opac/opac-patron-consent.pl

   1 #!/usr/bin/perl
   2
   3 # Copyright 2018 Rijksmuseum
   4 #
   5 # This file is part of Koha.
   6 #
   7 # Koha is free software; you can redistribute it and/or modify it under the
   8 # terms of the GNU General Public License as published by the Free Software
   9 # Foundation; either version 3 of the License, or (at your option) any later
  10 # version.
  11 #
  12 # Koha is distributed in the hope that it will be useful, but WITHOUT ANY
  13 # WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
  14 # A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
  15 #
  16 # You should have received a copy of the GNU General Public License along
  17 # with Koha; if not, write to the Free Software Foundation, Inc.,
  18 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  19
  20 use Modern::Perl;
  21 use CGI qw/-utf8/;
  22
  23 use C4::Auth qw/get_template_and_user/;
  24 use C4::Output qw/output_html_with_http_headers/;
  25 use Koha::DateUtils qw/dt_from_string/;
  26 use Koha::Patron::Consents;
  27 use Koha::Patrons;
  28
  29 use constant GDPR_PROCESSING => 'GDPR_PROCESSING';
  30
  31 my $query = new CGI;
  32 my $op = $query->param('op') // q{};
  33 my $gdpr_check = $query->param('gdpr_processing') // q{};
  34
  35 my ( $template, $borrowernumber, $cookie ) = get_template_and_user({
  36     template_name   => "opac-patron-consent.tt",
  37     query           => $query,
  38     type            => "opac",
  39     authnotrequired => 0,
  40 });
  41
  42 my $patron = Koha::Patrons->find($borrowernumber);
  43 my $gdpr_proc_consent;
  44 if( C4::Context->preference('GDPR_Policy') ) {
  45     $gdpr_proc_consent = Koha::Patron::Consents->search({
  46         borrowernumber => $borrowernumber,
  47         type => GDPR_PROCESSING,
  48     })->next;
  49     $gdpr_proc_consent //= Koha::Patron::Consent->new({
  50         borrowernumber => $borrowernumber,
  51         type => GDPR_PROCESSING,
  52     });
  53 }
  54
  55 # Handle saves here
  56 if( $op eq 'gdpr_proc_save' && $gdpr_proc_consent ) {
  57     if( $gdpr_check eq 'agreed' ) {
  58         $gdpr_proc_consent->given_on( dt_from_string() );
  59         $gdpr_proc_consent->refused_on( undef );
  60     } elsif( $gdpr_check eq 'disagreed' ) {
  61         $gdpr_proc_consent->given_on( undef );
  62         $gdpr_proc_consent->refused_on( dt_from_string() );
  63     }
  64     $gdpr_proc_consent->store;
  65 }
  66
  67 # If user refused GDPR consent and we enforce GDPR, logout (when saving)
  68 if( $op =~ /save/ && C4::Context->preference('GDPR_Policy') eq 'Enforced' && $gdpr_proc_consent->refused_on )
  69 {
  70     print $query->redirect('/cgi-bin/koha/opac-main.pl?logout.x=1');
  71     exit;
  72 }
  73
  74 $template->param( patron => $patron );
  75 if( $gdpr_proc_consent ) {
  76     $template->param(
  77         gdpr_proc_consent => $gdpr_proc_consent->given_on // q{},
  78         gdpr_proc_refusal => $gdpr_proc_consent->refused_on // q{},
  79     );
  80 }
  81
  82 output_html_with_http_headers $query, $cookie, $template->output, undef, { force_no_caching => 1 };