search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 13417: Limit the permission to delete
[koha.git] / C4 / VirtualShelves / Page.pm
blob6117ea9128e2d820cf84e8535b91295c2d54ae3b
1 package C4::VirtualShelves::Page;
2
3 #
4 # Copyright 2000-2002 Katipo Communications
5 #
6 # This file is part of Koha.
7 #
8 # Koha is free software; you can redistribute it and/or modify it under the
9 # terms of the GNU General Public License as published by the Free Software
10 # Foundation; either version 2 of the License, or (at your option) any later
11 # version.
12 #
13 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
14 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
15 # A PARTICULAR PURPOSE. See the GNU General Public License for more details.
16 #
17 # You should have received a copy of the GNU General Public License along
18 # with Koha; if not, write to the Free Software Foundation, Inc.,
19 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20
21 # perldoc at the end of the file, per convention.
22
23 use strict;
24 use warnings;
25
26 use CGI qw ( -utf8 );
27 use Exporter;
28 use Data::Dumper;
29
30 use C4::VirtualShelves qw/:DEFAULT ShelvesMax/;
31 use C4::Biblio;
32 use C4::Items;
33 use C4::Koha;
34 use C4::Auth qw/get_session/;
35 use C4::Members;
36 use C4::Output;
37 use C4::Dates qw/format_date/;
38 use C4::Tags qw(get_tags);
39 use C4::Csv;
40 use C4::XSLT;
41
42 use constant VIRTUALSHELVES_COUNT => 20;
43
44 use vars qw($debug @EXPORT @ISA $VERSION);
45
46 BEGIN {
47 $VERSION = 3.07.00.049;
48 @ISA = qw(Exporter);
49 @EXPORT = qw(&shelfpage);
50 $debug = $ENV{DEBUG} || 0;
51 }
52
53 our %pages = (
54 intranet => { redirect => '/cgi-bin/koha/virtualshelves/shelves.pl', },
55 opac => { redirect => '/cgi-bin/koha/opac-shelves.pl', },
56 );
57
58 sub shelfpage {
59 my ( $type, $query, $template, $loggedinuser, $cookie ) = @_;
60 ( $pages{$type} ) or $type = 'opac';
61 $query or die "No query";
62 $template or die "No template";
63 $template->param(
64 loggedinuser => $loggedinuser,
65 OpacAllowPublicListCreation => C4::Context->preference('OpacAllowPublicListCreation'),
66 );
67 my $edit;
68 my $shelves;
69 my @paramsloop;
70 my $totitems;
71 my $shelfoff = ( $query->param('shelfoff') ? $query->param('shelfoff') : 1 );
72 $template->{VARS}->{'shelfoff'} = $shelfoff;
73 my $itemoff = ( $query->param('itemoff') ? $query->param('itemoff') : 1 );
74 my $displaymode = ( $query->param('display') ? $query->param('display') : 'publicshelves' );
75 my ( $shelflimit, $shelfoffset, $shelveslimit, $shelvesoffset );
76 my $marcflavour = C4::Context->preference("marcflavour");
77
78 $shelflimit = ( $type eq 'opac' ? C4::Context->preference('OPACnumSearchResults') : C4::Context->preference('numSearchResults') );
79 $shelflimit = $shelflimit || ShelvesMax('MGRPAGE');
80 $shelfoffset = ( $itemoff - 1 ) * $shelflimit; # Sets the offset to begin retrieving items at
81 $shelveslimit = $shelflimit; # Limits number of shelves returned for a given query (row_count)
82 $shelvesoffset = ( $shelfoff - 1 ) * $shelflimit; # Sets the offset to begin retrieving shelves at (offset)
83 # getting the Shelves list
84 my $category = ( ( $displaymode eq 'privateshelves' ) ? 1 : 2 );
85 my $shelflist = GetShelves( $category, $shelveslimit, $shelvesoffset, $loggedinuser );
86 my $totshelves = C4::VirtualShelves::GetShelfCount( $loggedinuser, $category );
87
88 my $op = $query->param('op');
89
90 # the format of this is unindented for ease of diff comparison to the old script
91 # Note: do not mistake the assignment statements below for comparisons!
92 if ( $query->param('modifyshelfcontents') ) {
93 my ( $shelfnumber, $barcode, $item, $biblio );
94 if ( $shelfnumber = $query->param('viewshelf') ) {
95 #add to shelf
96 if($barcode = $query->param('addbarcode') ) {
97 if(ShelfPossibleAction( $loggedinuser, $shelfnumber, 'add')) {
98 $item = GetItem( 0, $barcode);
99 if (defined $item && $item->{'itemnumber'}) {
100 $biblio = GetBiblioFromItemNumber( $item->{'itemnumber'} );
101 AddToShelf( $biblio->{'biblionumber'}, $shelfnumber, $loggedinuser)
102 or push @paramsloop, { duplicatebiblio => $barcode };
103 }
104 else {
105 push @paramsloop, { failgetitem => $barcode };
106 }
107 }
108 else {
109 push @paramsloop, { nopermission => $shelfnumber };
110 }
111 }
112 elsif(grep { /REM-(\d+)/ } $query->param) {
113 #remove item(s) from shelf
114 if(ShelfPossibleAction($loggedinuser, $shelfnumber, 'delete')) {
115 #This is just a general okay; DelFromShelf checks further
116 my @bib;
117 foreach($query->param) {
118 /REM-(\d+)/ or next;
119 push @bib, $1; #$1 is biblionumber
120 }
121 my $t= DelFromShelf(\@bib, $shelfnumber, $loggedinuser);
122 if($t==0) {
123 push @paramsloop, {nothingdeleted => $shelfnumber};
124 }
125 elsif($t<@bib) {
126 push @paramsloop, {somedeleted => $shelfnumber};
127 }
128 }
129 else {
130 push @paramsloop, { nopermission => $shelfnumber };
131 }
132 }
133 }
134 else {
135 push @paramsloop, { noshelfnumber => 1 };
136 }
137 }
138
139 my $showadd = 1;
140
141 # set the default tab, etc. (for OPAC)
142 my $shelf_type = ( $query->param('display') ? $query->param('display') : 'publicshelves' );
143 if ( defined $shelf_type ) {
144 if ( $shelf_type eq 'privateshelves' ) {
145 $template->param( showprivateshelves => 1 );
146 } elsif ( $shelf_type eq 'publicshelves' ) {
147 $template->param( showpublicshelves => 1 );
148 $showadd = 0;
149 } else {
150 $debug and warn "Invalid 'display' param ($shelf_type)";
151 }
152 } elsif ( $loggedinuser == -1 ) {
153 $template->param( showpublicshelves => 1 );
154 } else {
155 $template->param( showprivateshelves => 1 );
156 }
157
158 my ( $okmanage, $okview );
159 my $shelfnumber = $query->param('shelfnumber') || $query->param('viewshelf');
160 if ($shelfnumber) {
161 $okmanage = ShelfPossibleAction( $loggedinuser, $shelfnumber, 'manage' );
162 $okview = ShelfPossibleAction( $loggedinuser, $shelfnumber, 'view' );
163 }
164
165 my $delflag = 0;
166
167 SWITCH: {
168 if ($op) {
169 #Saving modified shelf
170 if ( $op eq 'modifsave' ) {
171 unless ($okmanage) {
172 push @paramsloop, { nopermission => $shelfnumber };
173 last SWITCH;
174 }
175 my $shelf = {
176 shelfname => $query->param('shelfname'),
177 sortfield => $query->param('sortfield'),
178 allow_add => $query->param('allow_add'),
179 allow_delete_own => $query->param('allow_delete_own'),
180 allow_delete_other => $query->param('allow_delete_other'),
181 };
182 if($query->param('category')) { #optional
183 $shelf->{category}= $query->param('category');
184 }
185 unless(ModShelf($shelfnumber, $shelf )) {
186 push @paramsloop, {modifyfailure => $shelf->{shelfname}};
187 last SWITCH;
188 }
189
190 if($displaymode eq "viewshelf"){
191 print $query->redirect( $pages{$type}->{redirect} . "?viewshelf=$shelfnumber" );
192 } elsif($displaymode eq "publicshelves"){
193 print $query->redirect( $pages{$type}->{redirect} );
194 } else {
195 print $query->redirect( $pages{$type}->{redirect} . "?display=privateshelves" );
196 }
197 exit;
198 }
199 #Editing a shelf
200 elsif ( $op eq 'modif' ) {
201 my ( $shelfnumber2, $shelfname, $owner, $category, $sortfield, $allow_add, $allow_delete_own, $allow_delete_other) = GetShelf($shelfnumber);
202 my $member = GetMember( 'borrowernumber' => $owner );
203 my $ownername = defined($member) ? $member->{firstname} . " " . $member->{surname} : '';
204 $edit = 1;
205 $template->param(
206 edit => 1,
207 display => $displaymode,
208 shelfnumber => $shelfnumber2,
209 shelfname => $shelfname,
210 owner => $owner,
211 ownername => $ownername,
212 "category$category" => 1,
213 category => $category,
214 sortfield => $sortfield,
215 allow_add => $allow_add,
216 allow_delete_own => $allow_delete_own,
217 allow_delete_other => $allow_delete_other,
218 );
219 }
220 last SWITCH;
221 }
222
223 #View a shelf
224 if ( $shelfnumber = $query->param('viewshelf') ) {
225 # explicitly fetch this shelf
226 my ($shelfnumber2,$shelfname,$owner,$category,$sorton) = GetShelf($shelfnumber);
227
228 $template->param(
229 'AllowOnShelfHolds' => C4::Context->preference('AllowOnShelfHolds'),
230 'DisplayMultiPlaceHold' => C4::Context->preference('DisplayMultiPlaceHold'),
231 );
232 if (C4::Context->preference('TagsEnabled')) {
233 $template->param(TagsEnabled => 1);
234 foreach (qw(TagsShowOnList TagsInputOnList)) {
235 C4::Context->preference($_) and $template->param($_ => 1);
236 }
237 }
238 #check that the user can view the shelf
239 if ( ShelfPossibleAction( $loggedinuser, $shelfnumber, 'view' ) ) {
240 my $items;
241 my $tag_quantity;
242 my $sortfield = ( $sorton ? $sorton : 'title' );
243 $sortfield = $query->param('sort') || $sortfield; ## Passed in sorting overrides default sorting
244 my $direction = $query->param('direction') || 'asc';
245 $template->param(
246 sort => $sortfield,
247 direction => $direction,
248 );
249 ( $items, $totitems ) = GetShelfContents( $shelfnumber, $shelflimit, $shelfoffset, $sortfield, $direction );
250
251 # get biblionumbers stored in the cart
252 # Note that it's not use at the intranet
253 my @cart_list;
254 my $cart_cookie = ( $type eq 'opac' ? "bib_list" : "intranet_bib_list" );
255 if($query->cookie($cart_cookie)){
256 my $cart_list = $query->cookie($cart_cookie);
257 @cart_list = split(/\//, $cart_list);
258 }
259
260 for my $this_item (@$items) {
261 my $biblionumber = $this_item->{'biblionumber'};
262 my $record = GetMarcBiblio($biblionumber);
263 if (C4::Context->preference("OPACXSLTResultsDisplay") && $type eq 'opac') {
264 $this_item->{XSLTBloc} = XSLTParse4Display($biblionumber, $record, "OPACXSLTResultsDisplay");
265 } elsif (C4::Context->preference("XSLTResultsDisplay") && $type eq 'intranet') {
266 $this_item->{XSLTBloc} = XSLTParse4Display($biblionumber, $record, "XSLTResultsDisplay");
267 }
268
269 # the virtualshelfcontents table does not store these columns nor are they retrieved from the items
270 # and itemtypes tables, so I'm commenting them out for now to quiet the log -crn
271 #$this_item->{imageurl} = $imgdir."/".$itemtypes->{ $this_item->{itemtype} }->{'imageurl'};
272 #$this_item->{'description'} = $itemtypes->{ $this_item->{itemtype} }->{'description'};
273 $this_item->{'dateadded'} = format_date( $this_item->{'dateadded'} );
274 $this_item->{'imageurl'} = getitemtypeinfo( $this_item->{'itemtype'}, $type )->{'imageurl'};
275 $this_item->{'coins'} = GetCOinSBiblio( $record );
276 $this_item->{'subtitle'} = GetRecordValue('subtitle', $record, GetFrameworkCode($this_item->{'biblionumber'}));
277 $this_item->{'normalized_upc'} = GetNormalizedUPC( $record,$marcflavour);
278 $this_item->{'normalized_ean'} = GetNormalizedEAN( $record,$marcflavour);
279 $this_item->{'normalized_oclc'} = GetNormalizedOCLCNumber($record,$marcflavour);
280 $this_item->{'normalized_isbn'} = GetNormalizedISBN(undef,$record,$marcflavour);
281 if(!defined($this_item->{'size'})) { $this_item->{'size'} = "" }; #TT has problems with size
282 # Getting items infos for location display
283 my @items_infos = &GetItemsLocationInfo( $this_item->{'biblionumber'});
284 $this_item->{'itemsissued'} = CountItemsIssued( $this_item->{'biblionumber'} );
285 $this_item->{'ITEM_RESULTS'} = \@items_infos;
286 if ( grep {$_ eq $biblionumber} @cart_list) {
287 $this_item->{'incart'} = 1;
288 }
289
290 if (C4::Context->preference('TagsEnabled') and $tag_quantity = C4::Context->preference('TagsShowOnList')) {
291 $this_item->{'TagLoop'} = get_tags({
292 biblionumber=>$this_item->{'biblionumber'}, approved=>1, 'sort'=>'-weight',
293 limit=>$tag_quantity
294 });
295 }
296
297 }
298 if($type eq 'intranet'){
299 # Build drop-down list for 'Add To:' menu...
300 my ($totalref, $pubshelves, $barshelves)=
301 C4::VirtualShelves::GetSomeShelfNames($loggedinuser,'COMBO',1);
302 $template->param(
303 addbarshelves => $totalref->{bartotal},
304 addbarshelvesloop => $barshelves,
305 addpubshelves => $totalref->{pubtotal},
306 addpubshelvesloop => $pubshelves,
307 );
308 }
309 push @paramsloop, { display => 'privateshelves' } if $category == 1;
310 $showadd = 1;
311 my $i = 0;
312 my $manageshelf = ShelfPossibleAction( $loggedinuser, $shelfnumber, 'manage' );
313 my $can_delete_shelf = ShelfPossibleAction( $loggedinuser, $shelfnumber, 'delete_shelf' );
314 $template->param(
315 shelfname => $shelfname,
316 shelfnumber => $shelfnumber,
317 viewshelf => $shelfnumber,
318 sortfield => $sortfield,
319 manageshelf => $manageshelf,
320 allowremovingitems => ShelfPossibleAction( $loggedinuser, $shelfnumber, 'delete'),
321 allowaddingitem => ShelfPossibleAction( $loggedinuser, $shelfnumber, 'add'),
322 allowdeletingshelf => $can_delete_shelf,
323 "category$category" => 1,
324 category => $category,
325 itemsloop => $items,
326 showprivateshelves => $category==1,
327 );
328 } else {
329 push @paramsloop, { nopermission => $shelfnumber };
330 }
331 last SWITCH;
332 }
333
334 if ( $query->param('shelves') ) {
335 my $stay = 1;
336
337 #Add a shelf
338 if ( my $newshelf = $query->param('addshelf') ) {
339
340 # note: a user can always add a new shelf (except database administrator account)
341 my $shelfnumber = AddShelf( {
342 shelfname => $newshelf,
343 sortfield => $query->param('sortfield'),
344 category => $query->param('category'),
345 allow_add => $query->param('allow_add'),
346 allow_delete_own => $query->param('allow_delete_own'),
347 allow_delete_other => $query->param('allow_delete_other'),
348 },
349 $query->param('owner') );
350 $stay = 1;
351 if( !$shelfnumber ) {
352 push @paramsloop, { addshelf_failed => 1 };
353 } elsif ( $shelfnumber == -1 ) { #shelf already exists.
354 $showadd = 1;
355 push @paramsloop, { already => $newshelf };
356 $template->param( shelfnumber => $shelfnumber );
357 } else {
358 print $query->redirect( $pages{$type}->{redirect} . "?viewshelf=$shelfnumber" );
359 exit;
360 }
361 }
362
363 #Deleting a shelf (asking for confirmation if it has entries)
364 foreach ( $query->param() ) {
365 /(DEL|REMSHR)-(\d+)/ or next;
366 $delflag = 1;
367 my $number = $2;
368 unless ( defined $shelflist->{$number} ) {
369 push( @paramsloop, { unrecognized => $number } );
370 last;
371 }
372 #remove a share
373 if(/REMSHR/) {
374 RemoveShare($loggedinuser, $number);
375 delete $shelflist->{$number} if exists $shelflist->{$number};
376 $stay=0;
377 next;
378 }
379
380 my $can_manage = ShelfPossibleAction( $loggedinuser, $number, 'manage' );
381 my $can_delete = ShelfPossibleAction( $loggedinuser, $number, 'delete_shelf' );
382 unless ( $can_manage or $can_delete ) {
383 push( @paramsloop, { nopermission => $shelfnumber } );
384 last;
385 }
386 my $contents;
387 ( $contents, $totshelves ) = GetShelfContents( $number, $shelveslimit, $shelvesoffset );
388 if ( $totshelves > 0 ) {
389 unless ( scalar grep { /^CONFIRM-$number$/ } $query->param() ) {
390 if ( defined $shelflist->{$number} ) {
391 push( @paramsloop, { need_confirm => $shelflist->{$number}->{shelfname}, count => $totshelves, single => ($totshelves eq 1 ? 1:0) } );
392 $shelflist->{$number}->{confirm} = $number;
393 }
394 $stay = 0;
395 next;
396 }
397 }
398 my $name;
399 if ( defined $shelflist->{$number} ) {
400 $name = $shelflist->{$number}->{'shelfname'};
401 delete $shelflist->{$number};
402 }
403 unless ( DelShelf($number) ) {
404 push( @paramsloop, { delete_fail => $name } );
405 last;
406 }
407 push( @paramsloop, { delete_ok => $name } );
408
409 $stay = 0;
410 }
411 $showadd = 1;
412 if ($stay){
413 $template->param( shelves => 1 );
414 $shelves = 1;
415 }
416 last SWITCH;
417 }
418 } # end of SWITCH block
419
420 (@paramsloop) and $template->param( paramsloop => \@paramsloop );
421 $showadd and $template->param( showadd => 1 );
422 my @shelvesloop;
423 my @shelveslooppriv;
424 my $numberCanManage = 0;
425
426 # rebuild shelflist in case a shelf has been added
427 $shelflist = GetShelves( $category, $shelveslimit, $shelvesoffset, $loggedinuser ) unless $delflag;
428 $totshelves = C4::VirtualShelves::GetShelfCount( $loggedinuser, $category ) unless $delflag;
429 foreach my $element ( sort { lc( $shelflist->{$a}->{'shelfname'} ) cmp lc( $shelflist->{$b}->{'shelfname'} ) } keys %$shelflist ) {
430 my %line;
431 $shelflist->{$element}->{shelf} = $element;
432 my $category = $shelflist->{$element}->{'category'};
433 my $owner = $shelflist->{$element}->{'owner'}||0;
434 my $canmanage = ShelfPossibleAction( $loggedinuser, $element, 'manage' );
435 my $candelete = ShelfPossibleAction( $loggedinuser, $element, 'delete_shelf' );
436 $shelflist->{$element}->{"viewcategory$category"} = 1;
437 $shelflist->{$element}->{manageshelf} = $canmanage;
438 $shelflist->{$element}->{allowdeletingshelf} = $candelete;
439 if($canmanage || ($loggedinuser && $owner==$loggedinuser)) {
440 $shelflist->{$element}->{'mine'} = 1;
441 }
442 my $member = GetMember( 'borrowernumber' => $owner );
443 $shelflist->{$element}->{ownername} = defined($member) ? $member->{firstname} . " " . $member->{surname} : '';
444 $numberCanManage++ if $canmanage; # possibly outmoded
445 if ( $shelflist->{$element}->{'category'} eq '1' ) {
446 $shelflist->{$element}->{shares} = IsSharedList($element);
447 push( @shelveslooppriv, $shelflist->{$element} );
448 } else {
449 push( @shelvesloop, $shelflist->{$element} );
450 }
451 }
452
453 my $url = $type eq 'opac' ? "/cgi-bin/koha/opac-shelves.pl" : "/cgi-bin/koha/virtualshelves/shelves.pl";
454 my %qhash = ();
455 foreach (qw(display viewshelf sortfield sort direction)) {
456 $qhash{$_} = $query->param($_) if $query->param($_);
457 }
458 ( scalar keys %qhash ) and $url .= '?' . join '&', map { "$_=$qhash{$_}" } keys %qhash;
459 if ( $shelfnumber && $totitems ) {
460 $template->param( pagination_bar => pagination_bar( $url, ( int( $totitems / $shelflimit ) ) + ( ( $totitems % $shelflimit ) > 0 ? 1 : 0 ), $itemoff, "itemoff" ) );
461 } elsif ( $totshelves ) {
462 $template->param(
463 pagination_bar => pagination_bar( $url, ( int( $totshelves / $shelveslimit ) ) + ( ( $totshelves % $shelveslimit ) > 0 ? 1 : 0 ), $shelfoff, "shelfoff" ) );
464 }
465 $template->param(
466 shelveslooppriv => \@shelveslooppriv,
467 shelvesloop => \@shelvesloop,
468 shelvesloopall => [ ( @shelvesloop, @shelveslooppriv ) ],
469 numberCanManage => $numberCanManage,
470 "BiblioDefaultView" . C4::Context->preference("BiblioDefaultView") => 1,
471 csv_profiles => GetCsvProfilesLoop('marc')
472 );
473 if ( $shelfnumber
474 or $shelves
475 or $edit ) {
476 $template->param( vseflag => 1 );
477 }
478 if ($shelves or # note: this part looks duplicative, but is intentional
479 $edit
480 ) {
481 $template->param( seflag => 1 );
482 #This hack is just another argument for refactoring this script one day
483 #At this point you are adding or editing a list; if you add, then you add a private list (by default) with permissions as below; if you edit, do not pass these permissions, they must come from the database
484 $template->param( allow_add => 0, allow_delete_own => 1, allow_delete_other => 0) unless $shelfnumber;
485 }
486
487 #Next call updates the shelves for the Lists button.
488 #May not always be needed (when nothing changed), but doesn't take much.
489 my ($total, $pubshelves, $barshelves) = C4::VirtualShelves::GetSomeShelfNames($loggedinuser, 'MASTHEAD');
490 $template->param(
491 barshelves => $total->{bartotal},
492 barshelvesloop => $barshelves,
493 pubshelves => $total->{pubtotal},
494 pubshelvesloop => $pubshelves,
495 );
496
497 output_html_with_http_headers $query, $cookie, $template->output;
498 }
499
500 1;
501 __END__
502
503 =head1 NAME
504
505 VirtualShelves/Page.pm
506
507 =head1 DESCRIPTION
508
509 Module used for both OPAC and intranet pages.
510
511 =head1 CGI PARAMETERS
512
513 =over 4
514
515 =item C<modifyshelfcontents>
516
517 If this script has to modify the shelf content.
518
519 =item C<shelfnumber>
520
521 To know on which shelf to work.
522
523 =item C<addbarcode>
524
525 =item C<op>
526
527 Op can be:
528 * modif: show the template allowing modification of the shelves;
529 * modifsave: save changes from modif mode.
530
531 =item C<viewshelf>
532
533 Load template with 'viewshelves param' displaying the shelf's information.
534
535 =item C<shelves>
536
537 If the param shelves == 1, then add or delete a shelf.
538
539 =item C<addshelf>
540
541 If the param shelves == 1, then addshelf is the name of the shelf to add.
542
543 =back
544
545 =cut
Koha ILS