X-Git-Url: http://koha-dev.rot13.org:8081/gitweb/?a=blobdiff_plain;f=opac%2Filsdi.pl;h=5b105246fa491ac9df1ae20a637d5e2e77001a4c;hb=9d9ecdc49b4cb71aba99a7d7ca8bc89d426f7ca1;hp=48fd7ba2091c6be49dc344b8eeef13f4cdf8cee2;hpb=481f620455d40f93a3cb37136ef2c3964497751e;p=koha-ffzg.git diff --git a/opac/ilsdi.pl b/opac/ilsdi.pl index 48fd7ba209..5b105246fa 100755 --- a/opac/ilsdi.pl +++ b/opac/ilsdi.pl @@ -4,42 +4,42 @@ # # This file is part of Koha. # -# Koha is free software; you can redistribute it and/or modify it under the -# terms of the GNU General Public License as published by the Free Software -# Foundation; either version 2 of the License, or (at your option) any later -# version. +# Koha is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. # -# Koha is distributed in the hope that it will be useful, but WITHOUT ANY -# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR -# A PARTICULAR PURPOSE. See the GNU General Public License for more details. +# Koha is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. # -# You should have received a copy of the GNU General Public License along -# with Koha; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# You should have received a copy of the GNU General Public License +# along with Koha; if not, see . -use strict; -use warnings; - -use List::MoreUtils qw(any); +use Modern::Perl; use C4::ILSDI::Services; -use C4::Auth; -use C4::Output; +use C4::Auth qw( get_template_and_user ); +use C4::Output qw( output_html_with_http_headers ); use C4::Context; -use XML::Simple; -use CGI; + +use List::MoreUtils qw( any ); +use XML::Simple qw( XMLout ); +use CGI qw ( -utf8 ); +use Net::Netmask; =head1 DLF ILS-DI for Koha This script is a basic implementation of ILS-DI protocol for Koha. It acts like a dispatcher, that get the CGI request, check required and -optionals arguments, call a function from C4::ILS-DI, and finaly +optionals arguments, call a function from C4::ILS-DI, and finally outputs the returned hashref as XML. =cut # Instanciate the CGI request -my $cgi = new CGI; +my $cgi = CGI->new; # List of available services, sorted by level my @services = ( @@ -48,7 +48,7 @@ my @services = ( # Level 1: Basic Discovery Interfaces # 'HarvestBibliographicRecords', # OAI-PMH # 'HarvestExpandedRecords', # OAI-PMH - 'GetAvailability', # FIXME Add bibbliographic level + 'GetAvailability', # FIXME Add bibliographic level # 'GoToBibliographicRequestPage' # I don't understant this one # Level 2: Elementary OPAC supplement @@ -100,49 +100,59 @@ my %required = ( # List of optional arguments my %optional = ( 'Describe' => [], - 'GetAvailability' => [ 'return_type', 'return_fmt' ], + 'GetAvailability' => [ 'return_type', 'return_fmt', 'language' ], 'GetRecords' => ['schema'], 'GetAuthorityRecords' => ['schema'], 'LookupPatron' => ['id_type'], 'AuthenticatePatron' => [], - 'GetPatronInfo' => [ 'show_contact', 'show_fines', 'show_holds', 'show_loans' ], + 'GetPatronInfo' => [ 'show_contact', 'show_fines', 'show_holds', 'show_loans', 'loans_per_page', 'loans_page', 'show_attributes' ], 'GetPatronStatus' => [], 'GetServices' => [], 'RenewLoan' => ['desired_due_date'], - 'HoldTitle' => [ 'pickup_location', 'needed_before_date', 'pickup_expiry_date' ], - 'HoldItem' => [ 'pickup_location', 'needed_before_date', 'pickup_expiry_date' ], + 'HoldTitle' => [ 'pickup_location', 'start_date', 'expiry_date' ], + 'HoldItem' => [ 'pickup_location', 'start_date', 'expiry_date' ], 'CancelHold' => [], ); # If no service is requested, display the online documentation unless ( $cgi->param('service') ) { my ( $template, $loggedinuser, $cookie ) = get_template_and_user( - { template_name => "ilsdi.tmpl", + { template_name => "ilsdi.tt", query => $cgi, type => "opac", authnotrequired => 1, - debug => 1, } ); output_html_with_http_headers $cgi, $cookie, $template->output; exit 0; } +# Set the userenv +C4::Context->_new_userenv( 'ILSDI_'.time() ); +C4::Context->set_userenv( + undef, undef, undef, 'ILSDI', 'ILSDI', + undef, undef, undef, undef, undef, +); +C4::Context->interface('opac'); + # If user requested a service description, then display it -if ( $cgi->param('service') eq "Describe" and any { $cgi->param('verb') eq $_ } @services ) { +if ( scalar $cgi->param('service') eq "Describe" and any { scalar $cgi->param('verb') eq $_ } @services ) { my ( $template, $loggedinuser, $cookie ) = get_template_and_user( - { template_name => "ilsdi.tmpl", + { template_name => "ilsdi.tt", query => $cgi, type => "opac", authnotrequired => 1, - debug => 1, } ); - $template->param( $cgi->param('verb') => 1 ); + $template->param( scalar $cgi->param('verb') => 1 ); output_html_with_http_headers $cgi, $cookie, $template->output; exit 0; } +# any output after this point will be UTF-8 XML +binmode STDOUT, ':encoding(UTF-8)'; +print CGI::header('-type'=>'text/xml', '-charset'=>'utf-8'); + my $out; # If ILS-DI module is disabled in System->Preferences, redirect to 404 @@ -152,12 +162,20 @@ unless ( C4::Context->preference('ILS-DI') ) { } # If the remote address is not allowed, redirect to 403 -my @AuthorizedIPs = split(/,/, C4::Context->preference('ILS-DI:AuthorizedIPs')); -if ( @AuthorizedIPs # If no filter set, allow access to everybody - and not any { $ENV{'REMOTE_ADDR'} eq $_ } @AuthorizedIPs # IP Check - ) { - $out->{'code'} = "NotAllowed"; - $out->{'message'} = "Unauthorized IP address: ".$ENV{'REMOTE_ADDR'}."."; +my @AuthorizedIPs = split( /,/, C4::Context->preference('ILS-DI:AuthorizedIPs') ); +if (@AuthorizedIPs) { # If no filter set, allow access to everybody + my $authorized = 0; + foreach my $ip (@AuthorizedIPs) { + my $netmask = Net::Netmask->new2($ip); + if ( $netmask && $netmask->match( $ENV{REMOTE_ADDR} ) ) { + $authorized = 1; + last; + } + } + unless ($authorized) { + $out->{'code'} = "NotAllowed"; + $out->{'message'} = "Unauthorized IP address: $ENV{REMOTE_ADDR}."; + } } my $service = $cgi->param('service') || "ilsdi"; @@ -168,7 +186,7 @@ if ( $service and any { $service eq $_ } @services ) { my @parmsrequired = @{ $required{$service} }; my @parmsoptional = @{ $optional{$service} }; my @parmsall = ( @parmsrequired, @parmsoptional ); - my @names = $cgi->param; + my @names = $cgi->multi_param; my %paramhash; $paramhash{$_} = 1 for @names; @@ -196,7 +214,7 @@ if ( $service and any { $service eq $_ } @services ) { # check for multiple parameters for ( @names ) { - my @values = $cgi->param($_); + my @values = $cgi->multi_param($_); if ( $#values != 0 ) { $out->{'code'} = "MultipleValuesNotAllowed"; $out->{'message'} = "Multiple values not allowed for the parameter ".$_."."; @@ -207,14 +225,13 @@ if ( $service and any { $service eq $_ } @services ) { # GetAvailability is a special case, as it cannot use XML::Simple if ( $service eq "GetAvailability" ) { - print CGI::header('text/xml'); print C4::ILSDI::Services::GetAvailability($cgi); exit 0; } else { # Variable functions my $sub = do { - no strict 'refs'; +# no strict 'refs'; my $symbol = 'C4::ILSDI::Services::' . $service; \&{"$symbol"}; }; @@ -228,8 +245,6 @@ if ( $service and any { $service eq $_ } @services ) { } # Output XML by passing the hashref to XMLOut -binmode(STDOUT, ":utf8"); -print CGI::header('-type'=>'text/xml', '-charset'=>'utf-8'); print XMLout( $out, noattr => 1,