Commit 52c6eca0 authored by Benjamin Rokseth's avatar Benjamin Rokseth
Browse files

koha: fix checkauth on a bunch of intra pages

parent 718b4e4f
......@@ -67,7 +67,6 @@ sub Auth {
$auth or Deichman::Exception::Auth::InvalidSession->throw();
$session->put(auth => $auth);
}
use Data::Dumper; warn Dumper($session);
# decorate session with library, etc.
if ( my $userid = $session->param("userid") // $session->param("id") ) { # 'id' will be set for admin user as well
my $branchcode = $req->param("branch") || $auth->{branchcode};
......
......@@ -50,7 +50,10 @@ unless ( $patron ) {
my $add=$input->param('add');
if ($add){
if ( checkauth( $input, 0, $flagsrequired, 'intranet' ) ) {
my ( $session ) = checkauth();
my $auth = $session->param("auth");
my $permissions = $auth->{permissions};
if ( ($permissions->{updatecharges} and $permissions->{borrowers}) ) {
my $barcode = $input->param('barcode');
my $itemnum;
if ($barcode) {
......
......@@ -50,7 +50,10 @@ unless ( $patron ) {
my $add=$input->param('add');
if ($add){
if ( checkauth( $input, 0, $flagsrequired, 'intranet' ) ) {
my ( $session ) = checkauth();
my $auth = $session->param("auth");
my $permissions = $auth->{permissions};
if ( $permissions->{borrowers} ) {
# print $input->header;
my $barcode=$input->param('barcode');
my $itemnum;
......
......@@ -27,7 +27,11 @@ use Koha::Patron::Debarments;
my $cgi = new CGI;
my ( $loggedinuser, $cookie, $sessionID ) = checkauth( $cgi, 0, { borrowers => 1 }, 'intranet' );
#my ( $loggedinuser, $cookie, $sessionID ) = checkauth( $cgi, 0, { borrowers => 1 }, 'intranet' );
my ( $session ) = checkauth();
my $auth = $session->param("auth");
my $permissions = $auth->{permissions};
$permissions->{borrowers} || print $cgi->redirect("mainpage.pl");
my $borrowernumber = $cgi->param('borrowernumber');
my $action = $cgi->param('action');
......
......@@ -35,7 +35,11 @@ use Koha::Patrons;
my $input = new CGI;
checkauth($input, 0, { borrowers => 1 }, 'intranet');
#checkauth($input, 0, { borrowers => 1 }, 'intranet');
my ( $session ) = checkauth();
my $auth = $session->param("auth");
my $permissions = $auth->{permissions};
$permissions->{borrowers} || print $input->redirect("mainpage.pl");
my $destination = $input->param("destination") || '';
my $borrowernumber=$input->param('borrowernumber');
......
......@@ -27,9 +27,13 @@ use C4::Context;
use C4::Koha;
my $query = new CGI;
my ( $template, $loggedinuser, $cookie, $flags ) =
checkauth( $query, undef, { circulate => "circulate_remaining_permissions" },
"intranet" );
# my ( $template, $loggedinuser, $cookie, $flags ) =
# checkauth( $query, undef, { circulate => "circulate_remaining_permissions" },
# "intranet" );te
my ( $session ) = checkauth();
my $auth = $session->param("auth");
my $permissions = $auth->{permissions};
$permissions->{circulate}->{"circulate_remaining_permissions"} || print $input->redirect("mainpage.pl");
my $page = $query->param('page') || 0;
my $startrec = int($page) * 5000;
......
......@@ -29,7 +29,11 @@ my $subscriptionid = $query->param('subscriptionid');
my $routingid = $query->param('routingid');
my $rank = $query->param('rank');
checkauth( $query, 0, { serials => 'routing' }, 'intranet' );
#checkauth( $query, 0, { serials => 'routing' }, 'intranet' );
my ( $session ) = checkauth();
my $auth = $session->param("auth");
my $permissions = $auth->{permissions};
$permissions->{serials}->{routing} || print $query->redirect("mainpage.pl");
reorder_members( $subscriptionid, $routingid, $rank );
......
......@@ -95,8 +95,12 @@ if ($op eq 'del') {
}
my $hasRouting = check_routing($subscriptionid);
(undef, $cookie, undef, undef)
= checkauth($query, 0, {catalogue => 1}, "intranet");
#(undef, $cookie, undef, undef)
# = checkauth($query, 0, {catalogue => 1}, "intranet");
my ( $session ) = checkauth();
my $auth = $session->param("auth");
my $permissions = $auth->{permissions};
$permissions->{catalogue} || print $query->redirect("mainpage.pl");
# COMMENT hdl : IMHO, we should think about passing more and more data hash to template->param rather than duplicating code a new coding Guideline ?
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment