From 8fb3c5babc6fd679e7f51a8edb5eacbfec4e59af Mon Sep 17 00:00:00 2001
From: erickson <erickson@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Date: Mon, 12 Dec 2005 15:02:29 +0000
Subject: [PATCH] more work with containers. finished with the basic container
 retrieval code using some new utility methods I added to AppUtils.pm

Made use of some of the new methods in Actor.pm

Untested bucket.create method in Container.pm


git-svn-id: svn://svn.open-ils.org/ILS/trunk@2345 dcc99617-32d9-48b4-a31d-7c20da2025e4
---
 Open-ILS/src/extras/ils_events.xml            |   6 ++
 .../src/perlmods/OpenILS/Application/Actor.pm |  11 +-
 .../OpenILS/Application/Actor/Container.pm    | 102 +++++++++++-------
 .../perlmods/OpenILS/Application/AppUtils.pm  |  82 +++++++-------
 Open-ILS/web/opac/locale/en-US/lang.dtd       |   5 +
 5 files changed, 125 insertions(+), 81 deletions(-)

diff --git a/Open-ILS/src/extras/ils_events.xml b/Open-ILS/src/extras/ils_events.xml
index e049cf140d..7c16b13067 100644
--- a/Open-ILS/src/extras/ils_events.xml
+++ b/Open-ILS/src/extras/ils_events.xml
@@ -32,6 +32,12 @@
 		</desc>
 	</event>
 
+	<event code='2000' textcode='BAD_PARAMS'>
+		<desc>
+			Invalid parameters were encountered in a method
+		</desc>
+	</event>
+
 	<event code='5000' textcode='PERM_FAILURE'>
 		<desc> 
 			Permission Error.  * The object returning this code shall also 
diff --git a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
index e80d52fe32..038fed2d58 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/Actor.pm
@@ -1045,11 +1045,14 @@ __PACKAGE__->register_method(
 
 sub check_user_perms {
 	my( $self, $client, $login_session, $user_id, $org_id, $perm_types ) = @_;
-	my $user_obj = $apputils->check_user_session($login_session); 
 
-	if($user_obj->id ne $user_id) {
-		if($apputils->check_user_perms($user_obj->id, $org_id, "VIEW_PERMISSION")) {
-			return OpenILS::Perm->new("VIEW_PERMISSION");
+	my( $staff, $evt ) = $apputils->checkses($login_session);
+	return $evt if $evt;
+
+	if($staff->id ne $user_id) {
+		if( my $evt = $apputils->check_perms(
+			$staff->id, $org_id, 'VIEW_PERMISSION') ) {
+			return $evt;
 		}
 	}
 
diff --git a/Open-ILS/src/perlmods/OpenILS/Application/Actor/Container.pm b/Open-ILS/src/perlmods/OpenILS/Application/Actor/Container.pm
index d1ac1dd9e5..e430bc7abc 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/Actor/Container.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/Actor/Container.pm
@@ -5,6 +5,7 @@ use OpenILS::Application::AppUtils;
 use OpenILS::Perm;
 use Data::Dumper;
 use OpenSRF::EX qw(:try);
+use OpenILS::Utils::Fieldmapper;
 
 my $apputils = "OpenILS::Application::AppUtils";
 my $logger = "OpenSRF::Utils::Logger";
@@ -13,10 +14,12 @@ sub initialize { return 1; }
 
 my $svc = 'open-ils.storage';
 my $meth = 'open-ils.storage.direct.container';
-my $bibmeth = "$meth.biblio_record_entry_bucket";
-my $cnmeth = "$meth.call_number_bucket";
-my $copymeth = "$meth.copy_bucket";
-my $usermeth = "$meth.user_bucket";
+my %types;
+$types{'biblio'} = "$meth.biblio_record_entry_bucket";
+$types{'callnumber'} = "$meth.call_number_bucket";
+$types{'copy'} = "$meth.copy_bucket";
+$types{'user'} = "$meth.user_bucket";
+my $event;
 
 __PACKAGE__->register_method(
 	method	=> "bucket_retrieve_all",
@@ -31,19 +34,19 @@ __PACKAGE__->register_method(
 sub bucket_retrieve_all {
 	my($self, $client, $authtoken, $userid) = @_;
 
-	my ($staff, $user, $evt) = 
-		$apputils->handle_requestor( $authtoken, $userid, 'VIEW_CONTAINER');
+	my( $staff, $evt ) = $apputils->checkses($authtoken);
 	return $evt if $evt;
 
+	my( $user, $e ) = $apputils->checkrequestor( $staff, $userid, 'VIEW_CONTAINER');
+	return $e if $e;
+
 	$logger->debug("User " . $staff->id . 
-		" retrieving all buckets for user $user");
+		" retrieving all buckets for user $userid");
 
 	my %buckets;
 
-	$buckets{biblio} = $apputils->simplereq( $svc, "$bibmeth.search.owner.atomic", $user ); 
-	$buckets{callnumber} = $apputils->simplereq( $svc, "$cnmeth.search.owner.atomic", $user ); 
-	$buckets{copy} = $apputils->simplereq( $svc, "$copymeth.search.owner.atomic", $user ); 
-	$buckets{user} = $apputils->simplereq( $svc, "$usermeth.search.owner.atomic", $user ); 
+	$buckets{$_} = $apputils->simplereq( 
+		$svc, $types{$_} . ".search.owner.atomic", $userid ) for keys %types;
 
 	return \%buckets;
 }
@@ -51,9 +54,10 @@ sub bucket_retrieve_all {
 __PACKAGE__->register_method(
 	method	=> "bucket_flesh",
 	api_name	=> "open-ils.actor.container.bucket.flesh",
+	argc		=> 3, 
 	notes		=> <<"	NOTES");
 		Fleshes a bucket by id
-		PARAMS(authtoken, bucketId, buckeclass)
+		PARAMS(authtoken, bucketClass, bucketId)
 		bucketclasss include biblio, callnumber, copy, and user.  
 		bucketclass defaults to biblio.
 		If requestor ID is different than bucketOwnerId, requestor must have
@@ -62,27 +66,20 @@ __PACKAGE__->register_method(
 
 sub bucket_flesh {
 
-	my($self, $client, $authtoken, $bucket, $type) = @_;
+	my($self, $client, $authtoken, $class, $bucket) = @_;
 
-	my( $staff, $evt ) = $apputils->check_ses($authtoken);
+	my( $staff, $evt ) = $apputils->checkses($authtoken);
 	return $evt if $evt;
 
 	$logger->debug("User " . $staff->id . " retrieving bucket $bucket");
 
-	my $meth = $bibmeth;
-	$meth = $cnmeth if $type eq "callnumber";
-	$meth = $copymeth if $type eq "copy";
-	$meth = $usermeth if $type eq "user";
+	my $meth = $types{$class};
 
 	my $bkt = $apputils->simplereq( $svc, "$meth.retrieve", $bucket );
 	if(!$bkt) {return undef};
 
-	if( $bkt->owner ne $staff->id ) {
-		my $userobj = $apputils->fetch_user($bkt->owner);
-		my $perm = $apputils->check_perms( 
-			$staff->id, $userobj->home_ou, 'VIEW_CONTAINER' );
-		return $perm if $perm;
-	}
+	my( $user, $e ) = $apputils->checkrequestor( $staff, $bkt->owner, 'VIEW_CONTAINER' );
+	return $e if $e;
 
 	$bkt->items( $apputils->simplereq( $svc,
 		"$meth"."_item.search.bucket.atomic", $bucket ) );
@@ -94,6 +91,7 @@ sub bucket_flesh {
 __PACKAGE__->register_method(
 	method	=> "bucket_retrieve_class",
 	api_name	=> "open-ils.actor.container.bucket.retrieve_by_class",
+	argc		=> 3, 
 	notes		=> <<"	NOTES");
 		Retrieves all un-fleshed buckets by class assigned to given user 
 		PARAMS(authtoken, bucketOwnerId, class [, type])
@@ -109,31 +107,63 @@ __PACKAGE__->register_method(
 sub bucket_retrieve_class {
 	my( $self, $client, $authtoken, $userid, $class, $type ) = @_;
 
-	my ($staff, $user, $evt) = 
-		$apputils->handle_requestor( $authtoken, $userid, 'VIEW_CONTAINER');
+	my( $staff, $user, $evt );
+	($staff, $evt) = $apputils->checkses($authtoken);
 	return $evt if $evt;
 
-	$logger->debug("User " . $staff->id . 
-		" retrieving buckets for $user [class=$class, type=$type]");
+	($user, $evt) = $apputils->checkrequestor($staff, $userid, 'VIEW_CONTAINER');
+	return $evt if $evt;
 
-	my $meth = $bibmeth;
-	$meth = $cnmeth if $class eq "callnumber";
-	$meth = $copymeth if $class eq "copy";
-	$meth = $usermeth if $class eq "user";
+	$logger->debug("User " . $staff->id . 
+		" retrieving buckets for user $userid [class=$class, type=$type]");
 
+	my $meth = $types{$class} . ".search_where.atomic";
 	my $buckets;
 
 	if( $type ) {
-		$buckets = $apputils->simplereq( $svc,
-			"$meth.search_where.atomic", { owner => $user, btype => $type } );
+		$buckets = $apputils->simplereq( $svc, 
+			$meth, { owner => $userid, btype => $type } );
 	} else {
-		$buckets = $apputils->simplereq( $svc,
-			"$meth.search_where.atomic", { owner => $user } );
+		$logger->debug("Grabbing buckets by class $class: $svc : $meth :  {owner => $userid}");
+		$buckets = $apputils->simplereq( $svc, $meth, { owner => $userid } );
 	}
 
 	return $buckets;
 }
 
+__PACKAGE__->register_method(
+	method	=> "bucket_create",
+	api_name	=> "open-ils.actor.container.bucket.create",
+	notes		=> <<"	NOTES");
+		Creates a new bucket object.  If requestor is different from
+		bucketOwner, requestor needs CREATE_CONTAINER permissions
+		PARAMS(authtoken, bucketObject);
+		Returns the new bucket object
+	NOTES
+
+sub bucket_create {
+	my( $self, $client, $authtoken, $class, $bucket ) = @_;
+
+	my( $staff, $evt ) = $apputils->checkses($authtoken);
+	return $evt if $evt;
+
+	if( $bucket->owner ne $staff->id ) {
+		return $evt if ($evt = $apputils->check_perms('CREATE_CONTAINER'));
+	}
+
+	$logger->activity( "User " . $staff->id . 
+		" creating a new continer for user " . $bucket->owner );
+
+	my $method = $types{$class} . ".create";
+	my $id = $apputils->simplreq( $svc, $method, $bucket );
+
+	if(!$id) { throw OpenSRF::EX 
+		("Unable to create new bucket object"); }
+	return $id;
+
+}
+
+
 
 1;
 
diff --git a/Open-ILS/src/perlmods/OpenILS/Application/AppUtils.pm b/Open-ILS/src/perlmods/OpenILS/Application/AppUtils.pm
index 2fdcaded57..155de9aad8 100644
--- a/Open-ILS/src/perlmods/OpenILS/Application/AppUtils.pm
+++ b/Open-ILS/src/perlmods/OpenILS/Application/AppUtils.pm
@@ -114,18 +114,7 @@ sub rollback_db_session {
 # Checks to see if a user is logged in.  Returns the user record on success,
 # throws an exception on error.
 # ---------------------------------------------------------------------------
-sub check_ses {
-	my( $self, $session ) = @_;
-	my $user;
-	my $evt;
-	try {
-		$user = $self->check_user_session($session);
-	} catch Error with {
-		$evt = OpenILS::Event->new('NO_SESSION');
-	};
 
-	return ( $user, $evt );
-}
 
 sub check_user_session {
 
@@ -140,21 +129,23 @@ sub check_user_session {
 			("Error communication with storage server");
 	}
 
-	if( ref($response) eq 'HASH' ) {
-		if(defined($response->{ilsevent}) and $response->{ilsevent} ne '0' ) {
-			throw OpenSRF::EX::ERROR 
-				("Session [$user_session] cannot be authenticated" );
-		}
+	if(ref($response) and $response->isa("OpenSRF::EX")) {
+		throw $response ($response->stringify);
 	}
 
 
-	if(ref($response) and $response->isa("OpenSRF::EX")) {
-		throw $response ($response->stringify);
+	my $content = $response->content;
+	if( ref($content) eq 'HASH' ) {
+		if(defined($content->{ilsevent}) and $content->{ilsevent} ne '0' ) {
+			throw OpenSRF::EX::ERROR 
+				("Session [$user_session] cannot be authenticated" );
+		}
 	}
 
-	my $user = $response->content;
+	my $user = $content;
 	if(!$user) {
-		throw OpenSRF::EX::ERROR ("Session [$user_session] cannot be authenticated" );
+		throw OpenSRF::EX::ERROR 
+			("Session [$user_session] cannot be authenticated" );
 	}
 
 	$session->disconnect();
@@ -317,37 +308,46 @@ sub fetch_user {
 		'open-ils.storage.direct.actor.user.retrieve', $id );
 }
 
+sub checkses {
+	my( $self, $session ) = @_;
+	my $user; my $evt; my $e; 
 
+	try {
+		$user = $self->check_user_session($session);
+	} catch Error with { $e = 1; };
 
-# handy tool to handle the ever-recurring situation of someone requesting 
-# something on someone else's behalf (think staff member creating something for a user)
-# returns ($requestor, $targetuser_id, $event );
-# $event may be a PERM_FAILURE event or a NO_SESSION event
-# $targetuser == $staffuser->id when $targetuser is undefined.
-sub handle_requestor {
-	my( $self, $authtoken, $targetuser, @permissions ) = @_;
-
-	my( $requestor, $evt ) = $self->check_ses($authtoken);
-	return (undef, undef, $evt) if $evt;
+	if( $e or !$user ) { $evt = OpenILS::Event->new('NO_SESSION'); }
+	return ( $user, $evt );
+}
 
-	$targetuser = $requestor->id unless defined $targetuser;
-	my $userobj = $requestor; 
-	$userobj = $self->fetch_user($targetuser) 
-		unless $targetuser eq $requestor->id;
 
-	if(!$userobj) {} # XXX Friendly exception
+sub checkrequestor {
+	my( $self, $staffobj, $userid, @perms ) = @_;
+	my $user; my $evt;
 
-	my $perm;
+	$logger->debug("checkrequestor(): staff => " . $staffobj->id . ", user => $userid");
 
-	#everyone is allowed to view their own data
-	if( $targetuser ne $requestor->id ) {
-		$perm = $self->check_perms( 
-			$requestor->id, $userobj->home_ou, @permissions );
+	if( $userid ne $staffobj->id ) {
+		if( ! ($user = $self->fetch_user($userid)) ) {
+			$evt = OpenILS::Event->new('USER_NOT_FOUND');
+			return (undef, $evt);
+		}
+		$evt = $self->check_perms( $staffobj->id, $user->home_ou, @perms );
 	}
 
-	return ($requestor, $targetuser, $perm);
+	return ($user, $evt);
 }
 
+sub checkses_requestor {
+	my( $self, $authtoken, $targetid, @perms ) = @_;
+	my( $requestor, $target, $evt );
+
+	($requestor, $evt) = $self->checkses($authtoken);
+	return (undef, undef, $evt) if $evt;
+
+	($target, $evt) = $self->checkrequestor( $requestor, $targetid, @perms );
+	return( $requestor, $target, $evt);
+}
 
 
 
diff --git a/Open-ILS/web/opac/locale/en-US/lang.dtd b/Open-ILS/web/opac/locale/en-US/lang.dtd
index aa8ff05817..08170aeecf 100644
--- a/Open-ILS/web/opac/locale/en-US/lang.dtd
+++ b/Open-ILS/web/opac/locale/en-US/lang.dtd
@@ -44,13 +44,17 @@
 		OPAC Entites
 		======================================================================================= -->
 
+<!--
 <!ENTITY nbsp "  ">
 <!ENTITY space "&nsbp;">
+-->
 <!ENTITY llt "&lt;">
 <!ENTITY ggt "&gt;">
 
 <!ENTITY opac.nbsp "  ">
+<!--
 <!ENTITY opac.space "&nsbp;">
+-->
 <!ENTITY opac.llt "&lt;">
 <!ENTITY opac.ggt "&gt;">
 
@@ -141,6 +145,7 @@
 <!ENTITY opac.search.nowSearching "Now Searching">
 
 <!ENTITY opac.title.home "Evergreen: Home">
+<!ENTITY opac.title.mresult "Evergreen Title Groups">
 
 <!ENTITY opac.login.login "Login with your username and password">
 
-- 
2.43.2