1 # ---------------------------------------------------------------
2 # Copyright (C) 2005 Georgia Public Library Service
3 # Bill Erickson <highfalutin@gmail.com>
5 # This program is free software; you can redistribute it and/or
6 # modify it under the terms of the GNU General Public License
7 # as published by the Free Software Foundation; either version 2
8 # of the License, or (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 # ---------------------------------------------------------------
17 package OpenILS::Application::Circ::Holds;
18 use base qw/OpenSRF::Application/;
19 use strict; use warnings;
20 use OpenILS::Application::AppUtils;
21 my $apputils = "OpenILS::Application::AppUtils";
27 __PACKAGE__->register_method(
28 method => "create_hold",
29 api_name => "open-ils.circ.holds.create",
31 Create a new hold for an item. From a permissions perspective,
32 the login session is used as the 'requestor' of the hold.
33 The hold recipient is determined by the 'usr' setting within
36 First we verify the requestion has holds request permissions.
37 Then we verify that the recipient is allowed to make the given hold.
38 If not, we see if the requestor has "override" capabilities. If not,
39 a permission exception is returned. If permissions allow, we cycle
40 through the set of holds objects and create.
42 If the recipient does not have permission to place multiple holds
43 on a single title and said operation is attempted, a permission
48 my( $self, $client, $login_session, @holds) = @_;
50 if(!@holds){return 0;}
51 my $user = $apputils->check_user_session($login_session);
55 if(ref($holds[0]) eq 'ARRAY') {
57 } else { $holds = [ @holds ]; }
59 warn "Iterating over holds requests...\n";
61 for my $hold (@$holds) {
64 my $type = $hold->hold_type;
67 warn "Hold to create: " . Dumper($hold) . "\n";
70 if($user->id ne $hold->usr) {
76 #enforce the fact that the login is the one requesting the hold
77 $hold->requestor($user->id);
81 # see if the requestor even has permission to request
82 if($hold->requestor ne $hold->usr) {
83 $perm = _check_request_holds_perm($type, $user->id, $user->home_ou);
84 if($perm) { return $perm; }
87 $perm = _check_holds_perm($type, $hold->usr, $recipient->home_ou);
89 #if there is a requestor, see if the requestor has override privelages
90 if($hold->requestor ne $hold->usr) {
91 $perm = _check_request_holds_override($user->id, $user->home_ou);
92 if($perm) {return $perm;}
99 #my $session = $apputils->start_db_session();
100 my $session = OpenSRF::AppSession->create("open-ils.storage");
101 my $method = "open-ils.storage.direct.action.hold_request.create";
102 warn "Sending hold request to storage... $method \n";
104 my $req = $session->request( $method, $hold );
106 my $resp = $req->gather(1);
107 $session->disconnect();
108 if(!$resp) { return OpenILS::EX->new("UNKNOWN")->ex(); }
109 # $apputils->commit_db_session($session);
115 # makes sure that a user has permission to place the type of requested hold
116 # returns the Perm exception if not allowed, returns undef if all is well
117 sub _check_holds_perm {
118 my($type, $user_id, $org_id) = @_;
121 if($apputils->check_user_perms($user_id, $org_id, "MR_HOLDS")) {
122 return OpenILS::Perm->new("MR_HOLDS");
125 } elsif ($type eq "T") {
126 if($apputils->check_user_perms($user_id, $org_id, "TITLE_HOLDS")) {
127 return OpenILS::Perm->new("TITLE_HOLDS");
130 } elsif($type eq "V") {
131 if($apputils->check_user_perms($user_id, $org_id, "VOLUME_HOLDS")) {
132 return OpenILS::Perm->new("VOLUME_HOLDS");
135 } elsif($type eq "C") {
136 if($apputils->check_user_perms($user_id, $org_id, "COPY_HOLDS")) {
137 return OpenILS::Perm->new("COPY_HOLDS");
144 # tests if the given user is allowed to place holds on another's behalf
145 sub _check_request_holds_perm {
148 if($apputils->check_user_perms($user_id, $org_id, "REQUEST_HOLDS")) {
149 return OpenILS::Perm->new("REQUEST_HOLDS");
153 sub _check_request_holds_override {
156 if($apputils->check_user_perms($user_id, $org_id, "REQUEST_HOLDS_OVERRIDE")) {
157 return OpenILS::Perm->new("REQUEST_HOLDS_OVERRIDE");
162 __PACKAGE__->register_method(
163 method => "retrieve_holds",
164 api_name => "open-ils.circ.holds.retrieve",
166 Retrieves all the holds for the specified user id. The login session
167 is the requestor and if the requestor is different from the user, then
168 the requestor must have VIEW_HOLDS permissions.
172 my($self, $client, $login_session, $user_id) = @_;
173 my $user = $apputils->check_user_session($login_session);
175 if($user->id ne $user_id) {
176 if($apputils->check_user_perms($user_id, $user->home_ou, "VIEW_HOLDS")) {
177 return OpenILS::Perm->new("VIEW_HOLDS");
181 my $session = OpenSRF::AppSession->create("open-ils.storage");
182 my $req = $session->request(
183 "open-ils.storage.direct.action.hold_request.search.usr.atomic",
185 my $h = $req->gather(1);
186 $session->disconnect();