X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=Koha%2FVirtualshelf.pm;h=605916ef45a337a574328268d50d283f2689bfef;hb=2d25c2860c4b06a63048834fb99b2968f1fd57b1;hp=d80f2490a05e7fab38eed8e025df46a6b7758080;hpb=f510627842cc0dd2a02e85e04d5dc14be6b6caa7;p=koha-ffzg.git diff --git a/Koha/Virtualshelf.pm b/Koha/Virtualshelf.pm index d80f2490a0..605916ef45 100644 --- a/Koha/Virtualshelf.pm +++ b/Koha/Virtualshelf.pm @@ -2,32 +2,33 @@ package Koha::Virtualshelf; # This file is part of Koha. # -# Koha is free software; you can redistribute it and/or modify it under the -# terms of the GNU General Public License as published by the Free Software -# Foundation; either version 3 of the License, or (at your option) any later -# version. +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. # -# Koha is distributed in the hope that it will be useful, but WITHOUT ANY -# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR -# A PARTICULAR PURPOSE. See the GNU General Public License for more details. +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License along -# with Koha; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . use Modern::Perl; -use Carp; use C4::Auth; -use Koha::Borrowers; +use Koha::Patrons; use Koha::Database; use Koha::DateUtils qw( dt_from_string ); use Koha::Exceptions; +use Koha::Exceptions::Virtualshelf; use Koha::Virtualshelfshare; use Koha::Virtualshelfshares; use Koha::Virtualshelfcontent; +use Koha::Virtualshelfcontents; use base qw(Koha::Object); @@ -37,36 +38,44 @@ Koha::Virtualshelf - Koha Virtualshelf Object class =head1 API -=head2 Class Methods +=head2 Class methods =cut -=head3 type - -=cut - -our $PRIVATE = 1; -our $PUBLIC = 2; - sub store { my ( $self ) = @_; + unless ( $self->owner ) { + Koha::Exceptions::Virtualshelf::UseDbAdminAccount->throw; + } + unless ( $self->is_shelfname_valid ) { - Koha::Exceptions::Virtualshelves::DuplicateObject->throw; + Koha::Exceptions::Virtualshelf::DuplicateObject->throw; } - $self->allow_add( 0 ) - unless defined $self->allow_add; - $self->allow_delete_own( 1 ) - unless defined $self->allow_delete_own; - $self->allow_delete_other( 0 ) - unless defined $self->allow_delete_other; + $self->allow_change_from_owner( 1 ) + unless defined $self->allow_change_from_owner; + $self->allow_change_from_others( 0 ) + unless defined $self->allow_change_from_others; + $self->allow_change_from_staff( 0 ) + unless defined $self->allow_change_from_staff; - $self->created_on( dt_from_string ); + $self->created_on( dt_from_string ) + unless defined $self->created_on; return $self->SUPER::store( $self ); } +sub is_public { + my ( $self ) = @_; + return $self->public; +} + +sub is_private { + my ( $self ) = @_; + return !$self->public; +} + sub is_shelfname_valid { my ( $self ) = @_; @@ -75,19 +84,19 @@ sub is_shelfname_valid { ( $self->shelfnumber ? ( "me.shelfnumber" => { '!=', $self->shelfnumber } ) : () ), }; - if ( $self->category == $PRIVATE and defined $self->owner ) { + if ( $self->is_private and defined $self->owner ) { $conditions->{-or} = { "virtualshelfshares.borrowernumber" => $self->owner, "me.owner" => $self->owner, }; - $conditions->{category} = $PRIVATE; + $conditions->{public} = 0; } - elsif ( $self->category == $PRIVATE and not defined $self->owner ) { + elsif ( $self->is_private and not defined $self->owner ) { $conditions->{owner} = undef; - $conditions->{category} = $PRIVATE; + $conditions->{public} = 0; } else { - $conditions->{category} = $PUBLIC; + $conditions->{public} = 1; } my $count = Koha::Virtualshelves->search( @@ -101,20 +110,22 @@ sub is_shelfname_valid { sub get_shares { my ( $self ) = @_; - my $shares = $self->{_result}->virtualshelfshares; + my $rs = $self->{_result}->virtualshelfshares; + my $shares = Koha::Virtualshelfshares->_new_from_dbic( $rs ); return $shares; } sub get_contents { my ( $self ) = @_; - my $contents = $self->{_result}->virtualshelfcontents; + my $rs = $self->{_result}->virtualshelfcontents; + my $contents = Koha::Virtualshelfcontents->_new_from_dbic( $rs ); return $contents; } sub share { my ( $self, $key ) = @_; unless ( $key ) { - Koha::Exceptions::Virtualshelves::InvalidKeyOnSharing->throw; + Koha::Exceptions::Virtualshelf::InvalidKeyOnSharing->throw; } Koha::Virtualshelfshare->new( { @@ -167,6 +178,11 @@ sub add_biblio { } )->count; return if $already_exists; + + # Check permissions + my $patron = Koha::Patrons->find( $borrowernumber ) or return 0; + return 0 unless ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) || ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) || $self->allow_change_from_others; + my $content = Koha::Virtualshelfcontent->new( { shelfnumber => $self->shelfnumber, @@ -187,38 +203,20 @@ sub remove_biblios { return unless @$biblionumbers; my $number_removed = 0; - for my $biblionumber ( @$biblionumbers ) { - if ( $self->owner == $borrowernumber or $self->allow_delete_own ) { - $number_removed += $self->get_contents->search( - { - biblionumber => $biblionumber, - borrowernumber => $borrowernumber, - } - )->delete; - } - if ( $self->allow_delete_other ) { - $number_removed += $self->get_contents->search( - { - biblionumber => $biblionumber, - # FIXME - # This does not make sense, but it's has been backported from DelFromShelf. - # Why shouldn't we allow to remove his own contribution if allow_delete_other is on? - borrowernumber => { - -or => { - '!=' => $borrowernumber, - '=' => undef - } - }, - } - )->delete; - } + my $patron = Koha::Patrons->find( $borrowernumber ) or return 0; + if( ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) + || ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) + || $self->allow_change_from_others ) { + $number_removed += $self->get_contents->search({ + biblionumber => $biblionumbers, + })->delete; } return $number_removed; } sub can_be_viewed { my ( $self, $borrowernumber ) = @_; - return 1 if $self->category == $PUBLIC; + return 1 if $self->is_public; return 0 unless $borrowernumber; return 1 if $self->owner == $borrowernumber; return $self->get_shares->search( @@ -234,9 +232,9 @@ sub can_be_deleted { return 0 unless $borrowernumber; return 1 if $self->owner == $borrowernumber; - my $patron = Koha::Borrowers->find( $borrowernumber ); + my $patron = Koha::Patrons->find( $borrowernumber ) or return 0; - return 1 if $self->category == $PUBLIC and C4::Auth::haspermission( $patron->userid, { lists => 'delete_public_lists' } ); + return 1 if $self->is_public and C4::Auth::haspermission( $patron->userid, { lists => 'delete_public_lists' } ); return 0; } @@ -245,31 +243,120 @@ sub can_be_managed { my ( $self, $borrowernumber ) = @_; return 1 if $borrowernumber and $self->owner == $borrowernumber; + + my $patron = Koha::Patrons->find( $borrowernumber ) or return 0; + return 1 + if $self->is_public and C4::Auth::haspermission( $patron->userid, { lists => 'edit_public_lists' } ); return 0; } sub can_biblios_be_added { my ( $self, $borrowernumber ) = @_; + my $patron = Koha::Patrons->find( $borrowernumber ) or return 0; return 1 if $borrowernumber - and ( $self->owner == $borrowernumber - or $self->allow_add ); + and ( ( $self->owner == $borrowernumber && $self->allow_change_from_owner ) or ( $self->allow_change_from_staff && $patron->can_patron_change_staff_only_lists ) or $self->allow_change_from_others ); return 0; } sub can_biblios_be_removed { my ( $self, $borrowernumber ) = @_; + return $self->can_biblios_be_added( $borrowernumber ); + # Same answer since bug 18228 +} - return 1 - if $borrowernumber - and ( $self->owner == $borrowernumber - or $self->allow_delete_own - or $self->allow_delete_other ); - return 0; +=head3 cannot_be_transferred + + $shelf->cannot_be_transferred({ + by => $p1, to => $p2, interface => opac|intranet|undef, + # p1 and p2 are borrowernumbers + }); + + This routine has two main goals: + [1] Decide if patron may transfer a shared list to another + sharee (patron). + [2] Decide if staff member may transfer a public list. + + If you pass interface, we'll check if it supports transfer too. + NOTE: The explicit passing is still more reliable than via context, + since we could switch interface after login in the same session. + + Returns a true value (read: error_code) when not allowed. + The following error codes are possible: + unauthorized_transfer, missing_by_parameter, new_owner_not_found, + new_owner_has_no_share, missing_to_parameter. + Otherwise returns false (zero). + +=cut + +sub cannot_be_transferred { + my ( $self, $params ) = @_; + my $to = $params->{to}; + my $by = $params->{by}; + my $interface = $params->{interface}; + + # Check on interface: currently we don't support transfer shared on intranet, transfer public on OPAC + if( $interface ) { + return 'unauthorized_transfer' + if ( $self->public && $interface eq 'opac' ) or + ( $self->is_private && $interface eq 'intranet' ); + # is_private call is enough here, get_shares tested below + } + + my $shares = $self->public ? undef : $self->get_shares->search({ borrowernumber => { '!=' => undef } }); + return 'unauthorized_transfer' if $self->is_private && !$shares->count; + + if( $by ) { + if( $self->public ) { + my $by_patron = Koha::Patrons->find($by); + return 'unauthorized_transfer' + if !$by_patron || !C4::Auth::haspermission( $by_patron->userid, { lists => 'edit_public_lists' }); + } else { + return 'unauthorized_transfer' if !$self->can_be_managed($by); + } + } else { + return 'missing_by_parameter'; + } + + if( $to ) { + if( !Koha::Patrons->find($to) ) { + return 'new_owner_not_found'; + } + if( !$self->public && !$shares->search({ borrowernumber => $to })->count ) { + return 'new_owner_has_no_share'; + } + } else { + return 'missing_to_parameter'; + } + return 0; # serving as green light } -sub type { +=head3 transfer_ownership + + $list->transfer_ownership( $patron_id ); + +This method transfers the list ownership to the passed I<$patron_id>. + +=cut + +sub transfer_ownership { + my ( $self, $patron_id ) = @_; + + Koha::Exceptions::MissingParameter->throw( "Mandatory parameter 'patron' missing" ) + unless $patron_id; + + $self->remove_share( $patron_id ) if $self->is_private; + return $self->set({ owner => $patron_id })->store; +} + +=head2 Internal methods + +=head3 _type + +=cut + +sub _type { return 'Virtualshelve'; }