Bug 9953 - When OpacMaintenance breaks lifting debarment

When OpacMaintenance is on, any opac page will redirect to maintenance.pl.
Some pages of intranet have the same behavior and you get 404 error.
This is because in checkauth, if type arg is undefined it is "opac" by default.

This patch adds type arg in all intranet calls of checkauth.

Test plan :
- Set syspref OpacMaintenance=Show
- Go to a borrower page
- Click on "Fines" and "Create manual invoice"
- Enter an amount and save
=> Check you go to members/boraccount.pl and not maintenance.pl with 404 error

OK

- Click on "Fines" and "Create manual credit"
- Enter an amount and save
=> Check you go to members/boraccount.pl and not maintenance.pl with 404 error

OK

- Edit borrower
- Set "Restricted" to yes and save
- Click on "Lift restriction" in messages
=> Check you keep in member page and not maintenance.pl with 404 error

OK

- Edit borrower
- Set "Expiry date" to a day in the past and save
- Click on "Renew" in messages
=> Check you keep in member page and not maintenance.pl with 404 error

OK

Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Good catch, a tricky bug.
http://bugs.koha-community.org/show_bug.cgi?id=9952

Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Removed a few tabs from mancredit.
All tests and QA script pass now.
Good test plan.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>

diff --git a/members/mancredit.pl b/members/mancredit.pl
index 88200d0..d8e7f6a 100755 (executable)
--- a/members/mancredit.pl
+++ b/members/mancredit.pl
@@ -36,6 +36,7 @@ use C4::Items;
 use C4::Members::Attributes qw(GetBorrowerAttributes);
 
 my $input=new CGI;
+my $flagsrequired = { borrowers => 1, updatecharges => 1 };
 
 my $borrowernumber=$input->param('borrowernumber');
 
@@ -44,7 +45,7 @@ my $data=GetMember('borrowernumber' => $borrowernumber);
 my $add=$input->param('add');
 
 if ($add){
-    if(checkauth($input)) {
+    if ( checkauth( $input, 0, $flagsrequired, 'intranet' ) ) {
         my $barcode = $input->param('barcode');
         my $itemnum;
         if ($barcode) {
@@ -64,7 +65,7 @@ if ($add){
                                          query => $input,
                                          type => "intranet",
                                          authnotrequired => 0,
-                                         flagsrequired => {borrowers => 1, updatecharges => 1},
+                      flagsrequired => $flagsrequired,
                                          debug => 1,
                                          });
                                          
@@ -74,7 +75,7 @@ if ($add){
         $template->param( 'CATCODE_MULTI' => 1) if $cnt > 1;
         $template->param( 'catcode' =>    $catcodes->[0])  if $cnt == 1;
     }
-                                         
+
     $template->param( adultborrower => 1 ) if ( $data->{category_type} eq 'A' );
     my ($picture, $dberror) = GetPatronImage($data->{'cardnumber'});
     $template->param( picture => 1 ) if $picture;

diff --git a/members/maninvoice.pl b/members/maninvoice.pl
index f1c572c..5bd756a 100755 (executable)
--- a/members/maninvoice.pl
+++ b/members/maninvoice.pl
@@ -35,6 +35,7 @@ use C4::Branch;
 use C4::Members::Attributes qw(GetBorrowerAttributes);
 
 my $input=new CGI;
+my $flagsrequired = { borrowers => 1 };
 
 my $borrowernumber=$input->param('borrowernumber');
 
@@ -43,7 +44,7 @@ my $borrowernumber=$input->param('borrowernumber');
 my $data=GetMember('borrowernumber'=>$borrowernumber);
 my $add=$input->param('add');
 if ($add){
-    if(checkauth($input)) {
+    if ( checkauth( $input, 0, $flagsrequired, 'intranet' ) ) {
         #  print $input->header;
         my $barcode=$input->param('barcode');
         my $itemnum;
@@ -61,7 +62,7 @@ if ($add){
                     query           => $input,
                     type            => "intranet",
                     authnotrequired => 0,
-                    flagsrequired   => { borrowers => 1 },
+                    flagsrequired   => $flagsrequired,
                     debug           => 1,
                 }
             );

diff --git a/members/member-password.pl b/members/member-password.pl
index fe24df3..ebba80a 100755 (executable)
--- a/members/member-password.pl
+++ b/members/member-password.pl
@@ -35,7 +35,7 @@ my ($template, $loggedinuser, $cookie, $staffflags)
 my $flagsrequired;
 $flagsrequired->{borrowers}=1;
 
-#my ($loggedinuser, $cookie, $sessionID) = checkauth($input, 0, $flagsrequired);
+#my ($loggedinuser, $cookie, $sessionID) = checkauth($input, 0, $flagsrequired, 'intranet');
 
 my $member=$input->param('member');
 my $cardnumber = $input->param('cardnumber');

diff --git a/members/setdebar.pl b/members/setdebar.pl
index bc0bafb..280ffaa 100755 (executable)
--- a/members/setdebar.pl
+++ b/members/setdebar.pl
@@ -36,10 +36,7 @@ use C4::Auth;
 
 my $input = new CGI;
 
-my $flagsrequired;
-$flagsrequired->{borrowers} = 1;
-my ( $loggedinuser, $cookie, $sessionID ) =
-  checkauth( $input, 0, $flagsrequired );
+checkauth( $input, 0, { borrowers => 1 }, 'intranet' );
 
 my $borrowernumber = $input->param('borrowernumber');
 

diff --git a/members/setstatus.pl b/members/setstatus.pl
index 914c36e..a6a35aa 100755 (executable)
--- a/members/setstatus.pl
+++ b/members/setstatus.pl
@@ -34,9 +34,7 @@ use C4::Auth;
 
 my $input = new CGI;
 
-my $flagsrequired;
-$flagsrequired->{borrowers}=1;
-checkauth($input, 0, $flagsrequired);
+checkauth($input, 0, { borrowers => 1 }, 'intranet');
 
 my $destination = $input->param("destination") || '';
 my $cardnumber = $input->param("cardnumber");