There are 2 prefs that control the default view of biblio detail pages:
IntranetBiblioDefaultView for staff and BiblioDefaultView for OPAC.
There are as well viewISBD, viewLabeledMARC and viewMARC to allow/don't
allow access to those page for staff members.
This code need to be in a single place to avoid discrepancy.
Test plan:
Play with BiblioDefaultView and IntranetBiblioDefaultView and confirm
that the links of biblio point to the correct view.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The self registration form stores a new borrower as a borrower modification when verifying by email.
Borrower modifications can handle extended attributes.
This patch simply sotres the extended attributes in the modifications table, and approves a modification
to the extended attributes only after patron is created
To test:
1 - Apply patch
2 - Create a patron attribute and set it as viewable/editable in the OPAC
3 - Set system preference PatronSelfRegistrationVerifyByEmail
4 - Reigster a new patron on the OPAC, provide an email and populate the extended attribute
5 - Retrieve the verification token, the last on in the messages table
SELECT * FROM message_queue;
6 - Go tot he url from above
7 - Confirm successful patron creation
8 - View patron record and confirm attribute was set
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This alters the svc scripts to set the report id after fetchign the report object
to ensure it is passed to exectue query
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The last run of a report is updated only if method execute_query() is
called with report_id.
This whas missing for :
- when report is run publicly
- when report is sent by email
- when report is exported
Patch changes the method signature to use a hash of params, in order to
easily avoid some params.
Test plan :
1) Create a report.
2) Run report.
3) Check the report listing. Confirm that the last run info on the report is updated.
4) Make report public.
5) Run report via public url.
6) Check the report listing. Confirm that the last run info on the report IS NOT updated.
7) Schedule the report to run at a given time and e-mailed to an address.
8) After the report runs at the scheduled time, check the report listing. Confirm that the last run info on the report IS NOT updated.
9) Run report.
10) Export results.
11) Check the report listing. Confirm that the last run info on the report IS NOT updated AT THE TIME OF THE EXPORT.
Questionable (I don't know if this is addressed):
12) Run report on backend through a cron job and send results via e-mail.
13) Check the report listing. Confirm that the last run info on the report IS NOT updated.
14) Apply patch.
15) Rerun steps 2-13. Confirm that steps 3, 6, 8, 11, and 13 DO UPDATE the last run info.
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Trivial fix.
Test plan:
Delete two lines from opac search history.
Verify results. Check plack-opac-error.log.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This is a follow-up patch for bug 29543. If an invalid cardnumber has
been used we should not generate a token.
Test Plan:
1. Set SelfCheckoutByLogin to 'cardnumber'.
2. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
3. Enter an invalid carnumber like 'thisisabadcardnumber'
4. See the appropriate message "Sorry The userid thisisabadcardnumber was not found in the database. Please try again."
5. Try again with a different cardnumber and notice the same exact error message including the 'thisisabadcardnumber' cardnumber.
6. Apply this patch
7. Restart all the things!
8. Repeat steps 2-4
9. Try again with a different cardnumber, you should now see the correct
cardnumber!
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds the ACCTDETAILS notice trigger to the opac self
registration process. Allowing new users, with varification enabled,
to receive the ACCTDETAILS notice immediately after their account is
varified.
Test plan
1) Enable AutoEmailOpacUser system preference
2) Ensure the ACCTDETAILS notice is configured
3) Ensure `PatronSelfRegistrationVerifyByEmail` is enabled
4) Register a new user via the opac self registration process using an
email address you have access to
5) Verify the user by following the link in the verification email you
should have received.
6) The new user should have been created and you should be able to see
the account details notice in their associated notices
7) Confirm that the email address used above has received the notice.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds the ACCTDETAILS notice trigger to the opac self
registration process. Allowing new users, without varification enabled,
to receive the ACCTDETAILS notice immediately after their account is
created.
Test plan
1) Enable AutoEmailOpacUser system preference
2) Ensure the ACCTDETAILS notice is configured
3) Ensure `PatronSelfRegistrationVerifyByEmail` is disabled
4) Register a new user via the opac self registration process using an
email address you have access to
5) The new user should have been created and you should be able to see
the account details notice in their associated notices
6) Confirm that the email address used above has received the notice.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Although less harmful indeed. No borrowernumber, no image.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested: logged in, logged out, prefs toggled. All fine.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When system preference is off, call no code related to Koha::Recalls.
Also add some missing module import.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes the different ->recalls accessors implemented on this
bug be more standard. This means:
- They don't do special things like default sorting or stripping out
special parameters. That's all left to the caller and the methods are
clean: they just return the related objects
- Useful filtering methods for Koha::Recalls resultsets are added. The
only used one (in the end) was ->filter_by_current. It seems like a
better approach, because it gives devs more control on how they want
to chain things, and there's a single place in which to maintain the
criteria of what is 'current' or 'finished'. This clearly makes the
'old' column obsolete IMHO, at least in the use cases I found. This is
covered by tests as well.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Due to the wantarray change, we should fix this call in list context.
We should either use an iterator now or append as_list.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
And making reverted ajax message clearer
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
- removing authnotrequired flag from scripts
- fixing opac buttons
- chmod +x for recalls test files
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
- place a biblio-level or item-level recall via the biblio detail page, OPAC search results, or course reserves
- view or cancel your active recalls from 'your summary' recalls tab
- view all active and inactive (and cancel active) recalls from 'your recall history'
- stopped from placing a reserve on an item that the patron has already recalled
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
On the ktd sample database when trying to go to the detail page from the result list:
Undefined subroutine &CGI::Compile::ROOT::kohadevbox_koha_opac_opac_2ddetail_2epl::searchResults called at /kohadevbox/koha/opac/opac-detail.pl line 260
Turning off OpacBrowseResults makes the error disappear.
In opac-detail.pl, use C4::Search is missing searchResults and getRecords
To test:
- Search for something that gives several result pages in OPAC, example: e
- Switch to one of the last pages using link on top of results, example: 10
- Open any of the records listed in detail view
- Verify that the error is shown
- Apply patch and repeat, error is gone and browsing behaves as expected
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The method Koha::AuthorisedValues->authorised_value is not covered by tests!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a 'holdable' and 'unholdable' class to the rows of the table
Additionally I rename the 'backgroundcolor' field to 'onloan' as that is what it contains.
Note: Out of the box, there is no css associated with this class
I add a div around the table to allow hiding the new buttons as well when optiuons are hidden
It would be nice in the future to utilise a Koha table here, however, it is complicated by multi-holds
To test:
1 - Add a number of items to a record, ensuring they belong to different libraries
2 - Set 'Default checkout, hold and return policy'->'Hold policy' to 'From home library'
3 - Sign in to opac and attempt to placehold on the record
4 - Click 'show more options' and 'a specificitem'
5 - Note holds table includes items that cannot be held
6 - Apply patch
7 - Reload holds page
8 - Note items that cannot be heldare hidden
9 - Click 'Show unholdable items' and note they appear
10 - Click 'Hide unholdable items' and veriofy they hide
11 - Test with multi holds
Signed-off-by: The Minh Luong <the-minh.luong@inlibro.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 29844 forgot to add as_list to opac-search.pl.
You can see it changed search.pl
Patch fixes and also adds explicit interface = opac in get_search_groups() call.
Since intranet is explicit, opac should also be.
We keep opac as default value.
Test plan :
1) Create a libary group for OPAC and one for staff
2) Go to OPAC advanced search page
3) Check you see the OPAC libary group
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes the opac/opac-privacy.pl OPAC page use the new
anonymize method.
To test:
1. Have some checked-in materiales
2. Have OPACPrivacy enabled
3. Notice your checkouts history contains what you expect
4. Go to 'your privacy'
5. Click on 'Delete checkout history'
=> SUCCESS: It works, no crash.
6. Sign off :-D
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The same way we have a button to immediately delete the checkouts history in the OPAC, we should have a similar option for the holds history.
This patch implements that.
To test:
1. Have a patron with some old checkouts and old holds.
2. Have OPACPrivacy, OPACHoldsHistory and opacreadinghistory enabled.
3. Notice in the OPAC the patron has some old checkouts and holds.
4. Use the Privacy tab to clean checkouts
=> SUCCESS: They are still cleaned as before this patch
5. Try to clean the old holds
=> SUCCESS: They are cleaned!
6. Add some old checkouts and holds
7. Use the new 'All' button
=> SUCCESS: All cleaned
8. Sign off :-D
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Logout in OPAC.
Goto sco help page.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Certainly since bug 29543 and bug 29914.
We should do the same authentication check than sco-main.pl, and also
make sure to generate the checkout history only for the logged in patron
(the OPAC one, not staff member)
Test plan:
Use the different combinations of the SCO config (AutoSelfCheckAllowed,
SelfCheckoutByLogin and WebBasedSelfCheck) and confirm that this patch
fixes the SCO print slip feature.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
On bug 29844 we decided to remove wantarray from Koha::Objects->search.
Reviewing the difference occurrences I found some unnecessary uses of ->as_list,
where iterators should be used instead.
This patch only removes the obvious places, not the tricky ones.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
and some more...
There are lot of inconsistencies in our ->search calls. We could
simplify some of them, but not in this patch. Here we want to prevent
regressions as much as possible and so don't add unecessary changes.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
I think this is a better approach for the same thing. Posting it just in
case it helps.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We must check if logged in user is trying to modify one of their
checkouts
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Checkin or renew must be restricted to the items they own.
Test plan:
Create an item with barcode bc_1
Check it in to user A
Login to SCO with user B
Get the token using the browser dev tool, from the cookie
Hit (replace $JWT)
/cgi-bin/koha/sco/sco-main.pl?jwt=$JWT&op=renew&barcode=bc_1
/cgi-bin/koha/sco/sco-main.pl?jwt=$JWT&op=returnbook&barcode=bc_1
You should see an error message
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The self-checkout feature is assuming a patron is logged in if patronid
is passed. It also assumes that "We're in a controlled environment; we
trust the user", which is terribly wrong!
This patch is suggesting to generate a JSON Web Token (JWT) to store in
a cookie and only allow action (renew, check in/out) is the token is
valid. The token is only generated once the user has been authenticated
And is removed when the user finish the session/logout.
Test plan:
You must know exactly how the self-checkout feature works to test this patch.
The 4 following sysprefs must be tested:
SelfCheckoutByLogin, AutoSelfCheckAllowed, AutoSelfCheckID, AutoSelfCheckPass
Confirm that you can renew, checkin for the items you own, and checkout new items.
Confirm that you are not allowed to access other account's info.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
It's not used in template
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
It's not needed, we have $patron
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Most of the changes here are simple, this can be read to view the changes
Testing that holds can be placed via staff client, and opac, and are disallowed
when expected is the best test plan, beyond running the unit tests
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the call to overdrive_proxy to allow passing a version
and updates the code to use V2 for availability
To test:
1 - Enable OverDrive integration by setting the sysprefs
2 - Log in to your overdrive account in the Koha opac
3 - Perform a search and note availability display
4 - Confirm you can checkout/hold/return books
5 - Apply patch
6 - Repeat search and test functionality
7 - Note that title with '0 out of 0 copies available' now say 'Currently unavailable'
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds public note to the table of information shown about
items when placing a hold on a specific item in the OPAC.
To test, apply the patch and check Administration -> Circulation and
fine rules. You should have at least one patron category/item type
configured to allow OPAC item level holds.
- Modify an item to add information to the "Public note" field.
- Locate that record in the OPAC and place a hold on it.
- On the "Placing hold" page, click "Show more options" and "A specific
item."
- In the table of items you should see a "Notes" column showing the
information you added to the item.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch:
- Adds a notice about the fee to be charged to the patron (staff and
OPAC)
- Adds the right UI description for ARTICLE_REQUEST_FEE debit types in
the UI.
To test:
1. Have some article request fee rules
2. Play with placing an article request in OPAC and staff
=> SUCCESS: You see a message about the fee
=> SUCCESS: The fees are correctly applied to the patron
3. Sign off :-D
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The expiration date picked by the patron (or librarian) when placing a
hold is lost when a waiting hold is reverted.
We need a separate DB field to store this value and restore it when
needed: patron_expiration_date
The new behaviours are now:
Create a hold and specify an expiration date:
expirationdate=patron_expiration_date
Fill the hold:
expiration_date is calculated
expiration_date set to the calculated value or to
patron_expiration_date if anterior
patron_expiration_date not modified
Revert the waiting status:
expirationdate set back to patron_expiration_date
Cancel expire reserves:
if < expirationdate OR < patron_expiration_date
Note: This change should not be needed but won't hurt
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Florian Bontemps <florian.bontemps@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch modifies the checkout_download_url routine in
WebSerivce::ILS::OverDrive::Patron
We now directly hit the fulfillment endpoint with redirects disabled
and fetch the URL
The overdrive.js is modified to use a single 'Get item' button for all
checked out items and to refer to the fulfillment page
To test:
1 - Enable all OverDrive system preferences
2 - Search on opac and confirm OD results returned
3 - Checkout an item
4 - Confirm you have the new 'Get item' button on 'OverDrive account'
tab on opac-user.pl
5 - Confirm the 'Get item' button works
NOTE:
Most items will also show the 'Get item' button in results, however,
magazines may not as each checkout has a unique 'reserve id' and the
'parent' id is not checked in our current code
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We should not explode if the biblionumber passed in not in DB.
Test plan:
Hit /cgi-bin/koha/opac-reserve.pl?biblionumber=42424
and notice the error message.
Without this patch you got
Can't call method "holds" on an undefined value at
/kohadevbox/koha/opac/opac-reserve.pl line 172
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>