Some libraries would like patrons to be unable to return items with
holds via SIP. Instead, the screen message should indicate that the
patron should return that item at the circ desk so a librarian can use
it to fill the next hold right away and place it on the hold shelf.
Test Plan:
1) Apply this patch.
2) Place a hold for an item.
3) Enable the new SIP option no_holds_checkin for a SIP account.
4) Restart the SIP server.
5) Check in the item using the SIP CLI tool using the SIP account
for which you set the new option.
6) Note the checkin fails with a screen message indicating you should
return the item to the circulation desk.
Signed-off-by: Peter Lau <peter.lau@yccece.edu.hk>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch enables keyboard navigation using the arrow keys without the
need to hold the control key for the jQuery UI datepicker.
Test plan
1/ Navigate to an item in the opac and attempt to place a hold
2/ On the resultant screen, use keyboard navigation to trigger the 'Show
more options' dropdown.
3/ Focus on one of the date inputs using keyboard navigation.
4/ Use 'ctrl + arrow' keys to navigate the datepicker.
5/ Note that prior to the patch using 'bare' arrow keys does not trigger
anything
6/ Apply the patch and confirm that the datepicker can now be naviated
using the arrow keys without holding the ctrl key.
7/ Confirm that using the ctrl key combinations continue to work as
expected too.
8/ Signoff
Signed-off-by: Brandon J <brandon.jimenez@inLibro.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1 - Have two checkouts in old_issues
issue 1: timestamp 2020-08-01 00:00:00, issuedate 2019-08-01 00:00:00
issue 2: timestamp 2020-07-01 00:00:00, issuedate 2019-07-01 00:00:00
2 - Perform a Most Circulated Items search for checkout dates 2020-06-01 to 2020-09-01. Both checkouts appear in search
3 - Repeat search with checkout dates 2019-06-01 to 2019-09-01. Neither checkout appears in search
4 - apply patch, restart all
5 - Repeat search with checkout dates 2020-06-01 to 2020-09-01. Neither checkout appears in search
6 - Repeat search with checkout dates 2019-06-01 to 2019-09-01. Both checkouts appears in search
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When viewing the logs we try to swith the db values like 'cron' to friendly terms like
'Cron job'
The values we use for building the selectors on the page ar eupper case, but DB values are lower case
If we simply force upper case in the comparison we can ensure we always match correctly
To test:
1 - Enable some 'Logs' setting in System preferences
2 - Perform some action in koha that will log
Run a cronjob
Change a syspref
etc.
3 - Browse to Tools-> Log viewer
4 - Click 'Submit' to see all logs
5 - Note the 'Interface' column contains lower case DB values
6 - Apply patch
7 - Reload the page
8 - Values in interface are now Camel cased and more friendly
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The database schema for accountlines table allows the
manager_id/user_id column to be NULL. If request to
/api/v1/patrons/<patron_id>/account returns such an accountline where
it is NULL we get 500 error as response. Adding NULL to allowed data
types fixes this issue.
To test:
1) Run prove t/db_dependent/api/v1/patrons_accounts.t and notice it
doesn't fail
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When manager_id is null/undef the API returns error code 500.
To test:
1) Notice failure when running
prove t/db_dependent/api/v1/patrons_accounts.t
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch replicates the introduced behaviour, for the admin interface.
To test, follow the test plan from the OPAC, but on the intranet.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes opac-detail.pl query for analytics the same way it
would do with the generated link (i.e. based on UseControlNumber) and
passes a flag to the XSLT so it displays (or not) the 'Analytics' link.
To test:
1. Apply the first patch
2. Have a known record without analytics
3. Open the record in the OPAC
=> FAIL: It shows the 'Analytics' link
4. Have a record known to have analytics and open in OPAC, on a separate
tab
=> SUCCESS: It shows the 'Analytics' link
5. Apply this patch and restart_all
6. Reload the tabs
=> SUCCESS: It shows the link where it has to, and hides it where it
shouldn't be displayed
7. Sign off :-D
Sponsored-by: Orex Digital
Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The current XSLT displays the link to linked analytics only for serials.
This patch makes it show for all the relevant position 7 on the leader
values. I left out a and b as recommended by expert librarians on my
team, but I can revert that if required.
The current implementation adds a new CSS class for each case, so
libraries willing to keep the current behaviour or just have more
granular control on the cases they want the link to display, just can.
This patch makes sense with the follow-up one, which will display the
link only if there are really related records.
To test:
1. Open a non-serial record, notice there's no link to analytics
2. Apply this patch and reload
=> SUCCESS: There's an 'Analytics' link
3. Inspect the produced HTML
=> SUCCESS: A special class with analytic_* value has been added, and
thus we now can control its display through CSS
4. Sign off :-D
Sponsored-by: Orex Digital
Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Elasticsearch requires the booleans in search requests to
be uppercase. This fixes the "Show analytics" link in
OPAC (same as first patch for intranet) and the "Show volume"
link.
To test both patches:
Set UseControlNumber = Use
1) "Show analytics"
- Turn SearchEngine to Elasticsearch and make sure it works
- Pick any serial record in your database, make sure 001 is set
- Go to new > new child record
- Fill in 245 and save
- For both staff and OPAC:
- Click on the "In" link, it should bring you to the parent record
- Click on "Show analytics", it should show your analytical record
- Switch to "Zebra" - verify links still work.
2) "Show volumes"
- Turn SearchEngine to Elasticsearch again
- Pick any serial record in your database, make sure 001 is set
- Set LDR, pos. 19 = a - Set
- Note 001 value
- Find another record and edit it
- Set LDR, pos. 19 = a or b, LDR 7 not a or b (m will work)
- Set 773$ title of set record $w 001 of set record
- For both staff and OPAC:
- Click on the "In: link, it should bring up your set record
- Click on the "Show volumes" link, it should bring up the volume
- Switch to "Zebra" - verify all links still work.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In elasticsearch we only treat AND and OR as boolean operators if
they are capitalized
To test:
- Turn SearchEngine to Elasticsearch and make sure it works
- Pick any serial record in your database, make sure 001 is set
- Go to new > new child record
- Fill in 245 and save
- Click on the "In" link, it should bring you to the parent record
- Click on "Show analytics" => there will be no result
- Apply patch
- restart and reload
- Try again
- It works!
- Switch SearchEngine syspref to 'Zebra'
- Test again
- It still works!
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Without this patch, you can't preview letters when running Koha in CGI mode.
To test:
1. Run Koha as CGI (and not Plack)
2. Go to /cgi-bin/koha/tools/letter.pl?op=add_form&branchcode=&module=circulation&code=CHECKIN
3. Try to preview the notice (using a valid barcode)
4. Note in the browser console that svc/letters/preview is generating a 500 error
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Currently the overdues report does the following display:
Patron library = home branch
Home library = holding branch
Holding library = patron branch
This patch corrects the display of libraries in the overdues report.
To test:
0) Do not apply patch
1) Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
2) Go to http://localhost:8081/cgi-bin/koha/circ/set-library.pl
3) Choose "Troy"
4) http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
5) Checkout "39999000004571" with due date of "09/01/2019 23:59"
Note the facts:
Patron library = Centerville
Home library = Fairview
Holding library = Troy
6) Go to http://localhost:8081/cgi-bin/koha/circ/overdue.pl
7) Change "Columns" visibility to show Holding and Home libraries
8) Note that the libraries are incorrect:
Patron library appears to be: Fairview
Home library appears to be: Troy
Holding library appears to be: Centerville
9) Apply the patch
10) koha-plack --restart kohadev
11) Go to http://localhost:8081/cgi-bin/koha/circ/overdue.pl
12) Change "Columns" visibility to show Holding and Home libraries
13) Note that the libraries are correct:
Patron library appears to be: Centerville
Home library appears to be: Fairview
Holding library appears to be: Troy
Signed-off-by: Emmi Takkinen <emmi.takkinen@outlook.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In get_elasticsearch_params we set the conf to static if undefined,
but we never defined it
To test:
1 - Apply unit test patch
2 - prove -v t/Koha/SearchEngine/Elasticsearch.t
3 - It fails
4 - Apply this patch
5 - It succeeds
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The password recovery and self-registration features need to be
accessible at the OPAC even if not public.
Test plan:
Self register a new account, then ask for a new password with OpacPublic
turned off
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomás Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Was this wrong?
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomás Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This was wrong!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It defaults to 0 in get_template_and_user
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Prior to this patchset there were 3 different calls to
get_template_and_user (or checkauth) with the authnotrequired param:
* authnotrequired => 0
* authnotrequired => 1
* authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 )
The first one says that an unauthenticated user can access the page, the
second that the user has to be authenticated, and the last one that it
depends on the OpacPublic syspref.
Actually we must replace the first one with the third one, if the OPAC
is not public, the authentication must be forced.
To do so we are going to remove the "authnotrequired => 0" occurrences,
and check the OpacPublic syspref's value in C4::Auth
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The FIXME is no longer valid since we fixed the X-Forwarded headers
for Plack. And since we do not even use using_https anymore in
the templates (see bug 21094).
Test plan:
Run Auth.t
Git grep for using_https
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.
Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var
This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.
Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the controller not expect that there will always be all
the email fields. So it now checks if an email field was passed, and
changed, and renders the error if that stands.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: Tests written by Nick highlight a problem
2. Apply this patch
3. Repeat 1
=> SUCCESS: Problems solved
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The API was only catching the primary email change case, but we need to
catch email, emailpro and B_email.
We were also not accounting for any of the emails (on PUT or from the
DB) being undefined.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patchset prevents a non-superlibrarian user from editing a
superlibrarians email address via memberentry. This is to prevent a
privilege escalation vulnerability whereby a user could update a
superlibrarians contact details to match their own and then request a
password reset via the OPAC.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This would prevent any unintended batch renewals as it is easy
to miss the option in the screen.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
For sites with very large amounts of due dates to extend ( tens of thousands ), it can take a very long time of the results to load ( if at all ). It would be good to have a way to bypass the confirmation screen, instead directly updating the due dates before displaying the results.
Test Plan:
1) Apply this patch
2) Browse to tools/batch_extend_due_dates.pl
3) Note the new "Preview results" checkbox
4) Submit form with the checkbox unchecked, due dates should be updated
without previewing the checkouts
5) Submit form with the checkbox checked, tool should function as
it did previously
Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Bug 25101: (QA follow-up) Add hint to new option
Adds a hint about the large numbers behind the new
checkbox option.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Bug 25101: (QA follow-up) Fix hint for new option
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
Run the upgrade twice.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The date would no longer show, changed the variable name and
removed the hours, as the field in the database is a date
and not a datetime.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Replace timestamp by publicationdate in translations.
Applies to sample notices and sample news.
Test plan:
Run a new install or pick a sql file and run it on cmdline.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Applies to sample notices and sample news.
Replace timestamp by publicationdate.
Also adjust notice in TemplateToolkit.t.
Test plan:
Run dbrev and verify if ISSUESLIP refers to opac_news.publicationdate.
Run t/db_dependent/Letters/TemplateToolkit.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Removing the weird '' => 1 from the hash too.
NOTE: The following line in the module seems to be useless:
$data->{$data->{'lang'}} = 1 if defined $data->{lang};
Test plan:
Run t/db_dependent/NewsChannels.t
Run t/db_dependent/Koha/News.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
DBD::mysql::st execute failed: Incorrect integer value: '' for column `koha_master`.`opac_news`.`number` at row 1 [for Statement "INSERT INTO opac_news ( content,number,lang,title,branchcode,borrowernumber,expirationdate,publicationdate ) VALUES ( ?,?,?,?,?,?,?,? )" with ParamValues: 0="test", 1="", 2="", 3="test", 4=undef, 5="51", 6='2020-08-11', 7='2020-08-04'] at /usr/share/koha/C4/NewsChannels.pm line 68.
DBD::mysql::st execute failed: Incorrect integer value: 'a' for column `koha_master`.`opac_news`.`number` at row 1 [for Statement "UPDATE opac_news SET lang = ?,publicationdate = ?,expirationdate = ?,number = ?,content = ?,branchcode = ?,title = ? WHERE idnew = ?;" with ParamValues: 0="", 1='2020-08-03', 2=undef, 3="a", 4="test", 5=undef, 6="test", 7="9"] at /usr/share/koha/C4/NewsChannels.pm line 107.
Test plan:
Do not apply this patch.
Enable strict mode in koha-conf.
Add new record in tools/news leaving 'Appear in position' blank.
The record is not added; you have a warn in your plack-error log.
Apply patch and try again.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
Perform some CRUD operations on the news page in staff.
Verify that news on opac and staff respect publicationdate.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Change timestamp to publicationdate, add updated_on as 'real' timestamp.
Test plan:
Run install or upgrade. Check table opac_news.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This test is failing randomly because it assume the order is always the
same. But it's not.
Note: Koha::Objects->search_related is never used , last use removed from
commit 9aa724cdf2
Bug 19599: Speed anonymise_issue_history up
We should keep it however IMO
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the button present some space between the icon and the
text.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
