Bug 18898 - Some permissions for Reports can be bypassed
[koha.git] / svc / checkin
blob78db9d923db970deb452d1e73e76c8f1966c8795
1 #!/usr/bin/perl
3 # Copyright 2014 ByWater Solutions
4 # Copyright 2016 Aleisha Amohia <aleisha@catalyst.net.nz>
6 # This file is part of Koha.
8 # Koha is free software; you can redistribute it and/or modify it under the
9 # terms of the GNU General Public License as published by the Free Software
10 # Foundation; either version 3 of the License, or (at your option) any later
11 # version.
13 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
14 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
15 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License along
18 # with Koha; if not, write to the Free Software Foundation, Inc.,
19 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
21 use Modern::Perl;
23 use CGI;
24 use JSON qw(to_json);
26 use C4::Circulation;
27 use C4::Items qw(GetBarcodeFromItemnumber GetItem ModItem);
28 use C4::Context;
29 use C4::Auth qw(check_cookie_auth);
30 use Koha::Checkouts;
32 my $input = new CGI;
34 my ( $auth_status, $sessionID ) =
35 check_cookie_auth( $input->cookie('CGISESSID'),
36 { circulate => 'circulate_remaining_permissions' } );
38 if ( $auth_status ne "ok" ) {
39 exit 0;
42 binmode STDOUT, ":encoding(UTF-8)";
43 print $input->header( -type => 'text/plain', -charset => 'UTF-8' );
45 my $itemnumber = $input->param('itemnumber');
46 my $borrowernumber = $input->param('borrowernumber');
47 my $override_limit = $input->param('override_limit');
48 my $exempt_fine = $input->param('exempt_fine');
49 my $branchcode = $input->param('branchcode')
50 || C4::Context->userenv->{'branch'};
52 # Expect these inputs to come in as JSON boolean values
53 $override_limit = $override_limit ? $override_limit eq 'true' : undef;
54 $exempt_fine = $exempt_fine ? $exempt_fine eq 'true' : undef;
56 my $barcode = GetBarcodeFromItemnumber($itemnumber);
58 my $data;
59 $data->{itemnumber} = $itemnumber;
60 $data->{borrowernumber} = $borrowernumber;
61 $data->{branchcode} = $branchcode;
63 if ( C4::Context->preference("InProcessingToShelvingCart") ) {
64 my $item = GetItem($itemnumber);
65 if ( $item->{'location'} eq 'PROC' ) {
66 $item->{'location'} = 'CART';
67 ModItem( $item, $item->{'biblionumber'}, $item->{'itemnumber'} );
71 if ( C4::Context->preference("ReturnToShelvingCart") ) {
72 my $item = GetItem($itemnumber);
73 $item->{'location'} = 'CART';
74 ModItem( $item, $item->{'biblionumber'}, $item->{'itemnumber'} );
77 my $checkout = Koha::Checkouts->find({ itemnumber => $itemnumber });
78 $data->{patronnote} = $checkout ? $checkout->note : q||;
80 ( $data->{returned} ) = AddReturn( $barcode, $branchcode, $exempt_fine );
82 print to_json($data);