###################################################################### # # EPrint Editor # # Allows staff to remove EPrints or transfer them back to the # submission buffer. # ###################################################################### # # __LICENSE__ # ###################################################################### # # modified to allow editing by the submitting user -- CSL # slightly modified by Antje # use EPrints::EPrint; use EPrints::Session; use strict; #cjg check item is editable by this user. #cjg remove does not work my $session = EPrints::Session->new(); # Check we have privs ##CSL the depositer should be able to edit it #if( !$session->auth_check( "editor" ) ) if( !defined $session->current_user ) { $session->terminate(); exit( 0 ); } my( $title, $page ) = &process( $session ); $session->terminate(); sub process { my( $session ) = @_; my $datasetid = $session->param( "dataset" ); # When in doubt, use the main archive. $datasetid = "archive" if( !defined $datasetid ); if( $datasetid ne "archive" && $datasetid ne "inbox" && $datasetid ne "deletion" && $datasetid ne "buffer" ) { $datasetid = "archive"; } my $dataset = $session->get_archive()->get_dataset( $datasetid ); my $eprintid = $session->param( "eprintid" ); my $eprint = new EPrints::EPrint( $session, $eprintid, $dataset ); my $action = $session->get_action_button(); if( !defined $eprint ) { $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:cant_find_it", id=>$session->make_text( $eprintid ) ) ); return; } ##CSL check whether current user can edit this item my $can_edit=0; ###Antje - the user should only be able to edit a eprint if it is in the main archive and not in the buffer or inbox ###($datasetid eq "buffer" || $datasetid eq "inbox") if( $datasetid eq "archive" && $session->current_user->get_value("userid") == $eprint->get_value("userid") ) { $can_edit=1; } elsif( !$session->auth_check( "editor" ) ) { return; } my $user_ds = $session->get_archive()->get_dataset( "user" ); my $ef_field = $user_ds->get_field( 'editperms' ); my $searches = $session->current_user->get_value( 'editperms' ); if( scalar @{$searches} == 0 ) { $can_edit = 1; } foreach my $s ( @{$searches} ) { next if( $can_edit ); # skip the rest if one matches my $search = $ef_field->make_searchexp( $session, $s ); if( $search->get_conditions->item_matches( $eprint ) ) { $can_edit = 1; } $search->dispose; } unless( $can_edit ) { $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:cant_edit", id=>$session->make_text( $eprintid ) ) ); return; } if( !defined $action ) { &view_page( $session, $eprint ); return; } if( $action eq "_toinbox" ) { # Bounce button pressed - get reason &bounce_form( $session, 0, $eprint ); return; } if( $action eq "_remove" ) { # Remove button pressed - get reason &bounce_form( $session, 1, $eprint ); return; } if( $action eq "_send" ) { # Actually do the bounce &bounce( $session, $eprint ); return; } if( $action eq "_toarchive" ) { # Accept button pressed my $dsid = $eprint->get_dataset()->id(); unless( $eprint->move_to_archive() ) { $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:cant_move", id=>$session->make_text( $eprintid ) ) ); return; } # Successfully archived, redirect if( $dsid eq "buffer" ) { $session->redirect( "buffer" ); } else { $session->redirect( $session->get_archive()->get_conf( "userhome" ) ); } return; } if( $action eq "_tobuffer" ) { unless( $eprint->move_to_buffer() ) { $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:cant_move", id=>$session->make_text( $eprintid ) ) ); return; } my $page = $session->make_doc_fragment(); #Antje - only the editor and the admin should move the eprints from the buffer to the archive if($session->current_user->has_priv( "editor" )) { $page->appendChild( $session->html_phrase( "cgi/users/edit_eprint:moved", link=>$session->render_link( "edit_eprint?dataset=buffer&eprintid=".$eprintid ) ) ); }else { #Antje - insert the phrase "cgi/users/edit_eprint:thanks" into the "system-phrases-xx.xml" file $page->appendChild($session->html_phrase("cgi/users/edit_eprint:thanks")); } # $page->appendChild( $session->html_phrase("general:userhome_link" ) ); $session->build_page( $session->html_phrase( "cgi/users/edit_eprint:move_title" ), $page, "move_eprint" ); $session->send_page(); return; } if( $action eq "_todeletion" ) { unless( $eprint->move_to_deletion() ) { $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:cant_remove", id=>$session->make_text( $eprintid ) ) ); return; } my $page = $session->make_doc_fragment(); $page->appendChild( $session->html_phrase( "cgi/users/edit_eprint:removed" ) ); $page->appendChild( $session->html_phrase( "general:userhome_link" ) ); $session->build_page( $session->html_phrase( "cgi/users/edit_eprint:remove_title" ), $page, "move_removed" ); $session->send_page(); return; } if( $action eq "_clone" ) { my $new_eprint = $eprint->clone( $session->get_archive()->get_dataset( "buffer" ), 1 ); unless( defined $new_eprint ) { $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:cant_clone", id=>$session->make_text( $eprintid ) ) ); return; } $session->redirect( "edit_eprint?dataset=buffer&eprintid=".$new_eprint->get_id() ); return; } ######################################################### # OK, so we are (presumably) editing it then... my $stage = $session->param( "stage" ); # If we are skipping the files stage then we have to work out what the # actual last stage is... my $laststage = "files"; my @stages = ( "meta","linking","type" ); while( $session->get_archive()->get_conf( "submission_stage_skip", $laststage ) ) { $laststage = pop @stages; last if( $laststage eq "type" ); } my $ls = $session->get_archive()->get_conf( "submission_stage_last_for_staff_edit" ); $laststage = $ls if( defined $ls ); if( defined $stage && $laststage eq $stage && defined $action && ($action eq "finished" || $action eq "next") ) { # Intercept the verify page, that's what we were doing! $session->redirect( "edit_eprint?dataset=$datasetid&eprintid=$eprintid" ); return; } # Give other cases to the edit form my $subform = new EPrints::SubmissionForm( $session, "edit_eprint?dataset=$datasetid&eprintid=$eprintid", ##CSL 1, $session->current_user->has_priv( "editor" ) ? 1 : 0, $dataset, "edit_eprint" ); $subform->process(); if( $dataset->id eq "archive" || $dataset->id eq "deletion" ) { # If the eprint is in the main archive or deletion area # then we need to update its webpage. This will make editing # even slower, but editing the main db SHOULD be a rare thing # anyway. # get it from the DB again - it's probably changed. my $eprint = new EPrints::EPrint( $session, $eprintid, $dataset ); # update the static pages. $eprint->generate_static; } return; } # Show metadata & options: sub view_page { my( $session, $eprint ) = @_; my $page = $session->make_doc_fragment(); $page->appendChild( $session->html_phrase( "cgi/users/edit_eprint:status", dataset => $session->html_phrase( "dataset_fieldopt_dataset_".$eprint->get_dataset()->id() ) ) ); $page->appendChild( $eprint->render_full() ); # Possible actions # inbox buffer archive deletion # * * * * edit # * * remove - and send message to depositing user # * move to inbox - and send message to user # * * move to buffer - " # * * move to archive - " # * move to deletion - " # * * * * clone to buffer # actions for this form begin with _ (except edit and # those passed to submission form) my $buttons = {}; my $r1 = []; my $r2 = []; if( $eprint->get_dataset()->id() eq "inbox" ) { $r1 = [ "_tobuffer" ]; $r2 = [ "edit", "_remove", "_clone" ]; } if( $eprint->get_dataset()->id() eq "buffer" ) { $r1 = []; # only offer to return this to the inbox # if it's owned by a valid user. if( defined $eprint->get_user() ) { push @{$r1}, "_toinbox"; } push @{$r1}, "_toarchive"; $r2 = [ "edit", "_remove", "_clone" ]; } if( $eprint->get_dataset()->id() eq "archive" ) { $r1 = [ "_tobuffer", "_todeletion" ]; $r2 = [ "edit", "_clone" ]; } if( $eprint->get_dataset()->id() eq "deletion" ) { $r1 = [ "_toarchive" ]; $r2 = [ "edit", "_clone" ]; } ##CSL if( ! $session->current_user->has_priv( "editor" ) ) { #Antje - Except of the editor and the administrator the user should only be able to edit this eprint #$r2 = [ "edit", "_clone" ]; $r2 = ["edit"]; } # my $form = $session->render_form( "post", "edit_eprint" ); foreach( @{$r1}, @{$r2} ) { $buttons->{$_} = $session->phrase( "cgi/users/edit_eprint:action_".$_ ); } #CSL #Antje (remove if-clause) - the user should also be able to move the eprint to the buffer #if( $session->current_user->has_priv( "editor" ) ){ $form->appendChild( $session->render_ruler() ); $buttons->{_order} = $r1; $form->appendChild( $session->render_action_buttons( %{$buttons} ) ); ## } ## $form->appendChild( $session->render_ruler() ); $buttons->{_order} = $r2; $form->appendChild( $session->render_action_buttons( %{$buttons} ) ); $form->appendChild( $session->render_hidden_field( "eprintid", $eprint->get_id() ) ); $form->appendChild( $session->render_hidden_field( "dataset", $eprint->get_dataset()->id() ) ); $page->appendChild( $form ); $page->appendChild( $session->html_phrase( "general:userhome_link" ) ); $session->build_page( $session->html_phrase( "cgi/users/edit_eprint:form_title" ), $page, "move_form" ); $session->send_page(); } sub bounce_form { my( $session, $delete, $eprint ) = @_; # Get the user's details my $user = $eprint->get_user(); # We can't bounce it if there's no user associated - but # we can still delete it. if( !defined $user && !$delete) { $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:no_user" ), "buffer" ); return; } my $page = $session->make_doc_fragment(); my $form = $session->render_form( "post", "edit_eprint" ); if( defined $user ) { $page->appendChild( $session->html_phrase( "cgi/users/edit_eprint:bounce_form_intro", langpref=>$user->render_value( "lang" ) ) ); my $div = $session->make_element( "div", class => "formfieldinput" ); my $textarea = $session->make_element( "textarea", name => "reason", rows => 20, cols => 60, wrap => "virtual" ); # remove any markup: my $title = $session->make_text( EPrints::Utils::tree_to_utf8( $eprint->render_description() ) ); $textarea->appendChild( $session->html_phrase( ( $delete ? "mail_delete_reason" : "mail_bounce_reason" ), title => $title ) ); $div->appendChild( $textarea ); $form->appendChild( $div ); $form->appendChild( $session->render_action_buttons( "_send" => $session->phrase( "cgi/users/edit_eprint:action_send" ) ) ); } else { my $p = $session->make_element( "p" ); $p->appendChild( $eprint->render_description() ); $form->appendChild( $p ); $form->appendChild( $session->render_action_buttons( "_send" => $session->phrase( "cgi/users/edit_eprint:action_reallydelete" ) ) ); } $form->appendChild( $session->render_hidden_field( "eprintid", $eprint->get_value( "eprintid" ) ) ); $form->appendChild( $session->render_hidden_field( "dataset", $eprint->get_dataset()->id() ) ); $form->appendChild( $session->render_hidden_field( "delete", $delete ) ); $page->appendChild( $form ); $session->build_page( $session->html_phrase( "cgi/users/edit_eprint:title_".( $delete ? "delete" : "bounce" )."_form" ), $page, "editeprint_form" ); $session->send_page(); } sub bounce { my( $session, $eprint ) = @_; my $delete = $session->param( "delete" ); # Get the user's details my $user = $eprint->get_user(); # We can't bounce it if there's no user associated - but # we can still delete it. if( !defined $user && !$delete) { # Can't find the user $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:no_user" ), "buffer" ); return; } my $success = 0; if( $delete ) { # Delete the submission $success = $eprint->remove(); } else { # Transfer the EPrint back to the user's inbox $success = $eprint->move_to_inbox(); } unless( $success ) { # Couldn't be bounced at all $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:bord_fail" ), "buffer" ); return; } if( !defined $user ) { # Can't send mail to a user what does not # exist. $session->redirect( "buffer" ); return; } my $mail = $session->make_element( "mail" ); $mail->appendChild( $session->make_text( $session->param( "reason" ) ) ); # Successfully transferred, mail the user with the reason if( $user->mail( "cgi/users/edit_eprint:subject_bounce", $mail, $session->current_user() ) ) { # Successfully bounced, redirect $session->redirect( "buffer" ); return; } # Couldn't mail $session->render_error( $session->html_phrase( "cgi/users/edit_eprint:mail_fail", username=>$user->render_value( "username" ), email=>$user->render_value( "email" ) ), "buffer" ); }