[open-ils-commits] [GIT] Evergreen ILS branch rel_3_2 updated. b2ba405de363d478c5e3dccc3cca095049ca3af0
Evergreen Git
git at git.evergreen-ils.org
Tue Oct 1 18:51:38 EDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, rel_3_2 has been updated
via b2ba405de363d478c5e3dccc3cca095049ca3af0 (commit)
via f4b90f26f8641c65592fbe0462211c6ac98ca043 (commit)
via 1bd9dd270f2a004fca52128f7cab7489c0b6399b (commit)
via 6a3a499c4cf91edfc03df18921d09093f94c6976 (commit)
via f846825fcf10e11ce25b983969ec8ce090397502 (commit)
from 474831f9f2102b6de9fd825a7e1799826f11bc0c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b2ba405de363d478c5e3dccc3cca095049ca3af0
Author: Jane Sandberg <sandbej at linnbenton.edu>
Date: Tue Oct 1 14:47:07 2019 -0700
LP1842940: stamping and slight tweak to upgrade script
Mike Rylander suggested the INSERT ... SELECT ... WHERE NOT
EXISTS approach, since this fix is being backported to older
releases, and we don't want to cause duplicate entries or
upgrade failures if the perm already exists
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index 39a9467f28..bb2b8bd4fa 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -92,7 +92,7 @@ CREATE TRIGGER no_overlapping_deps
BEFORE INSERT OR UPDATE ON config.db_patch_dependencies
FOR EACH ROW EXECUTE PROCEDURE evergreen.array_overlap_check ('deprecates');
-INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1190', :eg_version); -- Dyrcona/gmcharlt
+INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1191', :eg_version); -- miker/jeffdavis/sandbergja
CREATE TABLE config.bib_source (
id SERIAL PRIMARY KEY,
diff --git a/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
new file mode 100644
index 0000000000..7c88580457
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
@@ -0,0 +1,14 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('1191', :eg_version);
+
+INSERT INTO permission.perm_list ( id, code, description ) SELECT DISTINCT
+ 619,
+ 'EDIT_SELF_IN_CLIENT',
+ oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'
+ )
+ FROM permission.perm_list
+ WHERE NOT EXISTS (SELECT 1 FROM permission.perm_list WHERE code = 'EDIT_SELF_IN_CLIENT');
+
+COMMIT;
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
deleted file mode 100644
index 2a12998264..0000000000
--- a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-BEGIN;
-
-SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
-
-INSERT INTO permission.perm_list ( id, code, description ) VALUES
-( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
- 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
-;
-
-COMMIT;
commit f4b90f26f8641c65592fbe0462211c6ac98ca043
Author: Mike Rylander <mrylander at gmail.com>
Date: Tue Sep 17 11:07:04 2019 -0400
LP#1842940: Improve Alert
Attempt to float the alerts below the sticky bar and above the main
content of the user editor.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2 b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
index 72969fc350..6f4ef6e19a 100644
--- a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
+++ b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
@@ -36,11 +36,13 @@
ng-disabled="edit_passthru.hide_save_actions()"
ng_click="edit_passthru.save({clone:true})">[% l('Save & Clone') %]</button>
</span>
- <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
- [% l('Editing your own account is disallowed') %]
- </div>
- <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
- [% l('Editing users in this group is disallowed') %]
+ <div id="no-edit-alert-container">
+ <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
+ [% l('Editing your own account is disallowed') %]
+ </div>
+ <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
+ [% l('Editing users in this group is disallowed') %]
+ </div>
</div>
</div>
diff --git a/Open-ILS/src/templates/staff/css/circ.css.tt2 b/Open-ILS/src/templates/staff/css/circ.css.tt2
index 798117ebad..3e445816b8 100644
--- a/Open-ILS/src/templates/staff/css/circ.css.tt2
+++ b/Open-ILS/src/templates/staff/css/circ.css.tt2
@@ -196,6 +196,12 @@ but the ones I'm finding aren't quite cutting it..*/
margin-bottom: 5px;
}
+#no-edit-alert-container {
+ position: absolute;
+ bottom: -200px;
+ z-index: 10;
+}
+
/* -- end patron registration -- */
[%#
commit 1bd9dd270f2a004fca52128f7cab7489c0b6399b
Author: Mike Rylander <mrylander at gmail.com>
Date: Wed Sep 11 14:46:44 2019 -0400
LP#1842940: Alert when editing is disallowed
Provide functions that checks the permissions required to edit ones
own account, or accounts in groups based on group application
permissions, and alert the user if and why they can't edit an account.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2 b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
index 76414f9468..72969fc350 100644
--- a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
+++ b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
@@ -36,5 +36,11 @@
ng-disabled="edit_passthru.hide_save_actions()"
ng_click="edit_passthru.save({clone:true})">[% l('Save & Clone') %]</button>
</span>
+ <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
+ [% l('Editing your own account is disallowed') %]
+ </div>
+ <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
+ [% l('Editing users in this group is disallowed') %]
+ </div>
</div>
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index 6320a92c9e..718be6f76b 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -2008,13 +2008,17 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
return !egCore.org.CanHaveVolumes(org_id);
}
- // Returns true if the Save and Save & Clone buttons should be disabled.
- $scope.edit_passthru.hide_save_actions = function() {
+ // Returns true if attempting to edit self, but perms don't allow
+ $scope.edit_passthru.self_edit_disallowed = function() {
if ($scope.patron.id
&& $scope.patron.id == egCore.auth.user().id()
&& !$scope.perms.EDIT_SELF_IN_CLIENT
) return true;
+ return false;
+ }
+ // Returns true if attempting to edit a user without appropriate group application perms
+ $scope.edit_passthru.group_edit_disallowed = function() {
if ( $scope.patron.profile
&& patronRegSvc
.edit_profiles
@@ -2022,6 +2026,13 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
return $scope.patron.profile.id() == p.id();
}).length == 0
) return true;
+ return false;
+ }
+
+ // Returns true if the Save and Save & Clone buttons should be disabled.
+ $scope.edit_passthru.hide_save_actions = function() {
+ if ($scope.edit_passthru.self_edit_disallowed()) return true;
+ if ($scope.edit_passthru.group_edit_disallowed()) return true;
return $scope.patron.isnew ?
!$scope.perms.CREATE_USER :
diff --git a/Open-ILS/web/js/ui/default/staff/offline.js b/Open-ILS/web/js/ui/default/staff/offline.js
index 7d80de6d5f..2a3f820c58 100644
--- a/Open-ILS/web/js/ui/default/staff/offline.js
+++ b/Open-ILS/web/js/ui/default/staff/offline.js
@@ -2090,6 +2090,14 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
);
}
+ $scope.edit_passthru.self_edit_disallowed = function() {
+ return false;
+ }
+
+ $scope.edit_passthru.group_edit_disallowed = function() {
+ return false;
+ }
+
// Returns true if the Save and Save & Clone buttons should be disabled.
$scope.edit_passthru.hide_save_actions = function() {
return false;
commit 6a3a499c4cf91edfc03df18921d09093f94c6976
Author: Jeff Davis <jeff.davis at bc.libraries.coop>
Date: Thu Sep 5 10:23:55 2019 -0700
LP#1842940: add perm to permit staff to edit their own accounts in the client
Signed-off-by: Jeff Davis <jeff.davis at bc.libraries.coop>
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
index 2da8048fc1..9e96bfdb17 100644
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1915,7 +1915,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
( 609, 'MANAGE_CUSTOM_PERM_GRP_TREE', oils_i18n_gettext( 609,
'Allows a user to manage custom permission group lists.', 'ppl', 'description' )),
( 610, 'CLEAR_PURCHASE_REQUEST', oils_i18n_gettext(610,
- 'Clear Completed User Purchase Requests', 'ppl', 'description'))
+ 'Clear Completed User Purchase Requests', 'ppl', 'description')),
+ ( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
;
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
new file mode 100644
index 0000000000..2a12998264
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
@@ -0,0 +1,10 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+INSERT INTO permission.perm_list ( id, code, description ) VALUES
+( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
+;
+
+COMMIT;
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index 07a799f170..6320a92c9e 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -246,6 +246,7 @@ angular.module('egCoreMod')
service.has_perms_for_org = function(org_id) {
var perms_needed = [
+ 'EDIT_SELF_IN_CLIENT',
'UPDATE_USER',
'CREATE_USER',
'CREATE_USER_GROUP_LINK',
@@ -2011,6 +2012,7 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
$scope.edit_passthru.hide_save_actions = function() {
if ($scope.patron.id
&& $scope.patron.id == egCore.auth.user().id()
+ && !$scope.perms.EDIT_SELF_IN_CLIENT
) return true;
if ( $scope.patron.profile
commit f846825fcf10e11ce25b983969ec8ce090397502
Author: Mike Rylander <mrylander at gmail.com>
Date: Thu Sep 5 11:34:51 2019 -0400
LP#1842940: Don't allow self-edit or perm-restricted edit
Pre-webstaff, we disallowed editing of ones own record, an of records
that have a group application permission that the staff do not possess.
This commit brings back those restrictions.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index 58037fbcfb..07a799f170 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -1524,6 +1524,8 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
// grp is the pgt object
$scope.set_profile = function(grp) {
+ // If we can't save because of group perms or create/update perms
+ if ($scope.edit_passthru.hide_save_actions()) return;
$scope.patron.profile = grp;
$scope.set_expire_date();
$scope.field_modified();
@@ -2007,6 +2009,18 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
// Returns true if the Save and Save & Clone buttons should be disabled.
$scope.edit_passthru.hide_save_actions = function() {
+ if ($scope.patron.id
+ && $scope.patron.id == egCore.auth.user().id()
+ ) return true;
+
+ if ( $scope.patron.profile
+ && patronRegSvc
+ .edit_profiles
+ .filter(function(p) {
+ return $scope.patron.profile.id() == p.id();
+ }).length == 0
+ ) return true;
+
return $scope.patron.isnew ?
!$scope.perms.CREATE_USER :
!$scope.perms.UPDATE_USER;
-----------------------------------------------------------------------
Summary of changes:
Open-ILS/src/sql/Pg/002.schema.config.sql | 2 +-
Open-ILS/src/sql/Pg/950.data.seed-values.sql | 4 +++-
.../1191.data.lp1842940_staff_edit_self_perm.sql | 14 +++++++++++
.../templates/staff/circ/patron/reg_actions.tt2 | 8 +++++++
Open-ILS/src/templates/staff/css/circ.css.tt2 | 6 +++++
.../web/js/ui/default/staff/circ/patron/regctl.js | 27 ++++++++++++++++++++++
Open-ILS/web/js/ui/default/staff/offline.js | 8 +++++++
7 files changed, 67 insertions(+), 2 deletions(-)
create mode 100644 Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list