Bug 26517: Avoid deleting patrons with permission

The patron deletion script misc/cronjobs/delete_patrons.pl uses C4::Member::GetBorrowersToExpunge() to get patrons that may be deleted.
This method filters patrons from a staff category.
I propose to also filter patrons having permission, so a staff member.
Some small libraries do not define a "staff" category and give permissions to regular patrons.

Test plan :
1) Create a patron on adult type category with expiry date in the past and permission to access staff interface
2) Without patch
3) Run delete script : ./src/misc/cronjobs/delete_patrons.pl -v --expired_before='$(date -I)'
4) You see the patron will be deleted
5) Apply patch
6) Run delete script : ./src/misc/cronjobs/delete_patrons.pl -v --expired_before='$(date -I)'
7) You dont see the patron

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

diff --git a/C4/Members.pm b/C4/Members.pm
index 0505634..72f9cbd 100644 (file)
--- a/C4/Members.pm
+++ b/C4/Members.pm
@@ -408,6 +408,7 @@ sub GetBorrowersToExpunge {
         $query .= q| LEFT JOIN patron_list_patrons USING (borrowernumber)|;
     }
     $query .= q| WHERE  category_type <> 'S'
+        AND ( borrowers.flags IS NULL OR borrowers.flags = 0 )
         AND tmp.guarantor_id IS NULL
     |;
     my @query_params;