[open-ils-commits] [GIT] Evergreen ILS branch master updated. e2ed5405cd97efc908f2acf470678894dcf5f544
Evergreen Git
git at git.evergreen-ils.org
Tue Oct 1 18:52:15 EDT 2019
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Evergreen ILS".
The branch, master has been updated
via e2ed5405cd97efc908f2acf470678894dcf5f544 (commit)
via 759258ce4e53d8d71d3c1956b95523d8162ce9e0 (commit)
via 8734da6411fe129fdcba8018ec77e0ffe213c20c (commit)
via 1a25eca932b6121fa24406a073052884ddb44412 (commit)
via 401dce885e6b23294533b2fb840a67758ed90b38 (commit)
from d4a3c61e63247c2794ef42c21f1d1d721d002848 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e2ed5405cd97efc908f2acf470678894dcf5f544
Author: Jane Sandberg <sandbej at linnbenton.edu>
Date: Tue Oct 1 14:47:07 2019 -0700
LP1842940: stamping and slight tweak to upgrade script
Mike Rylander suggested the INSERT ... SELECT ... WHERE NOT
EXISTS approach, since this fix is being backported to older
releases, and we don't want to cause duplicate entries or
upgrade failures if the perm already exists
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql
index 17b7556ca3..d40a36d9d1 100644
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -92,7 +92,7 @@ CREATE TRIGGER no_overlapping_deps
BEFORE INSERT OR UPDATE ON config.db_patch_dependencies
FOR EACH ROW EXECUTE PROCEDURE evergreen.array_overlap_check ('deprecates');
-INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1190', :eg_version); -- Dyrcona/gmcharlt
+INSERT INTO config.upgrade_log (version, applied_to) VALUES ('1191', :eg_version); -- miker/jeffdavis/sandbergja
CREATE TABLE config.bib_source (
id SERIAL PRIMARY KEY,
diff --git a/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
new file mode 100644
index 0000000000..7c88580457
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
@@ -0,0 +1,14 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('1191', :eg_version);
+
+INSERT INTO permission.perm_list ( id, code, description ) SELECT DISTINCT
+ 619,
+ 'EDIT_SELF_IN_CLIENT',
+ oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'
+ )
+ FROM permission.perm_list
+ WHERE NOT EXISTS (SELECT 1 FROM permission.perm_list WHERE code = 'EDIT_SELF_IN_CLIENT');
+
+COMMIT;
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
deleted file mode 100644
index 2a12998264..0000000000
--- a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-BEGIN;
-
-SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
-
-INSERT INTO permission.perm_list ( id, code, description ) VALUES
-( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
- 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
-;
-
-COMMIT;
commit 759258ce4e53d8d71d3c1956b95523d8162ce9e0
Author: Mike Rylander <mrylander at gmail.com>
Date: Tue Sep 17 11:07:04 2019 -0400
LP#1842940: Improve Alert
Attempt to float the alerts below the sticky bar and above the main
content of the user editor.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2 b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
index 72969fc350..6f4ef6e19a 100644
--- a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
+++ b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
@@ -36,11 +36,13 @@
ng-disabled="edit_passthru.hide_save_actions()"
ng_click="edit_passthru.save({clone:true})">[% l('Save & Clone') %]</button>
</span>
- <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
- [% l('Editing your own account is disallowed') %]
- </div>
- <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
- [% l('Editing users in this group is disallowed') %]
+ <div id="no-edit-alert-container">
+ <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
+ [% l('Editing your own account is disallowed') %]
+ </div>
+ <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
+ [% l('Editing users in this group is disallowed') %]
+ </div>
</div>
</div>
diff --git a/Open-ILS/src/templates/staff/css/circ.css.tt2 b/Open-ILS/src/templates/staff/css/circ.css.tt2
index 798117ebad..3e445816b8 100644
--- a/Open-ILS/src/templates/staff/css/circ.css.tt2
+++ b/Open-ILS/src/templates/staff/css/circ.css.tt2
@@ -196,6 +196,12 @@ but the ones I'm finding aren't quite cutting it..*/
margin-bottom: 5px;
}
+#no-edit-alert-container {
+ position: absolute;
+ bottom: -200px;
+ z-index: 10;
+}
+
/* -- end patron registration -- */
[%#
commit 8734da6411fe129fdcba8018ec77e0ffe213c20c
Author: Mike Rylander <mrylander at gmail.com>
Date: Wed Sep 11 14:46:44 2019 -0400
LP#1842940: Alert when editing is disallowed
Provide functions that checks the permissions required to edit ones
own account, or accounts in groups based on group application
permissions, and alert the user if and why they can't edit an account.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2 b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
index 76414f9468..72969fc350 100644
--- a/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
+++ b/Open-ILS/src/templates/staff/circ/patron/reg_actions.tt2
@@ -36,5 +36,11 @@
ng-disabled="edit_passthru.hide_save_actions()"
ng_click="edit_passthru.save({clone:true})">[% l('Save & Clone') %]</button>
</span>
+ <div class="alert alert-warning" ng-show="edit_passthru.self_edit_disallowed()">
+ [% l('Editing your own account is disallowed') %]
+ </div>
+ <div class="alert alert-warning" ng-show="edit_passthru.group_edit_disallowed()">
+ [% l('Editing users in this group is disallowed') %]
+ </div>
</div>
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index 885df71bc9..5949658912 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -2066,13 +2066,17 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
return !egCore.org.CanHaveVolumes(org_id);
}
- // Returns true if the Save and Save & Clone buttons should be disabled.
- $scope.edit_passthru.hide_save_actions = function() {
+ // Returns true if attempting to edit self, but perms don't allow
+ $scope.edit_passthru.self_edit_disallowed = function() {
if ($scope.patron.id
&& $scope.patron.id == egCore.auth.user().id()
&& !$scope.perms.EDIT_SELF_IN_CLIENT
) return true;
+ return false;
+ }
+ // Returns true if attempting to edit a user without appropriate group application perms
+ $scope.edit_passthru.group_edit_disallowed = function() {
if ( $scope.patron.profile
&& patronRegSvc
.edit_profiles
@@ -2080,6 +2084,13 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
return $scope.patron.profile.id() == p.id();
}).length == 0
) return true;
+ return false;
+ }
+
+ // Returns true if the Save and Save & Clone buttons should be disabled.
+ $scope.edit_passthru.hide_save_actions = function() {
+ if ($scope.edit_passthru.self_edit_disallowed()) return true;
+ if ($scope.edit_passthru.group_edit_disallowed()) return true;
return $scope.patron.isnew ?
!$scope.perms.CREATE_USER :
diff --git a/Open-ILS/web/js/ui/default/staff/offline.js b/Open-ILS/web/js/ui/default/staff/offline.js
index 7d80de6d5f..2a3f820c58 100644
--- a/Open-ILS/web/js/ui/default/staff/offline.js
+++ b/Open-ILS/web/js/ui/default/staff/offline.js
@@ -2090,6 +2090,14 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
);
}
+ $scope.edit_passthru.self_edit_disallowed = function() {
+ return false;
+ }
+
+ $scope.edit_passthru.group_edit_disallowed = function() {
+ return false;
+ }
+
// Returns true if the Save and Save & Clone buttons should be disabled.
$scope.edit_passthru.hide_save_actions = function() {
return false;
commit 1a25eca932b6121fa24406a073052884ddb44412
Author: Jeff Davis <jeff.davis at bc.libraries.coop>
Date: Thu Sep 5 10:23:55 2019 -0700
LP#1842940: add perm to permit staff to edit their own accounts in the client
Signed-off-by: Jeff Davis <jeff.davis at bc.libraries.coop>
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
index e0567d2236..a22875e4bb 100644
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1931,7 +1931,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
( 617, 'IMPORT_ON_ORDER_CAT_COPY', oils_i18n_gettext( 617,
'Allows users to import copies based on the on-order items attached to a record', 'ppl', 'description' )),
( 618, 'CREATE_PRECAT', oils_i18n_gettext(618,
- 'Allows a user to create a pre-catalogued copy', 'ppl', 'description'))
+ 'Allows a user to create a pre-catalogued copy', 'ppl', 'description')),
+ ( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
;
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
new file mode 100644
index 0000000000..2a12998264
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.lp1842940_staff_edit_self_perm.sql
@@ -0,0 +1,10 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+INSERT INTO permission.perm_list ( id, code, description ) VALUES
+( 619, 'EDIT_SELF_IN_CLIENT', oils_i18n_gettext(619,
+ 'Allow a user to edit their own account in the staff client', 'ppl', 'description'))
+;
+
+COMMIT;
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index 1d34476fef..885df71bc9 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -246,6 +246,7 @@ angular.module('egCoreMod')
service.has_perms_for_org = function(org_id) {
var perms_needed = [
+ 'EDIT_SELF_IN_CLIENT',
'UPDATE_USER',
'CREATE_USER',
'CREATE_USER_GROUP_LINK',
@@ -2069,6 +2070,7 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
$scope.edit_passthru.hide_save_actions = function() {
if ($scope.patron.id
&& $scope.patron.id == egCore.auth.user().id()
+ && !$scope.perms.EDIT_SELF_IN_CLIENT
) return true;
if ( $scope.patron.profile
commit 401dce885e6b23294533b2fb840a67758ed90b38
Author: Mike Rylander <mrylander at gmail.com>
Date: Thu Sep 5 11:34:51 2019 -0400
LP#1842940: Don't allow self-edit or perm-restricted edit
Pre-webstaff, we disallowed editing of ones own record, an of records
that have a group application permission that the staff do not possess.
This commit brings back those restrictions.
Signed-off-by: Mike Rylander <mrylander at gmail.com>
Signed-off-by: Jane Sandberg <sandbej at linnbenton.edu>
diff --git a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
index bcfbab817d..1d34476fef 100644
--- a/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
+++ b/Open-ILS/web/js/ui/default/staff/circ/patron/regctl.js
@@ -1564,6 +1564,8 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
// grp is the pgt object
$scope.set_profile = function(grp) {
+ // If we can't save because of group perms or create/update perms
+ if ($scope.edit_passthru.hide_save_actions()) return;
$scope.patron.profile = grp;
$scope.set_expire_date();
$scope.field_modified();
@@ -2065,6 +2067,18 @@ function($scope , $routeParams , $q , $uibModal , $window , egCore ,
// Returns true if the Save and Save & Clone buttons should be disabled.
$scope.edit_passthru.hide_save_actions = function() {
+ if ($scope.patron.id
+ && $scope.patron.id == egCore.auth.user().id()
+ ) return true;
+
+ if ( $scope.patron.profile
+ && patronRegSvc
+ .edit_profiles
+ .filter(function(p) {
+ return $scope.patron.profile.id() == p.id();
+ }).length == 0
+ ) return true;
+
return $scope.patron.isnew ?
!$scope.perms.CREATE_USER :
!$scope.perms.UPDATE_USER;
-----------------------------------------------------------------------
Summary of changes:
Open-ILS/src/sql/Pg/002.schema.config.sql | 2 +-
Open-ILS/src/sql/Pg/950.data.seed-values.sql | 4 +++-
.../1191.data.lp1842940_staff_edit_self_perm.sql | 14 +++++++++++
.../templates/staff/circ/patron/reg_actions.tt2 | 8 +++++++
Open-ILS/src/templates/staff/css/circ.css.tt2 | 6 +++++
.../web/js/ui/default/staff/circ/patron/regctl.js | 27 ++++++++++++++++++++++
Open-ILS/web/js/ui/default/staff/offline.js | 8 +++++++
7 files changed, 67 insertions(+), 2 deletions(-)
create mode 100644 Open-ILS/src/sql/Pg/upgrade/1191.data.lp1842940_staff_edit_self_perm.sql
hooks/post-receive
--
Evergreen ILS
More information about the open-ils-commits
mailing list