X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=members%2Fmaninvoice.pl;h=01464cf3a44204c9efa8b444170614b428917bac;hb=075ef09f48b66df7766c22e1c9ecf1d3cf7a039a;hp=f210a85d4bdb48c479fe85b3f3a1f3024d2ec05a;hpb=d6f99f0df11e824353fa051b595b01bf8b4ac28d;p=koha-ffzg.git diff --git a/members/maninvoice.pl b/members/maninvoice.pl index f210a85d4b..01464cf3a4 100755 --- a/members/maninvoice.pl +++ b/members/maninvoice.pl @@ -3,9 +3,9 @@ #written 11/1/2000 by chris@katipo.oc.nz #script to display borrowers account details - # Copyright 2000-2002 Katipo Communications # Copyright 2010 BibLibre +# Copyright 2019 PTFS Europe # # This file is part of Koha. # @@ -23,115 +23,215 @@ # along with Koha; if not, see . use Modern::Perl; +use Try::Tiny qw( catch try ); +use URI::Escape qw( uri_escape_utf8 ); -use C4::Auth; -use C4::Output; +use C4::Auth qw( get_template_and_user ); +use C4::Output qw( output_and_exit_if_error output_and_exit output_html_with_http_headers ); use CGI qw ( -utf8 ); use C4::Members; use C4::Accounts; -use C4::Items; -use C4::Members::Attributes qw(GetBorrowerAttributes); use Koha::Token; use Koha::Patrons; +use Koha::Items; +use Koha::Old::Items; +use Koha::Checkouts; +use Koha::Old::Checkouts; use Koha::Patron::Categories; +use Koha::Account::DebitTypes; +use Koha::AdditionalFields; -my $input=new CGI; -my $flagsrequired = { borrowers => 'edit_borrowers' }; - -my $borrowernumber=$input->param('borrowernumber'); +my $input = CGI->new; +my ( $template, $loggedinuser, $cookie ) = get_template_and_user( + { + template_name => "members/maninvoice.tt", + query => $input, + type => "intranet", + flagsrequired => { + borrowers => 'edit_borrowers', + updatecharges => 'manual_invoice' + } + } +); -my $patron = Koha::Patrons->find( $borrowernumber ); -unless ( $patron ) { - print $input->redirect("/cgi-bin/koha/circ/circulation.pl?borrowernumber=$borrowernumber"); +my $borrowernumber = $input->param('borrowernumber'); +my $patron = Koha::Patrons->find($borrowernumber); +unless ($patron) { + print $input->redirect( + "/cgi-bin/koha/circ/circulation.pl?borrowernumber=$borrowernumber"); exit; } -my $add=$input->param('add'); -if ($add){ - if ( checkauth( $input, 0, $flagsrequired, 'intranet' ) ) { - die "Wrong CSRF token" - unless Koha::Token->new->check_csrf( { - session_id => scalar $input->cookie('CGISESSID'), - token => scalar $input->param('csrf_token'), - }); - # Note: If the logged in user is not allowed to see this patron an invoice can be forced - # Here we are trusting librarians not to hack the system - my $barcode=$input->param('barcode'); - my $itemnum; - if ($barcode) { - $itemnum = GetItemnumberFromBarcode($barcode); +my $logged_in_user = Koha::Patrons->find($loggedinuser); +output_and_exit_if_error( + $input, $cookie, + $template, + { + module => 'members', + logged_in_user => $logged_in_user, + current_patron => $patron + } +); + +my $library_id = C4::Context->userenv->{'branch'}; +my $desc = $input->param('desc'); +my $amount = $input->param('amount'); +my $note = $input->param('note'); +my $debit_type = $input->param('type'); +my $barcode = $input->param('barcode'); +$template->param( + desc => $desc, + amount => $amount, + note => $note, + type => $debit_type, + barcode => $barcode +); + +my $add = $input->param('add'); +if ($add) { + output_and_exit( $input, $cookie, $template, 'wrong_csrf_token' ) + unless Koha::Token->new->check_csrf( + { + session_id => scalar $input->cookie('CGISESSID'), + token => scalar $input->param('csrf_token'), } - my $desc=$input->param('desc'); - my $amount=$input->param('amount'); - my $type=$input->param('type'); - my $note = $input->param('note'); - my $error = manualinvoice( $borrowernumber, $itemnum, $desc, $type, $amount, $note ); - if ($error) { - my ( $template, $loggedinuser, $cookie ) = get_template_and_user( - { template_name => "members/maninvoice.tt", - query => $input, - type => "intranet", - authnotrequired => 0, - flagsrequired => $flagsrequired, - debug => 1, + ); + + # Note: If the logged in user is not allowed to see this patron an invoice can be forced + # Here we are trusting librarians not to hack the system + my $desc = $input->param('desc'); + my $amount = $input->param('amount'); + my $note = $input->param('note'); + my $debit_type = $input->param('type'); + + # If barcode is passed, attempt to find the associated item + my $failed; + my $item_id; + my $olditem; # FIXME: When items and deleted_items are merged, we can remove this + my $issue_id; + if ($barcode) { + my $item = Koha::Items->find( { barcode => $barcode } ); + if ($item) { + $item_id = $item->itemnumber; + } + else { + $item = Koha::Old::Items->search( { barcode => $barcode }, + { order_by => { -desc => 'timestamp' }, rows => 1 } ); + if ($item->count) { + $item_id = $item->next->itemnumber; + $olditem = 1; + } + else { + $template->param( error => 'itemnumber' ); + $failed = 1; + } + } + + if ( ( $debit_type eq 'LOST' ) && $item_id ) { + my $checkouts = Koha::Checkouts->search( + { + itemnumber => $item_id, + borrowernumber => $borrowernumber } ); - if ( $error =~ /FOREIGN KEY/ && $error =~ /itemnumber/ ) { - $template->param( 'ITEMNUMBER' => 1 ); - } - $template->param( csrf_token => Koha::Token->new->generate_csrf({ session_id => scalar $input->cookie('CGISESSID') }) ); - $template->param( 'ERROR' => $error ); - output_html_with_http_headers $input, $cookie, $template->output; - } else { - print $input->redirect("/cgi-bin/koha/members/boraccount.pl?borrowernumber=$borrowernumber"); - exit; + my $checkout = + $checkouts->count + ? $checkouts->next + : Koha::Old::Checkouts->search( + { + itemnumber => $item_id, + borrowernumber => $borrowernumber + }, + { order_by => { -desc => 'returndate' }, rows => 1 } + )->next; + $issue_id = $checkout ? $checkout->issue_id : undef; } } -} else { - my ($template, $loggedinuser, $cookie) = get_template_and_user({ - template_name => "members/maninvoice.tt", - query => $input, - type => "intranet", - authnotrequired => 0, - flagsrequired => { borrowers => 'edit_borrowers', - updatecharges => 'remaining_permissions' }, - debug => 1, - }); - - my $logged_in_user = Koha::Patrons->find( $loggedinuser ) or die "Not logged in"; - output_and_exit_if_error( $input, $cookie, $template, { module => 'members', logged_in_user => $logged_in_user, current_patron => $patron } ); - - # get authorised values with type of MANUAL_INV - my @invoice_types; - my $dbh = C4::Context->dbh; - my $sth = $dbh->prepare('SELECT * FROM authorised_values WHERE category = "MANUAL_INV"'); - $sth->execute(); - while ( my $row = $sth->fetchrow_hashref() ) { - push @invoice_types, $row; - } - $template->param( invoice_types_loop => \@invoice_types ); - - if ( $patron->is_child ) { - my $patron_categories = Koha::Patron::Categories->search_limited({ category_type => 'A' }, {order_by => ['categorycode']}); - $template->param( 'CATCODE_MULTI' => 1) if $patron_categories->count > 1; - $template->param( 'catcode' => $patron_categories->next->categorycode ) if $patron_categories->count == 1; - } + unless ($failed) { + try { + my $line = $patron->account->add_debit( + { + amount => $amount, + description => $desc, + note => $note, + user_id => $logged_in_user->borrowernumber, + interface => 'intranet', + library_id => $library_id, + type => $debit_type, + ( $olditem ? () : ( item_id => $item_id ) ), + issue_id => $issue_id + } + ); - if (C4::Context->preference('ExtendedPatronAttributes')) { - my $attributes = GetBorrowerAttributes($borrowernumber); - $template->param( - ExtendedPatronAttributes => 1, - extendedattributes => $attributes - ); - } + my @additional_fields; + my $accountline_fields = Koha::AdditionalFields->search({ tablename => 'accountlines:debit' }); + while ( my $field = $accountline_fields->next ) { + my $value = $input->param('additional_field_' . $field->id); + if (defined $value) { + push @additional_fields, { + id => $field->id, + value => $value, + }; + } + } + if (@additional_fields) { + $line->set_additional_fields(\@additional_fields); + } + + if ( C4::Context->preference('AccountAutoReconcile') ) { + $patron->account->reconcile_balance; + } + + if ( $add eq 'save and pay' ) { + my $url = sprintf( + '/cgi-bin/koha/members/paycollect.pl?borrowernumber=%s&pay_individual=1&debit_type_code=%s&amount=%s&amountoutstanding=%s&description=%s&itemnumber=%s&accountlines_id=%s', + map { uri_escape_utf8($_) } ( + $borrowernumber, + $line->debit_type_code, + $line->amount, + $line->amountoutstanding, + $line->description, + $line->itemnumber, + $line->id + ) + ); + + print $input->redirect($url); + } + else { + print $input->redirect( + "/cgi-bin/koha/members/boraccount.pl?borrowernumber=$borrowernumber" + ); + } - $template->param( - csrf_token => Koha::Token->new->generate_csrf({ session_id => scalar $input->cookie('CGISESSID') }), - patron => $patron, - finesview => 1, - ); - output_html_with_http_headers $input, $cookie, $template->output; + exit; + } + catch { + my $error = $_; + if ( ref($error) eq 'Koha::Exceptions::Object::FKConstraint' ) { + $template->param( error => $error->broken_fk ); + } + else { + $template->param( error => $error ); + } + } + } } + +my $debit_types = Koha::Account::DebitTypes->search_with_library_limits( + { can_be_invoiced => 1, archived => 0 }, + {}, $library_id ); + +$template->param( + debit_types => $debit_types, + csrf_token => Koha::Token->new->generate_csrf( + { session_id => scalar $input->cookie('CGISESSID') } + ), + patron => $patron, + finesview => 1, + available_additional_fields => [ Koha::AdditionalFields->search({ tablename => 'accountlines:debit' })->as_list ], + ); +output_html_with_http_headers $input, $cookie, $template->output;