, { lists => 'edit_public_lists' });
+ } else {
+ return 'unauthorized_transfer' if !$self->can_be_managed($by);
+ }
+ } else {
+ return 'missing_by_parameter';
+ }
+
+ if( $to ) {
+ if( !Koha::Patrons->find($to) ) {
+ return 'new_owner_not_found';
+ }
+ if( !$self->public && !$shares->search({ borrowernumber => $to })->count ) {
+ return 'new_owner_has_no_share';
+ }
+ } else {
+ return 'missing_to_parameter';
+ }
+ return 0; # serving as green light
}
-sub type {
+=head3 transfer_ownership
+
+ $list->transfer_ownership( $patron_id );
+
+This method transfers the list ownership to the passed I<$patron_id>.
+
+=cut
+
+sub transfer_ownership {
+ my ( $self, $patron_id ) = @_;
+
+ Koha::Exceptions::MissingParameter->throw( "Mandatory parameter 'patron' missing" )
+ unless $patron_id;
+
+ $self->remove_share( $patron_id ) if $self->is_private;
+ return $self->set({ owner => $patron_id })->store;
+}
+
+=head2 Internal methods
+
+=head3 _type
+
+=cut
+
+sub _type {
return 'Virtualshelve';
}