Bug 34971: Fix permission to close a serial subscription (edit)

Note: there is a minor bug I had to correct, I don't split into two
patches since it is very minor and necessary to test that one.

Patch 1 - (this one) When a user is on serial collection information, the subscription is
not passed to the template, and therefore not passed to serials-toolbar.inc.
This makes sense if collection information is called with a biblionumber
but not if collection information is called with a subscription id.
Consequently, subscription.closed is always false and it is not possible
to reopen a basket.

Patch 2 - User with incorrect permission can close serials, they just
need to access to the page. This is due to serials-toolbar.inc expecting
a variable named "cannotedit", which is provided by
"subscription-details.pl" and not by "serials-collection.pl"

TEST PLAN:
Before applying patches :
1 - log in as a user with only receive_serial permission
2 - Open two pages one on
  /serials-collection.pl?subscriptionid=ID_A, another on
  /serials-collection.pl?subscriptionid=ID_B
3 - On serial A's collection page, check you can close the serial (wrong
  behaviour), note you can close it again but not reopen it
4 - Apply first patch
5 - Check you can reopen the serial (wrong behaviour) keep the page open
6 - On serial B's collection page, close the serial, keep the page open
7 - Apply second patch
8 - On page left open on 3 -, click on close, you are redirected to a
  login page.
8 - Go back to serial A's collection page -> there is no close button
  anymore
9 - On page left open on 4 -, click on reopen, you are redirected to a
  login page
10 - Go back to serial B's collection page -> there is no close button
  anymore

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Author: Baptiste Wojtkowski

serials/serials-collection.pl

@@ -219,6 +219,7 @@
     routing                                      => C4::Context->preference("RoutingSerials"),
     subscr                                       => scalar $query->param('subscriptionid'),
     subscriptioncount                            => $subscriptioncount,
+    cannotedit                                   => ( not C4::Serials::can_edit_subscription($subscriptionid) ),
     location                                     => $location,
     callnumber                                   => $callnumber,
     uc( C4::Context->preference("marcflavour") ) => 1,

serials/subscription-detail.pl

@@ -44,7 +44,14 @@
 
 # Permission needed if it is a deletion (del) : delete_subscription
 # Permission needed otherwise : *
-my $permission = ( $op eq "cud-del" ) ? "delete_subscription" : "*";
+
+my %permissions = (
+    "cud-del"   => "delete_subscription",
+    "cud-close" => "edit_subscription",
+    "reopen"    => "edit_subscription",
+);
+
+my $permission = $permissions{$op} // "*";
 
 my ( $template, $loggedinuser, $cookie ) = get_template_and_user(
     {