[open-ils-commits] [GIT] Evergreen ILS branch rel_3_3 updated. df12481472fd7d7f73b827fa24f7041df4ef9fe7
Evergreen Git
git at git.evergreen-ils.org
Tue Oct 1 18:51:51 EDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, rel_3_3 has been updated
via df12481472fd7d7f73b827fa24f7041df4ef9fe7 (commit)
via d55719ae78a779e3f3700458c387af461ddc95fb (commit)
via a344b4f4c673db98c7d68bfa7434b42facf1c9a1 (commit)
via 2b3eaf7f66c22bdaa8d27a0322b9935d5110563a (commit)
via fad7cdd2950fd21cb62229af5790dd5722a0fdd4 (commit)
from 8e8cd76ed09bfd64ee87abd7cfaf46609840b3a0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit df12481472fd7d7f73b827fa24f7041df4ef9fe7
Author: Jane Sandberg <sandbej at linnbenton.edu>
Date: Tue Oct 1 14:47:07 2019 -0700
LP1842940: stamping and slight tweak to upgrade script
Mike Rylander suggested the INSERT ... SELECT ... WHERE NOT
EXISTS approach, since this fix is being backported to older
releases, and we don't want to cause duplicate entries or
upgrade failures if the perm already exists
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index 39a9467f28..bb2b8bd4fa 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -92,7 +92,7 @@ CREATE TRIGGER no_overlapping_deps
BEFORE INSERT OR UPDATE ON config.db_patch_dependencies
FOR EACH ROW EXECUTE PROCEDURE evergreen.array_overlap_check ('deprecates');
-INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1190', :eg_version); -- Dyrcona/gmcharlt
+INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1191', :eg_version); -- miker/jeffdavis/sandbergja
CREATE TABLE config.bib_source (
id SERIAL PRIMARY KEY,
diff --git a/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
new file mode 100644
index 0000000000..7c88580457
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
@@ -0,0 +1,14 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('1191', :eg_version);
+
+INSERT INTO permission.perm_list ( id, code, description ) SELECT DISTINCT
+ 619,
+ 'EDIT_SELF_IN_CLIENT',
+ oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'
+ )
+ FROM permission.perm_list
+ WHERE NOT EXISTS (SELECT 1 FROM permission.perm_list WHERE code = 'EDIT_SELF_IN_CLIENT');
+
+COMMIT;
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
deleted file mode 100644
index 2a12998264..0000000000
--- a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-BEGIN;
-
-SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
-
-INSERT INTO permission.perm_list ( id, code, description ) VALUES
-( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
- 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
-;
-
-COMMIT;
commit d55719ae78a779e3f3700458c387af461ddc95fb
Author: Mike Rylander <mrylander at gmail.com>
Date: Tue Sep 17 11:07:04 2019 -0400
LP#1842940: Improve Alert
Attempt to float the alerts below the sticky bar and above the main
content of the user editor.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2 b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
index 72969fc350..6f4ef6e19a 100644
--- a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
+++ b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
@@ -36,11 +36,13 @@
ng-disabled="edit_passthru.hide_save_actions()"
ng_click="edit_passthru.save({clone:true})">[% l('Save & Clone') %]</button>
</span>
- <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
- [% l('Editing your own account is disallowed') %]
- </div>
- <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
- [% l('Editing users in this group is disallowed') %]
+ <div id="no-edit-alert-container">
+ <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
+ [% l('Editing your own account is disallowed') %]
+ </div>
+ <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
+ [% l('Editing users in this group is disallowed') %]
+ </div>
</div>
</div>
diff --git a/Open-ILS/src/templates/staff/css/circ.css.tt2 b/Open-ILS/src/templates/staff/css/circ.css.tt2
index 798117ebad..3e445816b8 100644
--- a/Open-ILS/src/templates/staff/css/circ.css.tt2
+++ b/Open-ILS/src/templates/staff/css/circ.css.tt2
@@ -196,6 +196,12 @@ but the ones I'm finding aren't quite cutting it..*/
margin-bottom: 5px;
}
+#no-edit-alert-container {
+ position: absolute;
+ bottom: -200px;
+ z-index: 10;
+}
+
/* -- end patron registration -- */
[%#
commit a344b4f4c673db98c7d68bfa7434b42facf1c9a1
Author: Mike Rylander <mrylander at gmail.com>
Date: Wed Sep 11 14:46:44 2019 -0400
LP#1842940: Alert when editing is disallowed
Provide functions that checks the permissions required to edit ones
own account, or accounts in groups based on group application
permissions, and alert the user if and why they can't edit an account.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2 b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
index 76414f9468..72969fc350 100644
--- a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
+++ b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
@@ -36,5 +36,11 @@
ng-disabled="edit_passthru.hide_save_actions()"
ng_click="edit_passthru.save({clone:true})">[% l('Save & Clone') %]</button>
</span>
+ <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
+ [% l('Editing your own account is disallowed') %]
+ </div>
+ <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
+ [% l('Editing users in this group is disallowed') %]
+ </div>
</div>
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index b39bf1f00d..ea29c0de5d 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -2065,13 +2065,17 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
return !egCore.org.CanHaveVolumes(org_id);
}
- // Returns true if the Save and Save & Clone buttons should be disabled.
- $scope.edit_passthru.hide_save_actions = function() {
+ // Returns true if attempting to edit self, but perms don't allow
+ $scope.edit_passthru.self_edit_disallowed = function() {
if ($scope.patron.id
&& $scope.patron.id == egCore.auth.user().id()
&& !$scope.perms.EDIT_SELF_IN_CLIENT
) return true;
+ return false;
+ }
+ // Returns true if attempting to edit a user without appropriate group application perms
+ $scope.edit_passthru.group_edit_disallowed = function() {
if ( $scope.patron.profile
&& patronRegSvc
.edit_profiles
@@ -2079,6 +2083,13 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
return $scope.patron.profile.id() == p.id();
}).length == 0
) return true;
+ return false;
+ }
+
+ // Returns true if the Save and Save & Clone buttons should be disabled.
+ $scope.edit_passthru.hide_save_actions = function() {
+ if ($scope.edit_passthru.self_edit_disallowed()) return true;
+ if ($scope.edit_passthru.group_edit_disallowed()) return true;
return $scope.patron.isnew ?
!$scope.perms.CREATE_USER :
diff --git a/Open-ILS/web/js/ui/default/staff/offline.js b/Open-ILS/web/js/ui/default/staff/offline.js
index 7d80de6d5f..2a3f820c58 100644
--- a/Open-ILS/web/js/ui/default/staff/offline.js
+++ b/Open-ILS/web/js/ui/default/staff/offline.js
@@ -2090,6 +2090,14 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
);
}
+ $scope.edit_passthru.self_edit_disallowed = function() {
+ return false;
+ }
+
+ $scope.edit_passthru.group_edit_disallowed = function() {
+ return false;
+ }
+
// Returns true if the Save and Save & Clone buttons should be disabled.
$scope.edit_passthru.hide_save_actions = function() {
return false;
commit 2b3eaf7f66c22bdaa8d27a0322b9935d5110563a
Author: Jeff Davis <jeff.davis at bc.libraries.coop>
Date: Thu Sep 5 10:23:55 2019 -0700
LP#1842940: add perm to permit staff to edit their own accounts in the client
Signed-off-by: Jeff Davis <jeff.davis at bc.libraries.coop>
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
index c692cc638e..8c0d5fd12e 100644
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1915,7 +1915,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
( 609, 'MANAGE_CUSTOM_PERM_GRP_TREE', oils_i18n_gettext( 609,
'Allows a user to manage custom permission group lists.', 'ppl', 'description' )),
( 610, 'CLEAR_PURCHASE_REQUEST', oils_i18n_gettext(610,
- 'Clear Completed User Purchase Requests', 'ppl', 'description'))
+ 'Clear Completed User Purchase Requests', 'ppl', 'description')),
+ ( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
;
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
new file mode 100644
index 0000000000..2a12998264
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
@@ -0,0 +1,10 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+INSERT INTO permission.perm_list ( id, code, description ) VALUES
+( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
+;
+
+COMMIT;
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index de0034db49..b39bf1f00d 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -246,6 +246,7 @@ angular.module('egCoreMod')
service.has_perms_for_org = function(org_id) {
var perms_needed = [
+ 'EDIT_SELF_IN_CLIENT',
'UPDATE_USER',
'CREATE_USER',
'CREATE_USER_GROUP_LINK',
@@ -2068,6 +2069,7 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
$scope.edit_passthru.hide_save_actions = function() {
if ($scope.patron.id
&& $scope.patron.id == egCore.auth.user().id()
+ && !$scope.perms.EDIT_SELF_IN_CLIENT
) return true;
if ( $scope.patron.profile
commit fad7cdd2950fd21cb62229af5790dd5722a0fdd4
Author: Mike Rylander <mrylander at gmail.com>
Date: Thu Sep 5 11:34:51 2019 -0400
LP#1842940: Don't allow self-edit or perm-restricted edit
Pre-webstaff, we disallowed editing of ones own record, an of records
that have a group application permission that the staff do not possess.
This commit brings back those restrictions.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index b987d0bc51..de0034db49 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -1563,6 +1563,8 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
// grp is the pgt object
$scope.set_profile = function(grp) {
+ // If we can't save because of group perms or create/update perms
+ if ($scope.edit_passthru.hide_save_actions()) return;
$scope.patron.profile = grp;
$scope.set_expire_date();
$scope.field_modified();
@@ -2064,6 +2066,18 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
// Returns true if the Save and Save & Clone buttons should be disabled.
$scope.edit_passthru.hide_save_actions = function() {
+ if ($scope.patron.id
+ && $scope.patron.id == egCore.auth.user().id()
+ ) return true;
+
+ if ( $scope.patron.profile
+ && patronRegSvc
+ .edit_profiles
+ .filter(function(p) {
+ return $scope.patron.profile.id() == p.id();
+ }).length == 0
+ ) return true;
+
return $scope.patron.isnew ?
!$scope.perms.CREATE_USER :
!$scope.perms.UPDATE_USER;
-----------------------------------------------------------------------
Summary of changes:
Open-ILS/src/sql/Pg/002.schema.config.sql | 2 +-
Open-ILS/src/sql/Pg/950.data.seed-values.sql | 4 +++-
.../1191.data.lp1842940_staff_edit_self_perm.sql | 14 +++++++++++
.../templates/staff/circ/patron/reg_actions.tt2 | 8 +++++++
Open-ILS/src/templates/staff/css/circ.css.tt2 | 6 +++++
.../web/js/ui/default/staff/circ/patron/regctl.js | 27 ++++++++++++++++++++++
Open-ILS/web/js/ui/default/staff/offline.js | 8 +++++++
7 files changed, 67 insertions(+), 2 deletions(-)
create mode 100644 Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list