1 # ---------------------------------------------------------------
2 # Copyright (C) 2005 Georgia Public Library Service
3 # Bill Erickson <highfalutin@gmail.com>
5 # This program is free software; you can redistribute it and/or
6 # modify it under the terms of the GNU General Public License
7 # as published by the Free Software Foundation; either version 2
8 # of the License, or (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 # ---------------------------------------------------------------
17 package OpenILS::Application::Circ::Holds;
18 use base qw/OpenSRF::Application/;
19 use strict; use warnings;
20 use OpenILS::Application::AppUtils;
21 my $apputils = "OpenILS::Application::AppUtils";
27 __PACKAGE__->register_method(
28 method => "create_hold",
29 api_name => "open-ils.circ.holds.create",
31 Create a new hold for an item. From a permissions perspective,
32 the login session is used as the 'requestor' of the hold.
33 The hold recipient is determined by the 'usr' setting within
36 First we verify the requestion has holds request permissions.
37 Then we verify that the recipient is allowed to make the given hold.
38 If not, we see if the requestor has "override" capabilities. If not,
39 a permission exception is returned. If permissions allow, we cycle
40 through the set of holds objects and create.
42 If the recipient does not have permission to place multiple holds
43 on a single title and said operation is attempted, a permission
48 my( $self, $client, $login_session, @holds) = @_;
50 if(!@holds){return 0;}
51 my $user = $apputils->check_user_session($login_session);
55 if(ref($holds[0]) eq 'ARRAY') {
57 } else { $holds = [ @holds ]; }
59 warn "Iterating over holds requests...\n";
61 for my $hold (@$holds) {
64 my $type = $hold->hold_type;
67 warn "Hold to create: " . Dumper($hold) . "\n";
70 if($user->id ne $hold->usr) {
76 #enforce the fact that the login is the one requesting the hold
77 $hold->requestor($user->id);
81 # see if the requestor even has permission to request
82 if($hold->requestor ne $hold->usr) {
83 $perm = _check_request_holds_perm($type, $user->id, $user->home_ou);
84 if($perm) { return $perm; }
87 $perm = _check_holds_perm($type, $hold->usr, $recipient->home_ou);
89 #if there is a requestor, see if the requestor has override privelages
90 if($hold->requestor ne $hold->usr) {
91 $perm = _check_request_holds_override($user->id, $user->home_ou);
92 if($perm) {return $perm;}
99 #my $session = $apputils->start_db_session();
100 my $session = OpenSRF::AppSession->create("open-ils.storage");
101 my $method = "open-ils.storage.direct.action.hold_request.create";
102 warn "Sending hold request to storage... $method \n";
104 my $req = $session->request( $method, $hold );
106 my $resp = $req->gather(1);
107 $session->disconnect();
108 if(!$resp) { return OpenILS::EX->new("UNKNOWN")->ex(); }
109 # $apputils->commit_db_session($session);
115 # makes sure that a user has permission to place the type of requested hold
116 # returns the Perm exception if not allowed, returns undef if all is well
117 sub _check_holds_perm {
118 my($type, $user_id, $org_id) = @_;
121 if($apputils->check_user_perms($user_id, $org_id, "MR_HOLDS")) {
122 return OpenILS::Perm->new("MR_HOLDS");
125 } elsif ($type eq "T") {
126 if($apputils->check_user_perms($user_id, $org_id, "TITLE_HOLDS")) {
127 return OpenILS::Perm->new("TITLE_HOLDS");
130 } elsif($type eq "V") {
131 if($apputils->check_user_perms($user_id, $org_id, "VOLUME_HOLDS")) {
132 return OpenILS::Perm->new("VOLUME_HOLDS");
135 } elsif($type eq "C") {
136 if($apputils->check_user_perms($user_id, $org_id, "COPY_HOLDS")) {
137 return OpenILS::Perm->new("COPY_HOLDS");
144 # tests if the given user is allowed to place holds on another's behalf
145 sub _check_request_holds_perm {
148 if($apputils->check_user_perms($user_id, $org_id, "REQUEST_HOLDS")) {
149 return OpenILS::Perm->new("REQUEST_HOLDS");
153 sub _check_request_holds_override {
156 if($apputils->check_user_perms($user_id, $org_id, "REQUEST_HOLDS_OVERRIDE")) {
157 return OpenILS::Perm->new("REQUEST_HOLDS_OVERRIDE");
162 __PACKAGE__->register_method(
163 method => "retrieve_holds",
164 api_name => "open-ils.circ.holds.retrieve",
166 Retrieves all the holds for the specified user id. The login session
167 is the requestor and if the requestor is different from the user, then
168 the requestor must have VIEW_HOLDS permissions.
172 my($self, $client, $login_session, $user_id) = @_;
174 my $user = $apputils->check_user_session($login_session);
176 if($user->id ne $user_id) {
177 if($apputils->check_user_perms($user->id, $user->home_ou, "VIEW_HOLDS")) {
178 return OpenILS::Perm->new("VIEW_HOLDS");
182 my $session = OpenSRF::AppSession->create("open-ils.storage");
183 my $req = $session->request(
184 "open-ils.storage.direct.action.hold_request.search.usr.atomic",
186 my $h = $req->gather(1);
187 $session->disconnect();
192 __PACKAGE__->register_method(
193 method => "cancel_hold",
194 api_name => "open-ils.circ.hold.cancel",
196 Cancels the specified hold. The login session
197 is the requestor and if the requestor is different from the usr field
198 on the hold, the requestor must have CANCEL_HOLDS permissions.
202 my($self, $client, $login_session, $hold) = @_;
204 my $user = $apputils->check_user_session($login_session);
206 if($user->id ne $hold->usr) {
207 if($apputils->check_user_perms($user->id, $user->home_ou, "CANCEL_HOLDS")) {
208 return OpenILS::Perm->new("CANCEL_HOLDS");
213 warn "Cancelling hold: " . Dumper($hold) . "\n";
215 my $session = OpenSRF::AppSession->create("open-ils.storage");
216 my $req = $session->request(
217 "open-ils.storage.direct.action.hold_request.delete",
219 my $h = $req->gather(1);
221 warn "[$h] returned from hold_request delete\n";
222 $session->disconnect();
227 __PACKAGE__->register_method(
228 method => "update_hold",
229 api_name => "open-ils.circ.hold.update",
231 Updates the specified hold. The login session
232 is the requestor and if the requestor is different from the usr field
233 on the hold, the requestor must have UPDATE_HOLDS permissions.
237 my($self, $client, $login_session, $hold) = @_;
239 my $user = $apputils->check_user_session($login_session);
241 if($user->id ne $hold->usr) {
242 if($apputils->check_user_perms($user->id, $user->home_ou, "UPDATE_HOLDS")) {
243 return OpenILS::Perm->new("UPDATE_HOLDS");
248 warn "Updating hold: " . Dumper($hold) . "\n";
250 my $session = OpenSRF::AppSession->create("open-ils.storage");
251 my $req = $session->request(
252 "open-ils.storage.direct.action.hold_request.update", $hold );
253 my $h = $req->gather(1);
255 warn "[$h] returned from hold_request update\n";
256 $session->disconnect();