Please somebody correct me if I am wrong, but I think the interpretation of
the {flags} field is as follows:
- unless ($userenv->{flags} % 2 == 1){
%2 is modulus operator. This check is the same as "is it an odd number?"
and because of the way {flags} is built, it means "is user a
superlibrarian?" because the superlibrarian flag is the lowest "bit".
> + if ($userenv->{flags} != 1 && $bor->{'branchcode'}){
>
This check for flags asks "is user ONLY the superlibrarian". That is, it
would block a superlibrarian with any other additional flags set. That is
the wrong security model.
Also, $userenv was already declared at line 51 so it should not be
redeclared here.
--
Joe Atzberger
LibLime - Open Source Library Solutions
_______________________________________________
Koha-patches mailing list
[email protected]
http://lists.koha.org/mailman/listinfo/koha-patches
