use Modern::Perl;
use CGI qw ( -utf8 );
-use C4::Auth;
+use C4::Auth qw( get_template_and_user );
use C4::Output;
use C4::Context;
-use C4::Members;
+use Koha::Patrons;
use Koha::Patron::Modifications;
-my $query = new CGI;
+my $query = CGI->new;
+# FIXME Should be a checkauth call
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
{
template_name => "about.tt",
query => $query,
type => "intranet",
- authnotrequired => 0,
- flagsrequired => { borrowers => 1 },
- debug => 1,
+ flagsrequired => { borrowers => 'edit_borrowers' },
}
);
+my $logged_in_user = Koha::Patrons->find( $loggedinuser );
+
my @params = $query->param;
foreach my $param (@params) {
if ( $param =~ "^modify_" ) {
my (undef, $borrowernumber) = split( /_/, $param );
+ my $patron = Koha::Patrons->find($borrowernumber);
+ next unless $logged_in_user->can_see_patron_infos( $patron );
+
my $action = $query->param($param);
if ( $action eq 'approve' ) {
if ($query->param("unset_gna_$borrowernumber")) {
# Unset gone no address
- ModMember(
- borrowernumber => $borrowernumber,
- gonenoaddress => undef
- );
+ # FIXME Looks like this could go to $m->approve
+ my $patron = Koha::Patrons->find( $borrowernumber );
+ $patron->gonenoaddress(undef)->store;
}
$m->approve() if $m;