1 package OpenILS::WWW::EGCatLoader;
2 use strict; use warnings;
3 use Apache2::Const -compile => qw(OK DECLINED FORBIDDEN HTTP_INTERNAL_SERVER_ERROR REDIRECT HTTP_BAD_REQUEST);
4 use OpenSRF::Utils::Logger qw/$logger/;
5 use OpenILS::Utils::CStoreEditor qw/:funcs/;
6 use OpenILS::Utils::Fieldmapper;
7 use OpenILS::Application::AppUtils;
9 use OpenSRF::Utils::JSON;
10 use OpenSRF::Utils::Cache;
11 use Digest::MD5 qw(md5_hex);
13 $Data::Dumper::Indent = 0;
15 my $U = 'OpenILS::Application::AppUtils';
17 sub prepare_extended_user_info {
20 my $e = $self->editor;
22 # are we already in a transaction?
23 my $local_xact = !$e->{xact_id};
24 $e->xact_begin if $local_xact;
26 $self->ctx->{user} = $self->editor->retrieve_actor_user([
27 $self->ctx->{user}->id,
31 au => [qw/card home_ou addresses ident_type billing_address/, @extra_flesh]
37 $e->rollback if $local_xact;
39 # discard replaced (negative-id) addresses.
40 $self->ctx->{user}->addresses([
41 grep {$_->id > 0} @{$self->ctx->{user}->addresses} ]);
43 return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR
44 unless $self->ctx->{user};
49 # Given an event returned by a failed attempt to create a hold, do we have
50 # permission to override? XXX Should the permission check be scoped to a
51 # given org_unit context?
52 sub test_could_override {
53 my ($self, $event) = @_;
55 return 0 unless $event;
56 return 1 if $self->editor->allowed($event->{textcode} . ".override");
57 return 1 if $event->{"fail_part"} and
58 $self->editor->allowed($event->{"fail_part"} . ".override");
62 # Find out whether we care that local copies are available
63 sub local_avail_concern {
64 my ($self, $hold_target, $hold_type, $pickup_lib) = @_;
66 my $would_block = $self->ctx->{get_org_setting}->
67 ($pickup_lib, "circ.holds.hold_has_copy_at.block");
69 $self->ctx->{get_org_setting}->
70 ($pickup_lib, "circ.holds.hold_has_copy_at.alert") and
71 not $self->cgi->param("override")
72 ) unless $would_block;
74 if ($would_block or $would_alert) {
76 "hold_target" => $hold_target,
77 "hold_type" => $hold_type,
78 "org_unit" => $pickup_lib
80 my $local_avail = $U->simplereq(
82 "open-ils.circ.hold.has_copy_at", $self->editor->authtoken, $args
85 "copy availability information for " . Dumper($args) .
86 " is " . Dumper($local_avail)
88 if (%$local_avail) { # if hash not empty
89 $self->ctx->{hold_copy_available} = $local_avail;
90 return ($would_block, $would_alert);
98 # user : au object, fleshed
99 sub load_myopac_prefs {
101 my $cgi = $self->cgi;
102 my $e = $self->editor;
103 my $pending_addr = $cgi->param('pending_addr');
104 my $replace_addr = $cgi->param('replace_addr');
105 my $delete_pending = $cgi->param('delete_pending');
107 $self->prepare_extended_user_info;
108 my $user = $self->ctx->{user};
110 my $lock_usernames = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.lock_usernames');
111 if(defined($lock_usernames) and $lock_usernames == 1) {
112 # Policy says no username changes
113 $self->ctx->{username_change_disallowed} = 1;
115 my $username_unlimit = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.unlimit_usernames');
116 if(!$username_unlimit) {
117 my $regex_check = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.barcode_regex');
119 # Default is "starts with a number"
120 $regex_check = '^\d+';
122 # You already have a username?
123 if($regex_check and $self->ctx->{user}->usrname !~ /$regex_check/) {
124 $self->ctx->{username_change_disallowed} = 1;
129 return Apache2::Const::OK unless
130 $pending_addr or $replace_addr or $delete_pending;
132 my @form_fields = qw/address_type street1 street2 city county state country post_code/;
135 if( $pending_addr ) { # update an existing pending address
137 ($paddr) = grep { $_->id == $pending_addr } @{$user->addresses};
138 return Apache2::Const::HTTP_BAD_REQUEST unless $paddr;
139 $paddr->$_( $cgi->param($_) ) for @form_fields;
141 } elsif( $replace_addr ) { # create a new pending address for 'replace_addr'
143 $paddr = Fieldmapper::actor::user_address->new;
145 $paddr->usr($user->id);
146 $paddr->pending('t');
147 $paddr->replaces($replace_addr);
148 $paddr->$_( $cgi->param($_) ) for @form_fields;
150 } elsif( $delete_pending ) {
151 $paddr = $e->retrieve_actor_user_address($delete_pending);
152 return Apache2::Const::HTTP_BAD_REQUEST unless
153 $paddr and $paddr->usr == $user->id and $U->is_true($paddr->pending);
154 $paddr->isdeleted(1);
157 my $resp = $U->simplereq(
159 'open-ils.actor.user.address.pending.cud',
160 $e->authtoken, $paddr);
162 if( $U->event_code($resp) ) {
163 $logger->error("Error updating pending address: $resp");
164 return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR;
167 # in light of these changes, re-fetch latest data
169 $self->prepare_extended_user_info;
172 return Apache2::Const::OK;
175 sub load_myopac_prefs_notify {
177 my $e = $self->editor;
180 my $stat = $self->_load_user_with_prefs;
181 return $stat if $stat;
183 my $user_prefs = $self->fetch_optin_prefs;
184 $user_prefs = $self->update_optin_prefs($user_prefs)
185 if $self->cgi->request_method eq 'POST';
187 $self->ctx->{opt_in_settings} = $user_prefs;
189 return Apache2::Const::OK
190 unless $self->cgi->request_method eq 'POST';
193 my $set_map = $self->ctx->{user_setting_map};
197 opac.default_sms_notify
199 my $val = $self->cgi->param($key);
200 $settings{$key}= $val unless $$set_map{$key} eq $val;
203 my $key = 'opac.default_sms_carrier';
204 my $val = $self->cgi->param('sms_carrier');
205 $settings{$key}= $val unless $$set_map{$key} eq $val;
207 $key = 'opac.hold_notify';
208 my @notify_methods = ();
209 if ($self->cgi->param($key . ".email") eq 'on') {
210 push @notify_methods, "email";
212 if ($self->cgi->param($key . ".phone") eq 'on') {
213 push @notify_methods, "phone";
215 if ($self->cgi->param($key . ".sms") eq 'on') {
216 push @notify_methods, "sms";
218 $val = join("|",@notify_methods);
219 $settings{$key}= $val unless $$set_map{$key} eq $val;
221 # Send the modified settings off to be saved
224 'open-ils.actor.patron.settings.update',
225 $self->editor->authtoken, undef, \%settings);
227 # re-fetch user prefs
228 $self->ctx->{updated_user_settings} = \%settings;
229 return $self->_load_user_with_prefs || Apache2::Const::OK;
232 sub fetch_optin_prefs {
234 my $e = $self->editor;
236 # fetch all of the opt-in settings the user has access to
237 # XXX: user's should in theory have options to opt-in to notices
238 # for remote locations, but that opens the door for a large
239 # set of generally un-used opt-ins.. needs discussion
240 my $opt_ins = $U->simplereq(
242 'open-ils.actor.event_def.opt_in.settings.atomic',
243 $e->authtoken, $e->requestor->home_ou);
245 # some opt-ins are staff-only
246 $opt_ins = [ grep { $U->is_true($_->opac_visible) } @$opt_ins ];
248 # fetch user setting values for each of the opt-in settings
249 my $user_set = $U->simplereq(
251 'open-ils.actor.patron.settings.retrieve',
254 [map {$_->name} @$opt_ins]
257 return [map { {cust => $_, value => $user_set->{$_->name} } } @$opt_ins];
260 sub _load_lists_and_settings {
262 my $e = $self->editor;
263 my $stat = $self->_load_user_with_prefs;
266 my $setting_map = $self->ctx->{user_setting_map};
267 $exclude = $$setting_map{'opac.default_list'} if ($$setting_map{'opac.default_list'});
268 $self->ctx->{bookbags} = $e->search_container_biblio_record_entry_bucket(
270 {owner => $self->ctx->{user}->id, btype => 'bookbag', id => {'<>' => $exclude}}, {
271 order_by => {cbreb => 'name'},
272 limit => $self->cgi->param('limit') || 10,
273 offset => $self->cgi->param('offset') || 0
277 # We also want a total count of the user's bookbags.
279 'select' => { 'cbreb' => [ { 'column' => 'id', 'transform' => 'count', 'aggregate' => 'true', 'alias' => 'count' } ] },
281 'where' => { 'btype' => 'bookbag', 'owner' => $self->ctx->{user}->id }
283 my $r = $e->json_query($q);
284 $self->ctx->{bookbag_count} = $r->[0]->{'count'};
285 # Someone has requested that we use the default list's name
286 # rather than "Default List."
289 'select' => {'cbreb' => ['name']},
291 'where' => {'id' => $exclude}
293 $r = $e->json_query($q);
294 $self->ctx->{default_bookbag} = $r->[0]->{'name'};
302 sub update_optin_prefs {
304 my $user_prefs = shift;
305 my $e = $self->editor;
306 my @settings = $self->cgi->param('setting');
309 # apply now-true settings
310 for my $applied (@settings) {
311 # see if setting is already applied to this user
312 next if grep { $_->{cust}->name eq $applied and $_->{value} } @$user_prefs;
313 $newsets{$applied} = OpenSRF::Utils::JSON->true;
316 # remove now-false settings
317 for my $pref (grep { $_->{value} } @$user_prefs) {
318 $newsets{$pref->{cust}->name} = undef
319 unless grep { $_ eq $pref->{cust}->name } @settings;
324 'open-ils.actor.patron.settings.update',
325 $e->authtoken, $e->requestor->id, \%newsets);
327 # update the local prefs to match reality
328 for my $pref (@$user_prefs) {
329 $pref->{value} = $newsets{$pref->{cust}->name}
330 if exists $newsets{$pref->{cust}->name};
336 sub _load_user_with_prefs {
338 my $stat = $self->prepare_extended_user_info('settings');
339 return $stat if $stat; # not-OK
341 $self->ctx->{user_setting_map} = {
342 map { $_->name => OpenSRF::Utils::JSON->JSON2perl($_->value) }
343 @{$self->ctx->{user}->settings}
349 sub _get_bookbag_sort_params {
350 my ($self, $param_name) = @_;
352 # The interface that feeds this cgi parameter will provide a single
353 # argument for a QP sort filter, and potentially a modifier after a period.
354 # In practice this means the "sort" parameter will be something like
355 # "titlesort" or "authorsort.descending".
356 my $sorter = $self->cgi->param($param_name) || "";
359 $sorter =~ s/^(.*?)\.(.*)/$1/;
360 $modifier = $2 || undef;
363 return ($sorter, $modifier);
366 sub _prepare_bookbag_container_query {
367 my ($self, $container_id, $sorter, $modifier) = @_;
370 "container(bre,bookbag,%d,%s)%s%s",
371 $container_id, $self->editor->authtoken,
372 ($sorter ? " sort($sorter)" : ""),
373 ($modifier ? "#$modifier" : "")
377 sub _prepare_anonlist_sorting_query {
378 my ($self, $list, $sorter, $modifier) = @_;
381 "record_list(%s)%s%s",
383 ($sorter ? " sort($sorter)" : ""),
384 ($modifier ? "#$modifier" : "")
389 sub load_myopac_prefs_settings {
394 opac.default_search_location
395 opac.default_pickup_location
396 opac.temporary_list_no_warn
399 my $stat = $self->_load_user_with_prefs;
400 return $stat if $stat;
402 return Apache2::Const::OK
403 unless $self->cgi->request_method eq 'POST';
405 # some setting values from the form don't match the
406 # required value/format for the db, so they have to be
407 # individually translated.
410 my $set_map = $self->ctx->{user_setting_map};
412 foreach my $key (@user_prefs) {
413 my $val = $self->cgi->param($key);
414 $settings{$key}= $val unless $$set_map{$key} eq $val;
417 my $now = DateTime->now->strftime('%F');
418 foreach my $key (qw/history.circ.retention_start history.hold.retention_start/) {
419 my $val = $self->cgi->param($key);
420 if($val and $val eq 'on') {
421 # Set the start time to 'now' unless a start time already exists for the user
422 $settings{$key} = $now unless $$set_map{$key};
424 # clear the start time if one previously existed for the user
425 $settings{$key} = undef if $$set_map{$key};
429 # Send the modified settings off to be saved
432 'open-ils.actor.patron.settings.update',
433 $self->editor->authtoken, undef, \%settings);
435 # re-fetch user prefs
436 $self->ctx->{updated_user_settings} = \%settings;
437 return $self->_load_user_with_prefs || Apache2::Const::OK;
440 sub fetch_user_holds {
442 my $hold_ids = shift;
443 my $ids_only = shift;
445 my $available = shift;
449 my $e = $self->editor;
450 my $all_ids; # to be used below.
453 my $circ = OpenSRF::AppSession->create('open-ils.circ');
455 $hold_ids = $circ->request(
456 'open-ils.circ.holds.id_list.retrieve.authoritative',
463 $all_ids = $hold_ids;
464 $hold_ids = [ grep { defined $_ } @$hold_ids[$offset..($offset + $limit - 1)] ] if $limit or $offset;
467 $all_ids = $hold_ids;
470 return { ids => $hold_ids, all_ids => $all_ids } if $ids_only or @$hold_ids == 0;
473 suppress_notices => 1,
474 suppress_transits => 1,
476 suppress_patron_details => 1
479 # ----------------------------------------------------------------
480 # Collect holds in batches of $batch_size for faster retrieval
484 my $mk_req_batch = sub {
486 my $top_idx = $batch_idx + $batch_size;
487 while($batch_idx < $top_idx) {
488 my $hold_id = $hold_ids->[$batch_idx++];
489 last unless $hold_id;
490 my $ses = OpenSRF::AppSession->create('open-ils.circ');
491 my $req = $ses->request(
492 'open-ils.circ.hold.details.retrieve',
493 $e->authtoken, $hold_id, $args);
494 push(@ses, {ses => $ses, req => $req});
500 my(@collected, @holds, @ses);
503 @ses = $mk_req_batch->() if $first;
504 last if $first and not @ses;
507 while(my $blob = pop(@collected)) {
508 my (undef, @data) = $self->get_records_and_facets(
509 [$blob->{hold}->{bre_id}], undef, {flesh => '{mra}'}
511 $blob->{marc_xml} = $data[0]->{marc_xml};
516 for my $req_data (@ses) {
517 push(@collected, {hold => $req_data->{req}->gather(1)});
518 $req_data->{ses}->kill_me;
521 @ses = $mk_req_batch->();
522 last unless @collected or @ses;
526 # put the holds back into the original server sort order
528 for my $id (@$hold_ids) {
529 push @sorted, grep { $_->{hold}->{hold}->id == $id } @holds;
532 return { holds => \@sorted, ids => $hold_ids, all_ids => $all_ids };
535 sub handle_hold_update {
538 my $hold_ids = shift;
539 my $e = $self->editor;
542 my @hold_ids = ($hold_ids) ? @$hold_ids : $self->cgi->param('hold_id'); # for non-_all actions
543 @hold_ids = @{$self->fetch_user_holds(undef, 1)->{ids}} if $action =~ /_all/;
545 my $circ = OpenSRF::AppSession->create('open-ils.circ');
547 if($action =~ /cancel/) {
549 for my $hold_id (@hold_ids) {
550 my $resp = $circ->request(
551 'open-ils.circ.hold.cancel', $e->authtoken, $hold_id, 6 )->gather(1); # 6 == patron-cancelled-via-opac
554 } elsif ($action =~ /activate|suspend/) {
557 for my $hold_id (@hold_ids) {
558 my $vals = {id => $hold_id};
560 if($action =~ /activate/) {
561 $vals->{frozen} = 'f';
562 $vals->{thaw_date} = undef;
564 } elsif($action =~ /suspend/) {
565 $vals->{frozen} = 't';
566 # $vals->{thaw_date} = TODO;
568 push(@$vlist, $vals);
571 my $resp = $circ->request('open-ils.circ.hold.update.batch.atomic', $e->authtoken, undef, $vlist)->gather(1);
572 $self->ctx->{hold_suspend_post_capture} = 1 if
573 grep {$U->event_equals($_, 'HOLD_SUSPEND_AFTER_CAPTURE')} @$resp;
575 } elsif ($action eq 'edit') {
578 my $val = {"id" => $_};
579 $val->{"frozen"} = $self->cgi->param("frozen");
580 $val->{"pickup_lib"} = $self->cgi->param("pickup_lib");
582 for my $field (qw/expire_time thaw_date/) {
583 # XXX TODO make this support other date formats, not just
585 next unless $self->cgi->param($field) =~
586 m:^(\d{2})/(\d{2})/(\d{4})$:;
587 $val->{$field} = "$3-$1-$2";
593 'open-ils.circ.hold.update.batch.atomic',
594 $e->authtoken, undef, \@vals
595 )->gather(1); # LFW XXX test for failure
596 $url = $self->ctx->{proto} . '://' . $self->ctx->{hostname} . $self->ctx->{opac_root} . '/myopac/holds';
597 foreach my $param (('loc', 'qtype', 'query')) {
598 if ($self->cgi->param($param)) {
599 $url .= ";$param=" . uri_escape($self->cgi->param($param));
605 return defined($url) ? $self->generic_redirect($url) : undef;
608 sub load_myopac_holds {
610 my $e = $self->editor;
611 my $ctx = $self->ctx;
613 my $limit = $self->cgi->param('limit') || 15;
614 my $offset = $self->cgi->param('offset') || 0;
615 my $action = $self->cgi->param('action') || '';
616 my $hold_id = $self->cgi->param('id');
617 my $available = int($self->cgi->param('available') || 0);
619 my $hold_handle_result;
620 $hold_handle_result = $self->handle_hold_update($action) if $action;
622 my $holds_object = $self->fetch_user_holds($hold_id ? [$hold_id] : undef, 0, 1, $available, $limit, $offset);
623 if($holds_object->{holds}) {
624 $ctx->{holds} = $holds_object->{holds};
626 $ctx->{holds_ids} = $holds_object->{all_ids};
627 $ctx->{holds_limit} = $limit;
628 $ctx->{holds_offset} = $offset;
630 return defined($hold_handle_result) ? $hold_handle_result : Apache2::Const::OK;
635 sub load_place_hold {
637 my $ctx = $self->ctx;
638 my $gos = $ctx->{get_org_setting};
639 my $e = $self->editor;
640 my $cgi = $self->cgi;
642 $self->ctx->{page} = 'place_hold';
643 my @targets = $cgi->param('hold_target');
644 my @parts = $cgi->param('part');
646 $ctx->{hold_type} = $cgi->param('hold_type');
647 $ctx->{default_pickup_lib} = $e->requestor->home_ou; # unless changed below
648 $ctx->{email_notify} = $cgi->param('email_notify');
649 if ($cgi->param('phone_notify_checkbox')) {
650 $ctx->{phone_notify} = $cgi->param('phone_notify');
652 if ($cgi->param('sms_notify_checkbox')) {
653 $ctx->{sms_notify} = $cgi->param('sms_notify');
654 $ctx->{sms_carrier} = $cgi->param('sms_carrier');
657 return $self->generic_redirect unless @targets;
659 $logger->info("Looking at hold_type: " . $ctx->{hold_type} . " and targets: @targets");
661 $ctx->{staff_recipient} = $self->editor->retrieve_actor_user([
666 au => ['settings', 'card']
669 ]) or return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR;
670 my $user_setting_map = {
671 map { $_->name => OpenSRF::Utils::JSON->JSON2perl($_->value) }
673 $ctx->{staff_recipient}->settings
676 $ctx->{user_setting_map} = $user_setting_map;
678 my $default_notify = (defined $$user_setting_map{'opac.hold_notify'} ? $$user_setting_map{'opac.hold_notify'} : 'email:phone');
679 if ($default_notify =~ /email/) {
680 $ctx->{default_email_notify} = 'checked';
682 $ctx->{default_email_notify} = '';
684 if ($default_notify =~ /phone/) {
685 $ctx->{default_phone_notify} = 'checked';
687 $ctx->{default_phone_notify} = '';
689 if ($default_notify =~ /sms/) {
690 $ctx->{default_sms_notify} = 'checked';
692 $ctx->{default_sms_notify} = '';
695 # If we have a default pickup location, grab it
696 if ($$user_setting_map{'opac.default_pickup_location'}) {
697 $ctx->{default_pickup_lib} = $$user_setting_map{'opac.default_pickup_location'};
700 my $request_lib = $e->requestor->ws_ou;
702 $ctx->{hold_data} = \@hold_data;
706 if ($ctx->{email_notify}) { $hdata->{email_notify} = $ctx->{email_notify}; }
707 if ($ctx->{phone_notify}) { $hdata->{phone_notify} = $ctx->{phone_notify}; }
708 if ($ctx->{sms_notify}) { $hdata->{sms_notify} = $ctx->{sms_notify}; }
709 if ($ctx->{sms_carrier}) { $hdata->{sms_carrier} = $ctx->{sms_carrier}; }
713 my $type_dispatch = {
715 my $recs = $e->batch_retrieve_biblio_record_entry(\@targets, {substream => 1});
717 for my $id (@targets) { # force back into the correct order
718 my ($rec) = grep {$_->id eq $id} @$recs;
720 # NOTE: if tpac ever supports locked-down pickup libs,
721 # we'll need to pass a pickup_lib param along with the
722 # record to filter the set of monographic parts.
723 my $parts = $U->simplereq(
725 'open-ils.search.biblio.record_hold_parts',
729 # T holds on records that have parts are OK, but if the record has
730 # no non-part copies, the hold will ultimately fail. When that
731 # happens, require the user to select a part.
732 my $part_required = 0;
734 my $np_copies = $e->json_query({
735 select => { acp => [{column => 'id', transform => 'count', alias => 'count'}]},
736 from => {acp => {acn => {}, acpm => {type => 'left'}}},
738 '+acp' => {deleted => 'f'},
739 '+acn' => {deleted => 'f', record => $rec->id},
740 '+acpm' => {id => undef}
743 $part_required = 1 if $np_copies->[0]->{count} == 0;
746 push(@hold_data, $data_filler->({
750 part_required => $part_required
755 my $vols = $e->batch_retrieve_asset_call_number([
758 "flesh_fields" => {"acn" => ["record"]}
760 ], {substream => 1});
762 for my $id (@targets) {
763 my ($vol) = grep {$_->id eq $id} @$vols;
764 push(@hold_data, $data_filler->({target => $vol, record => $vol->record}));
768 my $copies = $e->batch_retrieve_asset_copy([
773 "acp" => ["call_number"]
776 ], {substream => 1});
778 for my $id (@targets) {
779 my ($copy) = grep {$_->id eq $id} @$copies;
780 push(@hold_data, $data_filler->({target => $copy, record => $copy->call_number->record}));
784 my $isses = $e->batch_retrieve_serial_issuance([
788 "siss" => ["subscription"], "ssub" => ["record_entry"]
791 ], {substream => 1});
793 for my $id (@targets) {
794 my ($iss) = grep {$_->id eq $id} @$isses;
795 push(@hold_data, $data_filler->({target => $iss, record => $iss->subscription->record_entry}));
800 }->{$ctx->{hold_type}}->();
802 # caller sent bad target IDs or the wrong hold type
803 return Apache2::Const::HTTP_BAD_REQUEST unless @hold_data;
805 # generate the MARC xml for each record
806 $_->{marc_xml} = XML::LibXML->new->parse_string($_->{record}->marc) for @hold_data;
808 my $pickup_lib = $cgi->param('pickup_lib');
809 # no pickup lib means no holds placement
810 return Apache2::Const::OK unless $pickup_lib;
812 $ctx->{hold_attempt_made} = 1;
814 # Give the original CGI params back to the user in case they
815 # want to try to override something.
816 $ctx->{orig_params} = $cgi->Vars;
817 delete $ctx->{orig_params}{submit};
818 delete $ctx->{orig_params}{hold_target};
819 delete $ctx->{orig_params}{part};
821 my $usr = $e->requestor->id;
823 if ($ctx->{is_staff} and !$cgi->param("hold_usr_is_requestor")) {
824 # find the real hold target
826 $usr = $U->simplereq(
828 "open-ils.actor.user.retrieve_id_by_barcode_or_username",
829 $e->authtoken, $cgi->param("hold_usr"));
831 if (defined $U->event_code($usr)) {
832 $ctx->{hold_failed} = 1;
833 $ctx->{hold_failed_event} = $usr;
837 # target_id is the true target_id for holds placement.
838 # needed for attempt_hold_placement()
839 # With the exception of P-type holds, target_id == target->id.
840 $_->{target_id} = $_->{target}->id for @hold_data;
842 if ($ctx->{hold_type} eq 'T') {
844 # Much like quantum wave-particles, P-type holds pop into
845 # and out of existence at the user's whim. For our purposes,
846 # we treat such holds as T(itle) holds with a selected_part
847 # designation. When the time comes to pass the hold information
848 # off for holds possibility testing and placement, make it look
849 # like a real P-type hold.
850 my (@p_holds, @t_holds);
852 for my $idx (0..$#parts) {
853 my $hdata = $hold_data[$idx];
854 if (my $part = $parts[$idx]) {
855 $hdata->{target_id} = $part;
856 $hdata->{selected_part} = $part;
857 push(@p_holds, $hdata);
859 push(@t_holds, $hdata);
863 $self->apache->log->warn("$#parts : @t_holds");
865 $self->attempt_hold_placement($usr, $pickup_lib, 'P', @p_holds) if @p_holds;
866 $self->attempt_hold_placement($usr, $pickup_lib, 'T', @t_holds) if @t_holds;
869 $self->attempt_hold_placement($usr, $pickup_lib, $ctx->{hold_type}, @hold_data);
872 # NOTE: we are leaving the staff-placed patron barcode cookie
873 # in place. Otherwise, it's not possible to place more than
874 # one hold for the patron within a staff/patron session. This
875 # does leave the barcode to linger longer than is ideal, but
876 # normal staff work flow will cause the cookie to be replaced
877 # with each new patron anyway.
878 # TODO: See about getting the staff client to clear the cookie
880 # return to the place_hold page so the results of the hold
881 # placement attempt can be reported to the user
882 return Apache2::Const::OK;
885 sub attempt_hold_placement {
886 my ($self, $usr, $pickup_lib, $hold_type, @hold_data) = @_;
887 my $cgi = $self->cgi;
888 my $ctx = $self->ctx;
889 my $e = $self->editor;
891 # First see if we should warn/block for any holds that
892 # might have locally available items.
893 for my $hdata (@hold_data) {
894 my ($local_block, $local_alert) = $self->local_avail_concern(
895 $hdata->{target_id}, $hold_type, $pickup_lib);
898 $hdata->{hold_failed} = 1;
899 $hdata->{hold_local_block} = 1;
900 } elsif ($local_alert) {
901 $hdata->{hold_failed} = 1;
902 $hdata->{hold_local_alert} = 1;
906 my $method = 'open-ils.circ.holds.test_and_create.batch';
908 if ($cgi->param('override')) {
909 $method .= '.override';
911 } elsif (!$ctx->{is_staff}) {
913 $method .= '.override' if $self->ctx->{get_org_setting}->(
914 $e->requestor->home_ou, "opac.patron.auto_overide_hold_events");
917 my @create_targets = map {$_->{target_id}} (grep { !$_->{hold_failed} } @hold_data);
919 if(@create_targets) {
921 my $bses = OpenSRF::AppSession->create('open-ils.circ');
922 my $breq = $bses->request(
925 $data_filler->({ patronid => $usr,
926 pickup_lib => $pickup_lib,
927 hold_type => $hold_type
932 while (my $resp = $breq->recv) {
934 $resp = $resp->content;
935 $logger->info('batch hold placement result: ' . OpenSRF::Utils::JSON->perl2JSON($resp));
937 if ($U->event_code($resp)) {
938 $ctx->{general_hold_error} = $resp;
942 my ($hdata) = grep {$_->{target_id} eq $resp->{target}} @hold_data;
943 my $result = $resp->{result};
945 if ($U->event_code($result)) {
946 # e.g. permission denied
947 $hdata->{hold_failed} = 1;
948 $hdata->{hold_failed_event} = $result;
952 if(not ref $result and $result > 0) {
953 # successul hold returns the hold ID
955 $hdata->{hold_success} = $result;
958 # hold-specific failure event
959 $hdata->{hold_failed} = 1;
961 if (ref $result eq 'HASH') {
962 $hdata->{hold_failed_event} = $result->{last_event};
964 if ($result->{age_protected_copy}) {
965 $hdata->{could_override} = 1;
966 $hdata->{age_protect} = 1;
968 $hdata->{could_override} = $result->{place_unfillable} ||
969 $self->test_could_override($hdata->{hold_failed_event});
971 } elsif (ref $result eq 'ARRAY') {
972 $hdata->{hold_failed_event} = $result->[0];
974 if ($result->[3]) { # age_protect_only
975 $hdata->{could_override} = 1;
976 $hdata->{age_protect} = 1;
978 $hdata->{could_override} = $result->[4] || # place_unfillable
979 $self->test_could_override($hdata->{hold_failed_event});
990 sub fetch_user_circs {
992 my $flesh = shift; # flesh bib data, etc.
993 my $circ_ids = shift;
997 my $e = $self->editor;
1002 @circ_ids = @$circ_ids;
1007 select => {circ => ['id']},
1011 usr => $e->requestor->id,
1012 checkin_time => undef,
1014 {stop_fines => undef},
1015 {stop_fines => {'not in' => ['LOST','CLAIMSRETURNED','LONGOVERDUE']}}
1019 order_by => {circ => ['due_date']}
1022 $query->{limit} = $limit if $limit;
1023 $query->{offset} = $offset if $offset;
1025 my $ids = $e->json_query($query);
1026 @circ_ids = map {$_->{id}} @$ids;
1029 return [] unless @circ_ids;
1034 circ => ['target_copy'],
1035 acp => ['call_number'],
1041 my $circs = $e->search_action_circulation(
1042 [{id => \@circ_ids}, ($flesh) ? $qflesh : {}], {substream => 1});
1045 for my $circ (@$circs) {
1048 marc_xml => ($flesh and $circ->target_copy->call_number->id != -1) ?
1049 XML::LibXML->new->parse_string($circ->target_copy->call_number->record->marc) :
1050 undef # pre-cat copy, use the dummy title/author instead
1055 # make sure the final list is in the correct order
1057 for my $id (@circ_ids) {
1060 (grep { $_->{circ}->id == $id } @circs)
1064 return \@sorted_circs;
1068 sub handle_circ_renew {
1071 my $ctx = $self->ctx;
1073 my @renew_ids = $self->cgi->param('circ');
1075 my $circs = $self->fetch_user_circs(0, ($action eq 'renew') ? [@renew_ids] : undef);
1077 # TODO: fire off renewal calls in batches to speed things up
1079 for my $circ (@$circs) {
1081 my $evt = $U->simplereq(
1083 'open-ils.circ.renew',
1084 $self->editor->authtoken,
1086 patron_id => $self->editor->requestor->id,
1087 copy_id => $circ->{circ}->target_copy,
1092 # TODO return these, then insert them into the circ data
1093 # blob that is shoved into the template for each circ
1094 # so the template won't have to match them
1095 push(@responses, {copy => $circ->{circ}->target_copy, evt => $evt});
1102 sub load_myopac_circs {
1104 my $e = $self->editor;
1105 my $ctx = $self->ctx;
1108 my $limit = $self->cgi->param('limit') || 0; # 0 == unlimited
1109 my $offset = $self->cgi->param('offset') || 0;
1110 my $action = $self->cgi->param('action') || '';
1112 # perform the renewal first if necessary
1113 my @results = $self->handle_circ_renew($action) if $action =~ /renew/;
1115 $ctx->{circs} = $self->fetch_user_circs(1, undef, $limit, $offset);
1117 my $success_renewals = 0;
1118 my $failed_renewals = 0;
1119 for my $data (@{$ctx->{circs}}) {
1120 my ($resp) = grep { $_->{copy} == $data->{circ}->target_copy->id } @results;
1123 my $evt = ref($resp->{evt}) eq 'ARRAY' ? $resp->{evt}->[0] : $resp->{evt};
1124 $data->{renewal_response} = $evt;
1125 $success_renewals++ if $evt->{textcode} eq 'SUCCESS';
1126 $failed_renewals++ if $evt->{textcode} ne 'SUCCESS';
1130 $ctx->{success_renewals} = $success_renewals;
1131 $ctx->{failed_renewals} = $failed_renewals;
1133 return Apache2::Const::OK;
1136 sub load_myopac_circ_history {
1138 my $e = $self->editor;
1139 my $ctx = $self->ctx;
1140 my $limit = $self->cgi->param('limit') || 15;
1141 my $offset = $self->cgi->param('offset') || 0;
1143 $ctx->{circ_history_limit} = $limit;
1144 $ctx->{circ_history_offset} = $offset;
1146 my $circ_ids = $e->json_query({
1150 transform => 'action.usr_visible_circs',
1151 result_field => 'id'
1155 where => {id => $e->requestor->id},
1160 $ctx->{circs} = $self->fetch_user_circs(1, [map { $_->{id} } @$circ_ids]);
1161 return Apache2::Const::OK;
1164 # TODO: action.usr_visible_holds does not return cancelled holds. Should it?
1165 sub load_myopac_hold_history {
1167 my $e = $self->editor;
1168 my $ctx = $self->ctx;
1169 my $limit = $self->cgi->param('limit') || 15;
1170 my $offset = $self->cgi->param('offset') || 0;
1171 $ctx->{hold_history_limit} = $limit;
1172 $ctx->{hold_history_offset} = $offset;
1174 my $hold_ids = $e->json_query({
1178 transform => 'action.usr_visible_holds',
1179 result_field => 'id'
1183 where => {id => $e->requestor->id}
1186 my $holds_object = $self->fetch_user_holds([map { $_->{id} } @$hold_ids], 0, 1, 0, $limit, $offset);
1187 if($holds_object->{holds}) {
1188 $ctx->{holds} = $holds_object->{holds};
1190 $ctx->{hold_history_ids} = $holds_object->{all_ids};
1192 return Apache2::Const::OK;
1195 sub load_myopac_payment_form {
1199 $r = $self->prepare_fines(undef, undef, [$self->cgi->param('xact'), $self->cgi->param('xact_misc')]) and return $r;
1200 $r = $self->prepare_extended_user_info and return $r;
1202 return Apache2::Const::OK;
1205 # TODO: add other filter options as params/configs/etc.
1206 sub load_myopac_payments {
1208 my $limit = $self->cgi->param('limit') || 20;
1209 my $offset = $self->cgi->param('offset') || 0;
1210 my $e = $self->editor;
1212 $self->ctx->{payment_history_limit} = $limit;
1213 $self->ctx->{payment_history_offset} = $offset;
1216 $args->{limit} = $limit if $limit;
1217 $args->{offset} = $offset if $offset;
1219 if (my $max_age = $self->ctx->{get_org_setting}->(
1220 $e->requestor->home_ou, "opac.payment_history_age_limit"
1222 my $min_ts = DateTime->now(
1223 "time_zone" => DateTime::TimeZone->new("name" => "local"),
1224 )->subtract("seconds" => interval_to_seconds($max_age))->iso8601();
1226 $logger->info("XXX min_ts: $min_ts");
1227 $args->{"where"} = {"payment_ts" => {">=" => $min_ts}};
1230 $self->ctx->{payments} = $U->simplereq(
1232 'open-ils.actor.user.payments.retrieve.atomic',
1233 $e->authtoken, $e->requestor->id, $args);
1235 return Apache2::Const::OK;
1238 # 1. caches the form parameters
1239 # 2. loads the credit card payment "Processing..." page
1240 sub load_myopac_pay_init {
1242 my $cache = OpenSRF::Utils::Cache->new('global');
1244 my @payment_xacts = ($self->cgi->param('xact'), $self->cgi->param('xact_misc'));
1246 if (!@payment_xacts) {
1247 # for consistency with load_myopac_payment_form() and
1248 # to preserve backwards compatibility, if no xacts are
1249 # selected, assume all (applicable) transactions are wanted.
1250 my $stat = $self->prepare_fines(undef, undef, [$self->cgi->param('xact'), $self->cgi->param('xact_misc')]);
1251 return $stat if $stat;
1253 map { $_->{xact}->id } (
1254 @{$self->ctx->{fines}->{circulation}},
1255 @{$self->ctx->{fines}->{grocery}}
1259 return $self->generic_redirect unless @payment_xacts;
1261 my $cc_args = {"where_process" => 1};
1263 $cc_args->{$_} = $self->cgi->param($_) for (qw/
1264 number cvv2 expire_year expire_month billing_first
1265 billing_last billing_address billing_city billing_state
1270 cc_args => $cc_args,
1271 user => $self->ctx->{user}->id,
1272 xacts => \@payment_xacts
1275 # generate a temporary cache token and cache the form data
1276 my $token = md5_hex($$ . time() . rand());
1277 $cache->put_cache($token, $cache_args, 30);
1279 $logger->info("tpac caching payment info with token $token and xacts [@payment_xacts]");
1281 # after we render the processing page, we quickly redirect to submit
1282 # the actual payment. The refresh url contains the payment token.
1283 # It also contains the list of xact IDs, which allows us to clear the
1284 # cache at the earliest possible time while leaving a trace of which
1285 # transactions we were processing, so the UI can bring the user back
1286 # to the payment form w/ the same xacts if the payment fails.
1288 my $refresh = "1; url=main_pay/$token?xact=" . pop(@payment_xacts);
1289 $refresh .= ";xact=$_" for @payment_xacts;
1290 $self->ctx->{refresh} = $refresh;
1292 return Apache2::Const::OK;
1295 # retrieve the cached CC payment info and send off for processing
1296 sub load_myopac_pay {
1298 my $token = $self->ctx->{page_args}->[0];
1299 return Apache2::Const::HTTP_BAD_REQUEST unless $token;
1301 my $cache = OpenSRF::Utils::Cache->new('global');
1302 my $cache_args = $cache->get_cache($token);
1303 $cache->delete_cache($token);
1305 # this page is loaded immediately after the token is created.
1306 # if the cached data is not there, it's because of an invalid
1307 # token (or cache failure) and not because of a timeout.
1308 return Apache2::Const::HTTP_BAD_REQUEST unless $cache_args;
1310 my @payment_xacts = @{$cache_args->{xacts}};
1311 my $cc_args = $cache_args->{cc_args};
1313 # as an added security check, verify the user submitting
1314 # the form is the same as the user whose data was cached
1315 return Apache2::Const::HTTP_BAD_REQUEST unless
1316 $cache_args->{user} == $self->ctx->{user}->id;
1318 $logger->info("tpac paying fines with token $token and xacts [@payment_xacts]");
1321 $r = $self->prepare_fines(undef, undef, \@payment_xacts) and return $r;
1323 # balance_owed is computed specifically from the fines we're paying
1324 if ($self->ctx->{fines}->{balance_owed} <= 0) {
1325 $logger->info("tpac can't pay non-positive balance. xacts selected: [@payment_xacts]");
1326 return Apache2::Const::HTTP_BAD_REQUEST;
1330 "cc_args" => $cc_args,
1331 "userid" => $self->ctx->{user}->id,
1332 "payment_type" => "credit_card_payment",
1333 "payments" => $self->prepare_fines_for_payment # should be safe after self->prepare_fines
1336 my $resp = $U->simplereq("open-ils.circ", "open-ils.circ.money.payment",
1337 $self->editor->authtoken, $args, $self->ctx->{user}->last_xact_id
1340 $self->ctx->{"payment_response"} = $resp;
1342 unless ($resp->{"textcode"}) {
1343 $self->ctx->{printable_receipt} = $U->simplereq(
1344 "open-ils.circ", "open-ils.circ.money.payment_receipt.print",
1345 $self->editor->authtoken, $resp->{payments}
1349 return Apache2::Const::OK;
1352 sub load_myopac_receipt_print {
1355 $self->ctx->{printable_receipt} = $U->simplereq(
1356 "open-ils.circ", "open-ils.circ.money.payment_receipt.print",
1357 $self->editor->authtoken, [$self->cgi->param("payment")]
1360 return Apache2::Const::OK;
1363 sub load_myopac_receipt_email {
1366 # The following ML method doesn't actually check whether the user in
1367 # question has an email address, so we do.
1368 if ($self->ctx->{user}->email) {
1369 $self->ctx->{email_receipt_result} = $U->simplereq(
1370 "open-ils.circ", "open-ils.circ.money.payment_receipt.email",
1371 $self->editor->authtoken, [$self->cgi->param("payment")]
1374 $self->ctx->{email_receipt_result} =
1375 new OpenILS::Event("PATRON_NO_EMAIL_ADDRESS");
1378 return Apache2::Const::OK;
1382 my ($self, $limit, $offset, $id_list) = @_;
1384 # XXX TODO: check for failure after various network calls
1386 # It may be unclear, but this result structure lumps circulation and
1387 # reservation fines together, and keeps grocery fines separate.
1388 $self->ctx->{"fines"} = {
1389 "circulation" => [],
1396 my $cstore = OpenSRF::AppSession->create('open-ils.cstore');
1398 # TODO: This should really be a ML call, but the existing calls
1399 # return an excessive amount of data and don't offer streaming
1401 my %paging = ($limit or $offset) ? (limit => $limit, offset => $offset) : ();
1403 my $req = $cstore->request(
1404 'open-ils.cstore.direct.money.open_billable_transaction_summary.search',
1406 usr => $self->editor->requestor->id,
1407 balance_owed => {'!=' => 0},
1408 ($id_list && @$id_list ? ("id" => $id_list) : ()),
1413 mobts => [qw/grocery circulation reservation/],
1414 bresv => ['target_resource_type'],
1418 circ => ['target_copy'],
1419 acp => ['call_number'],
1422 order_by => { mobts => 'xact_start' },
1427 my @total_keys = qw/total_paid total_owed balance_owed/;
1428 $self->ctx->{"fines"}->{@total_keys} = (0, 0, 0);
1430 while(my $resp = $req->recv) {
1431 my $mobts = $resp->content;
1432 my $circ = $mobts->circulation;
1435 if($mobts->grocery) {
1436 my @billings = sort { $a->billing_ts cmp $b->billing_ts } @{$mobts->grocery->billings};
1437 $last_billing = pop(@billings);
1440 # XXX TODO confirm that the following, and the later division by 100.0
1441 # to get a floating point representation once again, is sufficiently
1442 # "money-safe" math.
1443 $self->ctx->{"fines"}->{$_} += int($mobts->$_ * 100) for (@total_keys);
1445 my $marc_xml = undef;
1446 if ($mobts->xact_type eq 'reservation' and
1447 $mobts->reservation->target_resource_type->record) {
1448 $marc_xml = XML::LibXML->new->parse_string(
1449 $mobts->reservation->target_resource_type->record->marc
1451 } elsif ($mobts->xact_type eq 'circulation' and
1452 $circ->target_copy->call_number->id != -1) {
1453 $marc_xml = XML::LibXML->new->parse_string(
1454 $circ->target_copy->call_number->record->marc
1459 @{$self->ctx->{"fines"}->{$mobts->grocery ? "grocery" : "circulation"}},
1462 last_grocery_billing => $last_billing,
1463 marc_xml => $marc_xml
1470 $self->ctx->{"fines"}->{$_} /= 100.0 for (@total_keys);
1474 sub prepare_fines_for_payment {
1475 # This assumes $self->prepare_fines has already been run
1479 if ($self->ctx->{fines}) {
1480 push @results, [$_->{xact}->id, $_->{xact}->balance_owed] foreach (
1481 @{$self->ctx->{fines}->{circulation}},
1482 @{$self->ctx->{fines}->{grocery}}
1489 sub load_myopac_main {
1491 my $limit = $self->cgi->param('limit') || 0;
1492 my $offset = $self->cgi->param('offset') || 0;
1493 $self->ctx->{search_ou} = $self->_get_search_lib();
1494 $self->ctx->{user}->notes(
1495 $self->editor->search_actor_usr_note({
1496 usr => $self->ctx->{user}->id,
1500 return $self->prepare_fines($limit, $offset) || Apache2::Const::OK;
1503 sub load_myopac_update_email {
1505 my $e = $self->editor;
1506 my $ctx = $self->ctx;
1507 my $email = $self->cgi->param('email') || '';
1508 my $current_pw = $self->cgi->param('current_pw') || '';
1510 # needed for most up-to-date email address
1511 if (my $r = $self->prepare_extended_user_info) { return $r };
1513 return Apache2::Const::OK
1514 unless $self->cgi->request_method eq 'POST';
1516 unless($email =~ /.+\@.+\..+/) { # TODO better regex?
1517 $ctx->{invalid_email} = $email;
1518 return Apache2::Const::OK;
1521 my $stat = $U->simplereq(
1523 'open-ils.actor.user.email.update',
1524 $e->authtoken, $email, $current_pw);
1526 if($U->event_equals($stat, 'INCORRECT_PASSWORD')) {
1527 $ctx->{password_incorrect} = 1;
1528 return Apache2::Const::OK;
1531 unless ($self->cgi->param("redirect_to")) {
1532 my $url = $self->apache->unparsed_uri;
1533 $url =~ s/update_email/prefs/;
1535 return $self->generic_redirect($url);
1538 return $self->generic_redirect;
1541 sub load_myopac_update_username {
1543 my $e = $self->editor;
1544 my $ctx = $self->ctx;
1545 my $username = $self->cgi->param('username') || '';
1546 my $current_pw = $self->cgi->param('current_pw') || '';
1548 $self->prepare_extended_user_info;
1550 my $allow_change = 1;
1552 my $lock_usernames = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.lock_usernames');
1553 if(defined($lock_usernames) and $lock_usernames == 1) {
1554 # Policy says no username changes
1557 # We want this further down.
1558 $regex_check = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.barcode_regex');
1559 my $username_unlimit = $self->ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.unlimit_usernames');
1560 if(!$username_unlimit) {
1562 # Default is "starts with a number"
1563 $regex_check = '^\d+';
1565 # You already have a username?
1566 if($regex_check and $self->ctx->{user}->usrname !~ /$regex_check/) {
1571 if(!$allow_change) {
1572 my $url = $self->apache->unparsed_uri;
1573 $url =~ s/update_username/prefs/;
1575 return $self->generic_redirect($url);
1578 return Apache2::Const::OK
1579 unless $self->cgi->request_method eq 'POST';
1581 unless($username and $username !~ /\s/) { # any other username restrictions?
1582 $ctx->{invalid_username} = $username;
1583 return Apache2::Const::OK;
1586 # New username can't look like a barcode if we have a barcode regex
1587 if($regex_check and $username =~ /$regex_check/) {
1588 $ctx->{invalid_username} = $username;
1589 return Apache2::Const::OK;
1592 # New username has to look like a username if we have a username regex
1593 $regex_check = $ctx->{get_org_setting}->($e->requestor->home_ou, 'opac.username_regex');
1594 if($regex_check and $username !~ /$regex_check/) {
1595 $ctx->{invalid_username} = $username;
1596 return Apache2::Const::OK;
1599 if($username ne $e->requestor->usrname) {
1601 my $evt = $U->simplereq(
1603 'open-ils.actor.user.username.update',
1604 $e->authtoken, $username, $current_pw);
1606 if($U->event_equals($evt, 'INCORRECT_PASSWORD')) {
1607 $ctx->{password_incorrect} = 1;
1608 return Apache2::Const::OK;
1611 if($U->event_equals($evt, 'USERNAME_EXISTS')) {
1612 $ctx->{username_exists} = $username;
1613 return Apache2::Const::OK;
1617 my $url = $self->apache->unparsed_uri;
1618 $url =~ s/update_username/prefs/;
1620 return $self->generic_redirect($url);
1623 sub load_myopac_update_password {
1625 my $e = $self->editor;
1626 my $ctx = $self->ctx;
1628 return Apache2::Const::OK
1629 unless $self->cgi->request_method eq 'POST';
1631 my $current_pw = $self->cgi->param('current_pw') || '';
1632 my $new_pw = $self->cgi->param('new_pw') || '';
1633 my $new_pw2 = $self->cgi->param('new_pw2') || '';
1635 unless($new_pw eq $new_pw2) {
1636 $ctx->{password_nomatch} = 1;
1637 return Apache2::Const::OK;
1640 my $pw_regex = $ctx->{get_org_setting}->($e->requestor->home_ou, 'global.password_regex');
1643 # This regex duplicates the JSPac's default "digit, letter, and 7 characters" rule
1644 $pw_regex = '(?=.*\d+.*)(?=.*[A-Za-z]+.*).{7,}';
1647 if($pw_regex and $new_pw !~ /$pw_regex/) {
1648 $ctx->{password_invalid} = 1;
1649 return Apache2::Const::OK;
1652 my $evt = $U->simplereq(
1654 'open-ils.actor.user.password.update',
1655 $e->authtoken, $new_pw, $current_pw);
1658 if($U->event_equals($evt, 'INCORRECT_PASSWORD')) {
1659 $ctx->{password_incorrect} = 1;
1660 return Apache2::Const::OK;
1663 my $url = $self->apache->unparsed_uri;
1664 $url =~ s/update_password/prefs/;
1666 return $self->generic_redirect($url);
1669 sub _update_bookbag_metadata {
1670 my ($self, $bookbag) = @_;
1672 $bookbag->name($self->cgi->param("name"));
1673 $bookbag->description($self->cgi->param("description"));
1675 return 1 if $self->editor->update_container_biblio_record_entry_bucket($bookbag);
1679 sub load_myopac_bookbags {
1681 my $e = $self->editor;
1682 my $ctx = $self->ctx;
1683 my $limit = $self->cgi->param('limit') || 10;
1684 my $offset = $self->cgi->param('offset') || 0;
1686 $ctx->{bookbags_limit} = $limit;
1687 $ctx->{bookbags_offset} = $offset;
1689 my ($sorter, $modifier) = $self->_get_bookbag_sort_params("sort");
1690 $e->xact_begin; # replication...
1692 my $rv = $self->load_mylist;
1693 unless($rv eq Apache2::Const::OK) {
1698 $ctx->{bookbags} = $e->search_container_biblio_record_entry_bucket(
1700 {owner => $e->requestor->id, btype => 'bookbag'}, {
1701 order_by => {cbreb => 'name'},
1709 if(!$ctx->{bookbags}) {
1711 return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR;
1714 # We load the user prefs to get their default bookbag.
1715 $self->_load_user_with_prefs;
1717 # We also want a total count of the user's bookbags.
1719 'select' => { 'cbreb' => [ { 'column' => 'id', 'transform' => 'count', 'aggregate' => 'true', 'alias' => 'count' } ] },
1721 'where' => { 'btype' => 'bookbag', 'owner' => $self->ctx->{user}->id }
1723 my $r = $e->json_query($q);
1724 $ctx->{bookbag_count} = $r->[0]->{'count'};
1726 # If the user wants a specific bookbag's items, load them.
1727 # XXX add bookbag item paging support
1729 if ($self->cgi->param("bbid")) {
1731 grep { $_->id eq $self->cgi->param("bbid") } @{$ctx->{bookbags}};
1734 if ( ($self->cgi->param("action") || '') eq "editmeta") {
1735 if (!$self->_update_bookbag_metadata($bookbag)) {
1737 return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR;
1740 my $url = $self->ctx->{opac_root} . '/myopac/lists?bbid=' .
1743 foreach my $param (('loc', 'qtype', 'query', 'sort', 'offset', 'limit')) {
1744 if ($self->cgi->param($param)) {
1745 $url .= ";$param=" . uri_escape($self->cgi->param($param));
1749 return $self->generic_redirect($url);
1753 # we're done with our CStoreEditor. Rollback here so
1754 # later calls don't cause a timeout, resulting in a
1755 # transaction rollback under the covers.
1758 my $query = $self->_prepare_bookbag_container_query(
1759 $bookbag->id, $sorter, $modifier
1762 # XXX Limiting to 1000 for now. This way you should be able to see entire
1763 # list contents. Need to add paging here instead.
1769 my $items = $U->bib_container_items_via_search($bookbag->id, $query, $args)
1770 or return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR;
1773 my (undef, @recs) = $self->get_records_and_facets(
1774 [ map {$_->target_biblio_record_entry->id} @$items ],
1779 $ctx->{bookbags_marc_xml}{$_->{id}} = $_->{marc_xml} for @recs;
1781 $bookbag->items($items);
1785 # If we have add_rec, we got here from the "Add to new list"
1786 # or "See all" popmenu items.
1787 if (my $add_rec = $self->cgi->param('add_rec')) {
1788 $self->ctx->{add_rec} = $add_rec;
1789 # But not in the staff client, 'cause that breaks things.
1790 unless ($self->ctx->{is_staff}) {
1791 $self->ctx->{where_from} = $self->ctx->{referer};
1792 if ( my $anchor = $self->cgi->param('anchor') ) {
1793 $self->ctx->{where_from} =~ s/#.*|$/#$anchor/;
1798 # this rollback may be a dupe, but that's OK because
1799 # cstoreditor ignores dupe rollbacks
1802 return Apache2::Const::OK;
1806 # actions are create, delete, show, hide, rename, add_rec, delete_item, place_hold
1807 # CGI is action, list=list_id, add_rec/record=bre_id, del_item=bucket_item_id, name=new_bucket_name
1808 sub load_myopac_bookbag_update {
1809 my ($self, $action, $list_id, @hold_recs) = @_;
1810 my $e = $self->editor;
1811 my $cgi = $self->cgi;
1813 # save_notes is effectively another action, but is passed in a separate
1814 # CGI parameter for what are really just layout reasons.
1815 $action = 'save_notes' if $cgi->param('save_notes');
1816 $action ||= $cgi->param('action');
1818 $list_id ||= $cgi->param('list') || $cgi->param('bbid');
1820 my @add_rec = $cgi->param('add_rec') || $cgi->param('record');
1821 my @selected_item = $cgi->param('selected_item');
1822 my $shared = $cgi->param('shared');
1823 my $name = $cgi->param('name');
1824 my $description = $cgi->param('description');
1828 # This url intentionally leaves off the edit_notes parameter, but
1829 # may need to add some back in for paging.
1831 my $url = $self->ctx->{proto} . "://" . $self->ctx->{hostname} .
1832 $self->ctx->{opac_root} . "/myopac/lists?";
1834 foreach my $param (('loc', 'qtype', 'query', 'sort')) {
1835 if ($cgi->param($param)) {
1836 $url .= "$param=" . uri_escape($cgi->param($param)) . ";";
1840 if ($action eq 'create') {
1841 $list = Fieldmapper::container::biblio_record_entry_bucket->new;
1843 $list->description($description);
1844 $list->owner($e->requestor->id);
1845 $list->btype('bookbag');
1846 $list->pub($shared ? 't' : 'f');
1847 $success = $U->simplereq('open-ils.actor',
1848 'open-ils.actor.container.create', $e->authtoken, 'biblio', $list);
1849 if (ref($success) ne 'HASH' && scalar @add_rec) {
1850 $list_id = (ref($success)) ? $success->id : $success;
1851 foreach my $add_rec (@add_rec) {
1852 my $item = Fieldmapper::container::biblio_record_entry_bucket_item->new;
1853 $item->bucket($list_id);
1854 $item->target_biblio_record_entry($add_rec);
1855 $success = $U->simplereq('open-ils.actor',
1856 'open-ils.actor.container.item.create', $e->authtoken, 'biblio', $item);
1857 last unless $success;
1859 $url = $cgi->param('where_from') if ($success && $cgi->param('where_from'));
1861 } elsif($action eq 'place_hold') {
1863 # @hold_recs comes from anon lists redirect; selected_itesm comes from existing buckets
1864 unless (@hold_recs) {
1865 if (@selected_item) {
1866 my $items = $e->search_container_biblio_record_entry_bucket_item({id => \@selected_item});
1867 @hold_recs = map { $_->target_biblio_record_entry } @$items;
1871 return Apache2::Const::OK unless @hold_recs;
1872 $logger->info("placing holds from list page on: @hold_recs");
1874 my $url = $self->ctx->{opac_root} . '/place_hold?hold_type=T';
1875 $url .= ';hold_target=' . $_ for @hold_recs;
1876 foreach my $param (('loc', 'qtype', 'query')) {
1877 if ($cgi->param($param)) {
1878 $url .= ";$param=" . uri_escape($cgi->param($param));
1881 return $self->generic_redirect($url);
1885 $list = $e->retrieve_container_biblio_record_entry_bucket($list_id);
1887 return Apache2::Const::HTTP_BAD_REQUEST unless
1888 $list and $list->owner == $e->requestor->id;
1891 if($action eq 'delete') {
1892 $success = $U->simplereq('open-ils.actor',
1893 'open-ils.actor.container.full_delete', $e->authtoken, 'biblio', $list_id);
1895 # We check to see if we're deleting the user's default list.
1896 $self->_load_user_with_prefs;
1897 my $settings_map = $self->ctx->{user_setting_map};
1898 if ($$settings_map{'opac.default_list'} == $list_id) {
1899 # We unset the user's opac.default_list setting.
1900 $success = $U->simplereq(
1902 'open-ils.actor.patron.settings.update',
1905 { 'opac.default_list' => 0 }
1909 } elsif($action eq 'show') {
1910 unless($U->is_true($list->pub)) {
1912 $success = $U->simplereq('open-ils.actor',
1913 'open-ils.actor.container.update', $e->authtoken, 'biblio', $list);
1916 } elsif($action eq 'hide') {
1917 if($U->is_true($list->pub)) {
1919 $success = $U->simplereq('open-ils.actor',
1920 'open-ils.actor.container.update', $e->authtoken, 'biblio', $list);
1923 } elsif($action eq 'rename') {
1926 $success = $U->simplereq('open-ils.actor',
1927 'open-ils.actor.container.update', $e->authtoken, 'biblio', $list);
1930 } elsif($action eq 'add_rec') {
1931 foreach my $add_rec (@add_rec) {
1932 my $item = Fieldmapper::container::biblio_record_entry_bucket_item->new;
1933 $item->bucket($list_id);
1934 $item->target_biblio_record_entry($add_rec);
1935 $success = $U->simplereq('open-ils.actor',
1936 'open-ils.actor.container.item.create', $e->authtoken, 'biblio', $item);
1937 last unless $success;
1939 # Redirect back where we came from if we have an anchor parameter:
1940 if ( my $anchor = $cgi->param('anchor') && !$self->ctx->{is_staff}) {
1941 $url = $self->ctx->{referer};
1942 $url =~ s/#.*|$/#$anchor/;
1943 } elsif ($cgi->param('where_from')) {
1944 # Or, if we have a "where_from" parameter.
1945 $url = $cgi->param('where_from');
1947 } elsif ($action eq 'del_item') {
1948 foreach (@selected_item) {
1949 $success = $U->simplereq(
1951 'open-ils.actor.container.item.delete', $e->authtoken, 'biblio', $_
1953 last unless $success;
1955 } elsif ($action eq 'save_notes') {
1956 $success = $self->update_bookbag_item_notes;
1957 $url .= "&bbid=" . uri_escape($cgi->param("bbid")) if $cgi->param("bbid");
1958 } elsif ($action eq 'make_default') {
1959 $success = $U->simplereq(
1961 'open-ils.actor.patron.settings.update',
1964 { 'opac.default_list' => $list_id }
1966 } elsif ($action eq 'remove_default') {
1967 $success = $U->simplereq(
1969 'open-ils.actor.patron.settings.update',
1972 { 'opac.default_list' => 0 }
1976 return $self->generic_redirect($url) if $success;
1978 # XXX FIXME Bucket failure doesn't have a page to show the user anything
1979 # right now. User just sees a 404 currently.
1981 $self->ctx->{bucket_action} = $action;
1982 $self->ctx->{bucket_action_failed} = 1;
1983 return Apache2::Const::OK;
1986 sub update_bookbag_item_notes {
1988 my $e = $self->editor;
1990 my @note_keys = grep /^note-\d+/, keys(%{$self->cgi->Vars});
1991 my @item_keys = grep /^item-\d+/, keys(%{$self->cgi->Vars});
1993 # We're going to leverage an API call that's already been written to check
1994 # permissions appropriately.
1996 my $a = create OpenSRF::AppSession("open-ils.actor");
1997 my $method = "open-ils.actor.container.item_note.cud";
1999 for my $note_key (@note_keys) {
2002 my $id = ($note_key =~ /(\d+)/)[0];
2005 $e->retrieve_container_biblio_record_entry_bucket_item_note($id))) {
2006 my $event = $e->die_event;
2007 $self->apache->log->warn(
2008 "error retrieving cbrebin id $id, got event " .
2012 $self->ctx->{bucket_action_event} = $event;
2016 if (length($self->cgi->param($note_key))) {
2017 $note->ischanged(1);
2018 $note->note($self->cgi->param($note_key));
2020 $note->isdeleted(1);
2023 my $r = $a->request($method, $e->authtoken, "biblio", $note)->gather(1);
2025 if (defined $U->event_code($r)) {
2026 $self->apache->log->warn(
2027 "attempt to modify cbrebin " . $note->id .
2028 " returned event " . $r->{textcode}
2032 $self->ctx->{bucket_action_event} = $r;
2037 for my $item_key (@item_keys) {
2038 my $id = int(($item_key =~ /(\d+)/)[0]);
2039 my $text = $self->cgi->param($item_key);
2042 next unless length $text;
2044 my $note = new Fieldmapper::container::biblio_record_entry_bucket_item_note;
2049 my $r = $a->request($method, $e->authtoken, "biblio", $note)->gather(1);
2051 if (defined $U->event_code($r)) {
2052 $self->apache->log->warn(
2053 "attempt to create cbrebin for item " . $note->item .
2054 " returned event " . $r->{textcode}
2058 $self->ctx->{bucket_action_event} = $r;
2067 sub load_myopac_bookbag_print {
2070 my $id = int($self->cgi->param("list"));
2072 my ($sorter, $modifier) = $self->_get_bookbag_sort_params("sort");
2075 $self->_prepare_bookbag_container_query($id, $sorter, $modifier);
2079 # Get the bookbag object itself, assuming we're allowed to.
2080 if ($self->editor->allowed("VIEW_CONTAINER")) {
2082 $bbag = $self->editor->retrieve_container_biblio_record_entry_bucket($id) or return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR;
2084 my $bookbags = $self->editor->search_container_biblio_record_entry_bucket(
2088 "owner" => $self->editor->requestor->id,
2092 ) or return Apache2::Const::HTTP_INTERNAL_SERVER_ERROR;
2094 $bbag = pop @$bookbags;
2097 # If we have a bookbag we're allowed to look at, issue the A/T event
2098 # to get CSV, passing as a user param that search query we built before.
2100 $self->ctx->{csv} = $U->fire_object_event(
2101 undef, "container.biblio_record_entry_bucket.csv",
2102 $bbag, $self->editor->requestor->home_ou,
2103 undef, {"item_search" => $item_search}
2107 # Create a reasonable filename and set the content disposition to
2108 # provoke browser download dialogs.
2109 (my $filename = $bbag->id . $bbag->name) =~ s/[^a-z0-9_ -]//gi;
2111 return $self->set_file_download_headers("$filename.csv");
2114 sub load_myopac_circ_history_export {
2116 my $e = $self->editor;
2117 my $filename = $self->cgi->param('filename') || 'circ_history.csv';
2119 my $ids = $e->json_query({
2123 transform => 'action.usr_visible_circs',
2124 result_field => 'id'
2128 where => {id => $e->requestor->id}
2131 $self->ctx->{csv} = $U->fire_object_event(
2133 'circ.format.history.csv',
2134 $e->search_action_circulation({id => [map {$_->{id}} @$ids]}, {substream =>1}),
2135 $self->editor->requestor->home_ou
2138 return $self->set_file_download_headers($filename);
2141 sub load_password_reset {
2143 my $cgi = $self->cgi;
2144 my $ctx = $self->ctx;
2145 my $barcode = $cgi->param('barcode');
2146 my $username = $cgi->param('username');
2147 my $email = $cgi->param('email');
2148 my $pwd1 = $cgi->param('pwd1');
2149 my $pwd2 = $cgi->param('pwd2');
2150 my $uuid = $ctx->{page_args}->[0];
2154 $logger->info("patron password reset with uuid $uuid");
2156 if ($pwd1 and $pwd2) {
2158 if ($pwd1 eq $pwd2) {
2160 my $response = $U->simplereq(
2162 'open-ils.actor.patron.password_reset.commit',
2165 $logger->info("patron password reset response " . Dumper($response));
2167 if ($U->event_code($response)) { # non-success event
2169 my $code = $response->{textcode};
2171 if ($code eq 'PATRON_NOT_AN_ACTIVE_PASSWORD_RESET_REQUEST') {
2172 $ctx->{pwreset} = {style => 'error', status => 'NOT_ACTIVE'};
2175 if ($code eq 'PATRON_PASSWORD_WAS_NOT_STRONG') {
2176 $ctx->{pwreset} = {style => 'error', status => 'NOT_STRONG'};
2181 $ctx->{pwreset} = {style => 'success', status => 'SUCCESS'};
2184 } else { # passwords not equal
2186 $ctx->{pwreset} = {style => 'error', status => 'NO_MATCH'};
2189 } else { # 2 password values needed
2191 $ctx->{pwreset} = {status => 'TWO_PASSWORDS'};
2194 } elsif ($barcode or $username) {
2196 my @params = $barcode ? ('barcode', $barcode) : ('username', $username);
2197 push(@params, $email) if $email;
2201 'open-ils.actor.patron.password_reset.request', @params);
2203 $ctx->{pwreset} = {status => 'REQUEST_SUCCESS'};
2206 $logger->info("patron password reset resulted in " . Dumper($ctx->{pwreset}));
2207 return Apache2::Const::OK;