From: Jeff Davis Date: Wed, 6 Jul 2022 23:04:20 +0000 (-0700) Subject: LP#1979345: restrict access to holds pull list X-Git-Url: http://git.equinoxoli.org/?p=evergreen-equinox.git;a=commitdiff_plain;h=dada21eff78e8de6d735741201f7e813d7856683 LP#1979345: restrict access to holds pull list This commit adds a new VIEW_HOLD_PULL_LIST permission. In order to view a library's holds pull list, you need to have the new permission at that library. Signed-off-by: Jeff Davis Signed-off-by: Josh Stompro Signed-off-by: Gina Monti --- diff --git a/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html b/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html index 8470524..487fae8 100644 --- a/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html +++ b/Open-ILS/src/eg2/src/app/staff/share/holds/grid.component.html @@ -56,7 +56,7 @@
View Pull List For:
-
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql index 2bc8a20..2867f6f 100644 --- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql +++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql @@ -1976,7 +1976,9 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES ( 641, 'ADMIN_FUND_ROLLOVER', oils_i18n_gettext(641, 'Allow the user to perform fund propagation and rollover', 'ppl', 'description')), ( 642, 'UPDATE_COPY_BARCODE', oils_i18n_gettext(642, - 'Update the barcode for an item.', 'ppl', 'description')) + 'Update the barcode for an item.', 'ppl', 'description')), + ( 643, 'VIEW_HOLD_PULL_LIST', oils_i18n_gettext(643, + 'View hold pull list', 'ppl', 'description')) ; SELECT SETVAL('permission.perm_list_id_seq'::TEXT, 1000); @@ -2074,6 +2076,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) 'VIEW_CIRCULATIONS', 'VIEW_COPY_NOTES', 'VIEW_HOLD', + 'VIEW_HOLD_PULL_LIST', 'VIEW_ORG_SETTINGS', 'VIEW_TITLE_NOTES', 'VIEW_TRANSACTION', @@ -2140,6 +2143,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) 'VIEW_HOLD', 'VIEW_HOLD_NOTIFICATION', 'VIEW_HOLD_PERMIT', + 'VIEW_HOLD_PULL_LIST', 'VIEW_PERM_GROUPS', 'VIEW_PERMISSION', 'VIEW_TITLE_NOTES', @@ -2876,6 +2880,7 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) 'VIEW_CIRCS', 'VIEW_COPY_CHECKOUT', 'VIEW_HOLD', + 'VIEW_HOLD_PULL_LIST', 'VIEW_TITLE_HOLDS', 'VIEW_TRANSACTION', 'VIEW_USER', diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql new file mode 100644 index 0000000..078f661 --- /dev/null +++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.hold_pull_list.sql @@ -0,0 +1,21 @@ +BEGIN; + +SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version); + +INSERT INTO permission.perm_list (id, code, description) VALUES + ( 643, 'VIEW_HOLD_PULL_LIST', oils_i18n_gettext(643, + 'View hold pull list', 'ppl', 'description')); + +-- by default, assign VIEW_HOLD_PULL_LIST to everyone who has VIEW_HOLDS +INSERT INTO permission.grp_perm_map (perm, grp, depth, grantable) + SELECT 643, grp, depth, grantable + FROM permission.grp_perm_map + WHERE perm = 9; + +INSERT INTO permission.usr_perm_map (perm, usr, depth, grantable) + SELECT 643, usr, depth, grantable + FROM permission.usr_perm_map + WHERE perm = 9; + +COMMIT; + diff --git a/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc b/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc new file mode 100644 index 0000000..c783f64 --- /dev/null +++ b/docs/RELEASE_NOTES_NEXT/Circulation/view_hold_pull_list.adoc @@ -0,0 +1,6 @@ +== New Permission for Viewing Holds Pull List == + +Access to the holds pull list is now restricted to users with the +VIEW_HOLD_PULL_LIST permission. By default, this new permission is granted to +all users with the VIEW_HOLDS permission. +