This last patch activates the check at client side.
If the pref ProtectSuperlibPrivs is enabled, non-superlibs should not be
able to change superlibrarian privileges via the interface.
Test plan:
[1] Enable the pref.
[2] Login as superlib and add/remove superlib privs to a staff user.
[3] Login as another user (no superlib, but having borrowers, permissions
and staff_access). Verify that you cannot add or remove superlib
privs.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: JM Broust <jean-manuel.broust@univ-lyon2.fr>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
}
});
+ [% IF disable_superlibrarian_privs %]
+ $("input#flag-0").attr("disabled", true);
+ $("form").submit(function(e) {
+ $("input#flag-0").removeAttr("disabled");
+ });
+ [% END %]
});
// manage checking/unchecking parent permissions