When IndependentBranches is activated and a non-superlibrarian user looks at the "Patrons with no checkouts" report, it shows patrons from other libraries.
To recreate:
1) Activate IndependentBranches, IndependentBranchesPatronModifications and IndependentBranchesTransfers
2) Create a staff user with limited permissions (NOT a superlibrarian), including reports permissions. Here are mine as an example
- circulate (all)
- catalogue
- borrowers
- delete_borrowers
- edit_borrowers
- reserveforothers (all)
- reports (all)
3) Create (or make sure you already have) a patron in another branch (if using an existing patron, make sure they have no checkouts or checkout history)
4) Log in as your limited staff patron
5) Go to Reports > Inactive > Patrons who haven't checked out
6) Don't put in any limitations and click Submit
-- The patron from the other library appears in the list
7) Try to search for that other patron in the patron module
-- The patron from the other library is inaccessible
8) Apply the patch
9) Notice that the limited patron can only see patrons from his own
library
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
$strcalc .= " , " . $dbh->quote($colfield) if ($colfield);
$strcalc .= " FROM borrowers ";
$strcalc .= "WHERE 1 ";
+ if(C4::Context->preference('IndependentBranches') && !C4::Context->IsSuperLibrarian()){
+ $strcalc .= "AND branchcode = '".C4::Context->userenv->{branch}."' ";
+ }
+
+
my @query_args;
if ( @$filters[0] ) {
@$filters[0]=~ s/\*/%/g;
projects / srvgit / commitdiff