Bug 7002: fix some invalid superlibrarian permission checks

This patch fixes a problem where if a staff user has superlibrarian
permissions, but also has module-specific permissions, they are
prevent from editing item records that they should be allowed to.

To test:

[1] Turn on IndependentBranches.
[2] Register a superlibrarian staff user at branch A.
[3] Give that new account at least one other module-level
    permission.  This cannot be done through the user interface,
    however, but can be done via SQL:

    UPDATE borrowers SET flags = 3 WHERE userid = 'XXX';

[4] Log in as that new superlibrarian.
[5] Bring up the item details (catalogue/moredetail.pl) page for
    an item at branch B.  Note that there is no 'Edit Item' link.
[6] Similarly, try editing that item (cataloging/additem.pl).  Note
    that the edit form forbids you from touching the item.
[7] Finally, try editing that item using the Tools | Batch item
    modification utility.  Note that it doesn't allow you to do so.
[8] Apply the patch.
[9] Repeat steps 5 through 7.  This time, the item actions should
    be allowed.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described, passes QA script and test suite.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>

diff --git a/catalogue/moredetail.pl b/catalogue/moredetail.pl
index a925285..91877cc 100755 (executable)
--- a/catalogue/moredetail.pl
+++ b/catalogue/moredetail.pl
@@ -175,7 +175,7 @@ foreach my $item (@items){
     if (C4::Context->preference("IndependentBranches")) {
         #verifying rights
         my $userenv = C4::Context->userenv();
-        unless (($userenv->{'flags'} == 1) or ($userenv->{'branch'} eq $item->{'homebranch'})) {
+        unless (C4::Context->IsSuperLibrarian() or ($userenv->{'branch'} eq $item->{'homebranch'})) {
                 $item->{'nomod'}=1;
         }
     }

diff --git a/cataloguing/additem.pl b/cataloguing/additem.pl
index 5c63aa3..268ef66 100755 (executable)
--- a/cataloguing/additem.pl
+++ b/cataloguing/additem.pl
@@ -698,7 +698,7 @@ foreach my $field (@fields) {
         if (($field->tag eq $branchtagfield) && ($subfieldcode eq $branchtagsubfield) && C4::Context->preference("IndependentBranches")) {
             #verifying rights
             my $userenv = C4::Context->userenv();
-            unless (($userenv->{'flags'} == 1) or (($userenv->{'branch'} eq $subfieldvalue))){
+            unless (C4::Context->IsSuperLibrarian() or (($userenv->{'branch'} eq $subfieldvalue))){
                 $this_row{'nomod'} = 1;
             }
         }

diff --git a/tools/batchMod.pl b/tools/batchMod.pl
index 5069d91..97cdab6 100755 (executable)
--- a/tools/batchMod.pl
+++ b/tools/batchMod.pl
@@ -506,7 +506,7 @@ sub BuildItemsData{
                 if ($itembranchcode && C4::Context->preference("IndependentBranches")) {
                                                #verifying rights
                                                my $userenv = C4::Context->userenv();
-                                               unless (($userenv->{'flags'} == 1) or (($userenv->{'branch'} eq $itembranchcode))){
+                        unless (C4::Context->IsSuperLibrarian() or (($userenv->{'branch'} eq $itembranchcode))){
                                                                $this_row{'nomod'}=1;
                                                }
                                }