Commit graph

8561 commits

Author SHA1 Message Date
77eba5d1b2
Bug 31115: Add additional_attributes support to GetInvoices
This patch adds support for searching additional_fields when retrieving
invoices using C4::Acquisition::Invoices.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Acquisition.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Sponsored-by: The Research University in the Helmholtz Association (KIT)
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-24 14:11:07 -03:00
ad6530b914
Bug 30588: (QA follow-up) Clear waiting-for-2FA-setup in session
If we do not clear this session, the first login directly after setup
does not really enhances user experience ;)

Test plan:
Make sure 2FA is enforced.
Test the above. Disable your 2FA, logout and login.
Verify that you can access pages with this patch now. Without this
patch you could not.
Run these tests to provide more confidence:
t/db_dependent/Auth.t
t/db_dependent/api/v1/two_factor_auth.t
t/db_dependent/Koha/Auth/TwoFactorAuth.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:37:02 -03:00
316355e8d5
Bug 30588: (QA follow-up) Auth - remove two warns and second logout
Resolves:
Use of uninitialized value $request_method in string eq at /usr/share/koha/C4/Auth.pm line 1122.
Use of uninitialized value $return in numeric gt (>) at /usr/share/koha/C4/Auth.pm line 1155.

We also remove the double logout from Auth.t

Test plan:
Run t/db_dependent/Auth.t
Check if you do not see the warns anymore.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:37:00 -03:00
b93e15c235
Bug 30588: Add the option to require 2FA setup on first staff login
Bug 28786 added the ability to turn on a two-factor authentication,
using a One Time Password (OTP).
Once enabled on the system, librarian had the choice to enable or
disable it for themselves.
For security reason an administrator could decide to force the
librarians to use this second authentication step.

This patch adds a third option to the existing syspref, 'Enforced', for
that purpose.

QA notes: the code we had in the members/two_factor_auth.pl controller
has been moved to REST API controller methods (with their tests and
swagger specs), for reusability reason. Code from template has been
moved to an include file for the same reason.

Test plan:
A. Regression tests
As we modified the code we need first to confirm the existing features
are still working as expected.
1. Turn off TwoFactorAuthentication (disabled) and confirm that you are not able to
enable and access the second authentication step
2. Turn it on (enabled) and confirm that you are able to enable it in your account
3. Logout and confirm then that you are able to login into Koha

B. The new option
1. Set the pref to "enforced"
2. You are not logged out, logged in users stay logged in
3. Pick a user that does not have 2FA setup, login
4. Notice the new screen (UI is a bit ugly, suggestions welcomed)
5. Try to access Koha without enabling 2FA, you shouldn't be able to
access any pages
6. Setup 2FA and confirm that you are redirected to the login screen
7. Login, send the correct pin code
=> You are fully logged in!

Note that at 6 we could redirect to the mainpage, without the need to
login again, but I think it's preferable to reduce the change to
C4::Auth. If it's considered mandatory by QA I could have a look on
another bug report.

Sponsored-by: Rijksmuseum, Netherlands

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:36:57 -03:00
8511750de9
Bug 30588: Adjust existing occurrences of TwoFactorAuthentication
We need to replace 0 with 'disabled', and 1 with 'enabled'

Sponsored-by: Rijksmuseum, Netherlands

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:36:56 -03:00
f5271d1a74
Bug 17170: Add the ability to create 'saved searches' for use as filters when searching the catalog
This patch alters the code in the ES QueryBuilder. Reflecting
how things are handled in build_query_compat we clean the query,
but not the limits. In Zebra we simply recursivly call buildQuery,
but the ES query structure

This patchset adds a new ability to save searches on the staff client, and display them in the results
page on staff or opac as a new filter.

New filters can be added from the results page after a search, and there is an admin page for updating
deleting and renaming filters

There is a new permission to control management of these filters

New filters can be added that are not displayed along with facets, this allows for building custom links
using these filters to keep URLs shorter

Due to bug 30528 testing in ES is recommended

To test:
 1 - Apply patches and update database and restart all
 2 - Enable new system preference 'SavedSearchFilters'
 3 - As superlibrarian perform a search in staff client, something broad like 'a'
 4 - Note new 'Save search as filter' link on results page
 5 - Click it, save search as new filter, check 'Staff client' visibility
 6 - Perform another search
 7 - Note the filter now appears above facets
 8 - Click to it filter results
 9 - Note results are limited by the new filter, and it is checked in the facets
10 - Confirm click the [x] removes the filter
11 - Go to administration->search filters
12 - Confirm the filter appears
13 - Edit and mark as OPAC visible
14 - Test OPAC to ensure it shows and can be applied/removed
15 - Copy URL with filter applied
16 - In adminsitration mark filter as not visible on staff or opac
17 - Confirm link above still works
18 - Create a new staff with catalogue and search filters permission
19 - Ensure they can access/save filters
20 - Remove filter permission and ensure they cannot
21 - Disable system preference
22 - Confirm links to search filters page are removed from admin home and admin sidebar
23 - Confirm filters do not appear on results and cannot be created
24 - Enable pref
25 - Create a filter
26 - From search filters page, click 'Edit search'
27 - Confirm you are taken to advanced search page letting you know which filter you are editing
28 - Confirm you can change searhc options and save
29 - Confirm you can perform the search from this page

Sponsored-by: Sponsored by: Round Rock Public Library [https://www.roundrocktexas.gov/departments/library/]

Signed-off-by: Michal Urban <michalurban177@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:15:18 -03:00
a97a6b28d2
Bug 17170: Handle search filters in query builders
This patch updates the query building code to expand filters when searching
and pass them back as part of the cgi and descriptive search strings

Sponsored-by: Sponsored by: Round Rock Public Library [https://www.roundrocktexas.gov/departments/library/]

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:15:16 -03:00
de4255e928
Bug 28375: (follow-up) Use C4::Context->interface
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-20 11:50:53 -03:00
1dc979af7c
Bug 28375: (follow-up) Remove guessed interface parameter - always pass
Previous patch added interface parameter passed on each call. There was an
existing one that 'guessed' - this patch removes that

Fixes missing comma

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-20 11:50:53 -03:00
70325d48a0
Bug 28375: Inefficiencies in fetching COinS
This patchset adds an 'interface' parameter to XSLTParseForDisplay to avoid fetching
coins when not needed

Additionally we move some logic from the scripts to searchResults to avoid an extra fetch fo the biblio object

To test:
1 - Enable  COinSinOPACResults syspref
2 - Also enable  OPACShowOpenURL  and  OPACOpenURLItemTypes  - adding an itemtype that you can find
3 - Perform a search on the OPAC and confirm coins are included and openurl shown
4 - Perform a search on staff client and confirm openurls do not show
5 - Apply patch
6 - Results should be the same

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-20 11:50:53 -03:00
9bc996be91
Bug 31626: Add letter id to the message queue table
It can be useful to know exactly what template was used to generate a notice. To this end, it would be useful to store the letter id as a foreign key in the message queue table.

Test Plan:
1) Apply this patch
2) Run updatedatabase.pl
3) Restart all the things!
4) Run an action that will send a notice to a patron
5) Note the letter id is now in the message_queue table for that notice!

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-18 09:41:41 -03:00
ef0bf75eed
Bug 25426: Allow return policy to be selected via syspref and not just home library
1) Apply this patch
2) Run updatedatabase.pl
3) Verify CircControlReturnsBranch is set to home library by default
4) Set a Return policy for Branch A to "Item returns home" ( homebranch )
5) Set a Return polity for Branch B to "Item returns to issuing library" ( holdingbranch )
6) Set a Return polity for Branch C to "Item floats" ( noreturn )
7) Create an item with homebranch of Branch A, holding branch of branch B
8) Log in as Branch C
9) Set CircControlReturnsBranch to "the library the item is currently held by"
10) Check the item in, note it should be returned to the holding library
11) Set CircControlReturnsBranch to "the library the item is owned by"
12) Check the item in, note it should be returned to the home library
13) Set CircControlReturnsBranch to "the library you are logged in at"
14) Check the item in, note it should float

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-18 09:14:52 -03:00
a39ecfd7f7
Bug 27265: (follow-up) Use existing parameter
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-17 21:11:40 -03:00
da7bcc2252
Bug 27265: Enable message queue cron to accept multiple codes and types
It would be nice to be able to combine several types in a single run,
but exclude others, without having to have multiple cron lines

Test Plan:
1) Apply this patch
2) Run process_message_queue.pl with a single -c parameter
3) Note behavior is unchanged
4) Run process_message_queue.pl with multiple -c parameters
5) Note all the codes specified are processed
6) Repeat 2-5 with -t for type limits

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-17 21:11:40 -03:00
6d9c1403fb
Bug 31437: (bug 30718 follow-up) Prevent useless indexation call from ModDateLastSeen
Koha::Object->store is triggering an UPDATE because the datelastseen is
different than the value in DB (comparing a datetime with a date)

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-14 09:25:10 -03:00
93e418c0b3
Bug 31552: SIP2 option format_due_date not honored for AH field in item information response
Bug 28730 added the ability to format due dates based on Koha's date format, but missed formatting the due date field in the item information response.

Test Plan:
1) Apply this patch
2) prove t/db_dependent/SIP/Message.t

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-12 14:56:57 -03:00
fdb5275407
Bug 31614: Adds a koha-conf.xml config to set Zebra connection timeout
This patch adds <zebra_connection_timeout>30</zebra_connection_timeout>
to the koha-conf.xml file.

Sometimes, a Zebra search might take longer than 30 seconds. If it does,
Koha will say that 0 records have been found. While slow searching
is not desirable, it's more desirable to get the result set regardless.

Test plan:
0. Apply patch
1. Add <zebra_connection_timeout>.1</zebra_connection_timeout> to
your relevant koha-conf.xml file (e.g. /etc/koha/sites/kohadev/koha-conf.xml)
2. echo 'flush_all' | nc -q 1 memcached 11211
3. koha-plack --restart kohadev
4. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=test
5. Note that no results are returned
6. Change zebra_connection_timeout to 30
7. echo 'flush_all' | nc -q 1 memcached 11211
8. koha-plack --restart kohadev
9a. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=test
9b. Note that 3 results are returned
10. Remove zebra_connection_timeout from koha-conf.xml
11. echo 'flush_all' | nc -q 1 memcached 11211
12. koha-plack --restart kohadev
13a. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=test
13b. Note that 3 results are returned
14. Celebrate

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-12 09:10:07 -03:00
Katrin Fischer
9a428d8ef0
Bug 30168: (QA follow-up) Fix POD
The POD had $issue in the example, but $checkout in
explanation. Also standardized a bit of other terminology.
(borrower, issue) = (patron, checkout)

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-11 10:46:07 -03:00
ce4ad972e5
Bug 30168: Use checkout object in GetSoonestRenewDate
Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-11 10:46:07 -03:00
80eb5555d6
Bug 28799: Log when item was lost and now found
In the subroutine ModDateLastSeen we unset an item's lost status when
checked in.

This routine passes a noi log parameter to the store request, this is
to avoid spamming the cataloguing log on every checkin.

When marking an item unlost we should record this change.

To test:
1 - Enable cataloguing log
2 - Mark an item lost
3 - View the log and confirm this chagne was recorded
4 - Check the item in
5 - The message indicates item is now found, but logs have no new entry
6 - Apply patch, restart all
7 - Mark the item lost and verify it is logged
8 - Check the item in, reported found and log entry recorded

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-11 10:43:36 -03:00
Joonas Kylmälä
b28a97fbe9
Bug 31485: Move _item_denied_renewal to Koha::Item
The question whether item is denied renewal doesn't depend on
circulation rules or the patron, it is only a property of the item and
only changes to the item's attributes can cause the return value of
the check to change, thus we should move this to be a method of
Koha::Item.

To test:
 1) Run unit tests
    $ prove t/db_dependent/Circulation.t
    $ prove t/db_dependent/Koha/Item.t

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-11 10:19:20 -03:00
c89e886b6d
Bug 31587: Basket not accessible from ACQORDER notice
The parameter "aqbasket" is passed to GetPreparedLetter, but is always undefined for the notice ACQORDER.

Test Plan:
1) Set your ACQORDER notice content to:
   ***[% basket %]***
2) Set up a vendor with an email, set contact for email so the "E-mail
   order" button shows on a basket for that vendor
3) E-mail the basket
4) Note the email contents are "******"
5) Apply this patch
6) Restart all the things!
7) Email the basket again
8) Note the content looks something like:
   ***Koha::Acquisition::Basket=HASH(0x55870acd96e0)***

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-11 10:13:22 -03:00
8d933d482a
Bug 31649: Fix acquisition basket group CSV export if biblio does not exist
Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-11 10:00:13 -03:00
28b56098b5
Bug 31649: Fix acquisition basket CSV export if biblio does not exist
Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-11 10:00:12 -03:00
7749e73526
Bug 31203: Add End action to cronjobs and log viewer
Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-05 16:12:55 -03:00
df69e14057
Bug 31203: Alter cronlogaction to take a hash
This patch simply changes the routine to expect a hashref for info
and to log the PID as object in action logs

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-05 16:12:46 -03:00
9c999293ef
Bug 31333: (follow-up) Handle anonymous patrons making suggestions
Test plan:
1. Enable suggestion & AnonSuggestions sysprefs and set AnonymousPatron = 1
2. Visit the OPAC without logging in
3. Confirm you can successfully create a suggestion from:
- Item detail page
- Search result page
- Masthead under the 'Library catalogue' search box
4. Disable the AnonSuggestions syspref
5. Confirm you cannot see links to make purchase suggestions on the
following pages:
- Item detail page
- Search result page
- Masthead under the 'Library catalogue' search box
6. Confirm if you try visiting /cgi-bin/koha/opac-suggestions.pl page
you are re-directed to a login page
7. Select the category of your user in the suggestionPatronCategoryExceptions syspref
8. Log into the OPAC
9. Confirm you cannot see links to make purchase suggestions on the
following pages:
- Item detail page
- Search result page
- Masthead under the 'Library catalogue' search box
- opac-user.pl ('Your summary') page
10. Confirm if you try visiting /cgi-bin/koha/opac-suggestions.pl page
you are re-directed to a 404 error page
11. Enable AnonSuggestions syspref
12. Confirm you can successfully create a suggestion from:
- Item detail page
- Search result page
- Masthead under the 'Library catalogue' search box
- opac-user.pl ('Your summary') page
13. Disable AnonSuggestions syspref and un-check your category from
suggestionPatronCategoryExeptions syspref
14. Confirm you can create a suggestion from:
- Item detail page
- Search result page
- Masthead under the 'Library catalogue' search box
- opac-user.pl ('Your summary') page

Sponsored-by: Catalyst IT, New Zealand

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-04 08:44:26 -03:00
146a897731 Bug 31333: Add ability to make purchase suggestions by borrower type
Introduce a suggestionPatronCategoryExceptions system preference.

If the suggestion syspref is enabled then libraries can stop specific
borrower types from making suggestions by ticking the type in the
suggestionPatronCategoryExceptions syspref.

Test plan:
1. Apply patches, update database, re-start services

2. Set 'suggestion' syspref = 'Allow'

3. Confirm you can view the purchase suggestion links on OPAC biblio detail
page & 'your summary' page. As well as successfully submit a suggestion.

4. Select the patron category you're logged in as in
suggestionPatronCategoryExceptions syspref

5. Confirm the purchase suggestion links are hidden in the OPAC biblio
detail page & 'your summary' page

6. In your browser enter the link: <OPAC base URL>/cgi-bin/koha/opac-suggestions.pl
e.g. http://localhost:8080/cgi-bin/koha/opac-suggestions.pl

7. Confirm a 404 page loads

8. Confirm you can view/moderate suggestions in the staff
client - even though your patron is selected in the
suggestionPatronCategoryExceptions syspref

9. Untick your patron category in the suggestionPatronCategoryExceptions syspref

10. Confirm you can view the purchase suggestion links on the OPAC, as
well as successfully submit a suggestion.

11. Set 'suggestion' syspref = "Don't allow"

12. Confirm the purchase suggestion links are hidden in the OPAC

13. Select all patron categories in suggestPatronCategoryExceptions
syspref. View the OPAC without logging in and confirm you can perform
searches and view OPAC biblio detail pages.

Sponsored-by: Catalyst IT, New Zealand

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-04 08:44:16 -03:00
Julian Maurice
3b4c6db0d8
Bug 28186: Use Koha::Authority in C4::AuthoritiesMarc::AddAuthority
This patch replaces the use of $dbh->do by corresponding use of
Koha::Authority object

Test plan:
1. Verify that creating/modifying authority still work
2. prove t/db_dependent/AuthoritiesMarc.t

Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-03 15:13:35 -03:00
33ba3af45a
Bug 31586: Log basket number as object for action ACQUISITION ORDER
Until now we logged undef as object in action_logs when an email
order was sent. With this patch the basket number is logged instead,
which will allow for reporting and also allows us to display a link
to the basket, if permissions permit (order manage), in the log
viewer.

To test:
- Make sure the ClaimsLog system preference is set to Log
- Create a vendor or make sure an existing vendor has an email set
- Make sure to add an SMTP server and link it to your library
- Create a basket in acqisitions and add an order line
- Click "E-mail order" to send the email
- Go to the log viewer, limit to module Acquisitions
- Verify that the entry show with a link to the basket in the
  Object column
  If the user doesn't have order_manage permission, the basket
  number will still show, but isn't linked

Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-03 14:34:11 -03:00
7a21a76a06
Bug 30646: (follow-up) Set to send immediately
Other welcome notices send immediately rather than waiting on the queue
to be processed.. these one's should too.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-03 14:02:40 -03:00
a951e6d131
Bug 30646: Add welcome email support to SAML2
This patch adds the ability to enable the welcome email notice for new
users added via the Shibboleth autocreate option.

Test plan
1) Configure Shibboleth for authentication
2) Enable the welcome email by adding '<welcome>1</welcome>' to your
   shibboleth config block
3) Confirm you have autocreate enabled for your Shibboleth config
4) Attempt to login with an entirely new user to Koha using the shibboleth
   connection (with a user who has a valid email address mapped to Koha
   borrower fields)
5) Confirm the email is sent by looking at the notices for the new user.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-03 14:02:39 -03:00
e9e10c5e72
Bug 30646: Add welcome email support to LDAP
This patch adds the ability to enable the welcome email notice for new
users added via the LDAP replicate option.

Test plan
1) Configure LDAP for authentication
2) Enable the welcome email by adding '<welcome>1</welcome>' to your
   ldap config block
3) Confirm you have replicate enabled for your LDAP config
4) Attempt to login with an entirely new user to Koha using the LDAP
   connection (with a user who has a valid email address mapped to Koha
   borrower fields)
5) Confirm the email is sent by looking at the notices for the new user.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-03 14:02:39 -03:00
7dfa7bcc21
Bug 29196: (Bug 27068 follow-up) - Remove unnecessary check
The introduction of _checkHoldPolicy has made this check superfluous.
Test plan stolen/updated from 27068

To test:
 1) In library groups add a root group and check it as hold group.
 2) Add two libraries to the group
 3) In circulation and fines rules, in 'Default checkout, hold and return
 policy', in Hold pickup library match change the value to 'From patron's hold group'
 4) Place a hold from a patron whose home library is from the group
 4.5) perl misc/cronjobs/holds/build_holdsqueue.pl
 5) Go to /cgi-bin/koha/circ/view_holdsqueue.pl
 6) Select the holding branch of the item with a hold
 7) observe no results
 8) Apply Patch
 9) Repeat 5-6
10) The item should come up on the holds queue results
11) Place a hold on an item where 1 record has 2 copies, 1 in the hold group, 1 not.
12) Run the HoldQueue for the library not in the group and make sure the hold isn't showing.
13) Turn on transportation cost matrix and set costs for the libraries within the group.
14) Place a hold for a patron where multiple copies are on the bib.
15) Check both branch's hold queue for the item, it should only show on the lower cost branch's list if both copies are available.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-03 13:39:30 -03:00
Frank Hansen
26ec48a196
Bug 30280: (follow-up) Removing tab character in Heading.pm
Sponsored-by: Lund University Library, Sweden

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-03 10:00:08 -03:00
Frank Hansen
8c7230b802
Bug 30280: Add support for subject headings from different thesaurus when using Elasticsearch
This patch allows subject headings from different thesaurus to co-exist in Koha.

Test plan:
1. Enable Elasticsearch as the search engine (SearchEngine system preference =
Elasticsearch) and reindex (koha-elasticsearch --rebuild -d -b -a kohadev).
2. Load sample authority records attached to the bug (in this case the
authorities.mrc file was saved in the koha directory - adjust file location as
appropriate):
   misc/migration_tools/bulkmarcimport.pl -v -a -file authorities.mrc -insert
-c=MARC21
3. Load the sample bibliographic record attached to the bug:
   misc/migration_tools/bulkmarcimport.pl -v -b -file biblios.mrc -insert
-c=MARC21
4. Search for ISBN 0704328623 and verify that the subject terms are not linked
to any authority records (if you hover over the link terms, all links should
look like ../cgi-bin/koha/catalogue/search.pl?q=su:"subjectterm" - none should
have any ?q=an:XXX (where XXX = authority record ids) in the link).
5. Apply the patches.
6. Reset the Elasticsearch mappings (Administration > Catalog > Search engine
configuration (Elasticsearch)).
7. Reindex: koha-elasticsearch --rebuild -d -b -a kohadev
8. Link bibliographic records to authority records:
misc/link_bibs_to_authorities.pl -v -l
9. Repeat the search in step 4 (or refresh the record details page) and verify
that the first three Feminism headings[1] are linked to an authority record
(should have ?q=an:XXX (where XXX = different authority record IDs for the
various feminism authority records linked to a specific thesaurus)).
10. Reindex: koha-elasticsearch --rebuild -d -b -a kohadev

[1] Links for subject terms for step 9 in order are (the authority ids may be
different depending on how ou are testing):

    Subject(s:) Feminism | feminism | Feminism | Feminism | Idéhistoria |
Litteratur

    http://127.0.0.1:8081/cgi-bin/koha/catalogue/search.pl?q=an:1709
    http://127.0.0.1:8081/cgi-bin/koha/catalogue/search.pl?q=an:1710
    http://127.0.0.1:8081/cgi-bin/koha/catalogue/search.pl?q=an:1708
    http://127.0.0.1:8081/cgi-bin/koha/catalogue/search.pl?q=su:"Feminism"
    http://127.0.0.1:8081/cgi-bin/koha/catalogue/search.pl?q=su:"Idéhistoria"
    http://127.0.0.1:8081/cgi-bin/koha/catalogue/search.pl?q=su:"Litteratur"

    MARC info:

    650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM
      a Topical term or geographic name entry element Feminism
      0 Authority record control number or standard number
https://id.kb.se/term/sao/Feminism
      2 Source of heading or term sao
    650 #7 - SUBJECT ADDED ENTRY--TOPICAL TERM
      a Topical term or geographic name entry element feminism
      2 Source of heading or term bnb
    650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM
      a Topical term or geographic name entry element Feminism
    650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM
      a Topical term or geographic name entry element Feminism
    650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM
      a Topical term or geographic name entry element Idéhistoria
    650 #4 - SUBJECT ADDED ENTRY--TOPICAL TERM
      a Topical term or geographic name entry element Litteratur

   Note: The fourth Feminism term has second indicator 4 which means "Source
not specified". So this term is only a local term and does not belong to any
specific thesaurus and thus not linked. To specify a source of a term, the
second indicator must be set as 7. The source of heading is then specified in
subfield 2.

Sponsored-by: Lund University Library, Sweden

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-03 10:00:04 -03:00
e509485161 Bug 29744: (QA follow-up) Only consider PLACK_ENV for underscore
When run under certain circumstances (in jenkins, for example) some ENV
variables are set for convenience, like PLACK_WORKERS and
PLACK_MAX_REQUESTS and is causing some tests to fail (notably, shib
ones).

This patch makes the regex only consider PLACK_ENV when testing for the
underscore case.

Tests are updated accordingly, and they are also rewritten to test for
boolean values instead of empty string, or zero or one, etc. The
implementation shouldn't matter as long as the boolean evaluation is
correct and it is clearer for devs what to expect.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-23 12:05:05 -03:00
a08e946459 Bug 7021: (QA follow-up): Minor code cleanup
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 09:33:17 -03:00
7d87128026
Bug 7021: Catch new introductions of UpdateStats
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 09:31:28 -03:00
791702a363
Bug 7021: Terminology - usercode -> categorycode
Lets stick to standard terminology and use categorycode rather than
usercode here.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 09:31:28 -03:00
Olli-Antti Kivilahti
b9158641d4
Bug 7021: Patron category in the statistics table
This patch populates the koha.statistics.usercode with borrowers.categorycode where it is easily available.
Currently for statistics.type 'issue' OR 'localuse' OR 'renew'.

Supplied a script to UPDATE the old statistics records.

Have fun!

To test:
1. Add loan for patron.
2. Check statistics table
=> 'usercode' column for this issue should now contain patrons categorycode

To test add_statistics_borrowers_categorycode.pl:
1. Run add_statistics_borrowers_categorycode.pl
2. Check statistics table
=> all statistics which are type 'issue' OR 'localuse' OR 'renew'
should now contain patrons categorycode in 'usercode' column

Also prove that tests in t/db_dependent/Circulation.t still pass.

Rebased-by: Emmi Takkinen <emmi.takkinen@koha-suomi.fi>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 09:31:27 -03:00
897fe20683
Bug 31389: Calculate user permissions in separate function
This patch refactors the setting of user permissions for templates into
a new function, which can be easily unit tested and reduces the amount
of code in C4::Auth::get_template_and_user(). It also aids in the
re-usability of permission checking code.

Test plan:
0) Apply patch and koha-plack --restart kohadev
1) prove t/Koha/Auth/Permissions.t
2) As koha superlibrarian, go to
http://localhost:8081/cgi-bin/koha/tools/tools-home.pl
3) Go to http://localhost:8081/cgi-bin/koha/members/members-home.pl
4) Create new test user with "Staff access..." and "Remaining circulation permissions"
5) Logout of koha superlibrarian
6) Login as test user
7) Note you can only see a limited view of the staff interface
(i.e. no administration, no tools, no reports, etc.)

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 08:39:21 -03:00
Jeremy Breuillard
ed97960cd7
Bug 27550: "Duplicate budget" does not keep users associated with that budget
When a budget is duplicated, Owner is copied but not Users

Test plan :
Home > Administration > Budgets
1)Create a budget to allow (active or inactive)
2)Give it some funds by filling up the form, especially Owner and
User(s)
3)Submit then go back to the Budgets dashboard
4)Duplicate the Budget and click on its name
5)Edit it and notice that User(s) is empty
6)Apply the patch
7)Repeat from 1) to 5)

Signed-off-by: Samu Heiskanen <samu.heiskanen@hypernova.fi>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 08:18:33 -03:00
179be45f4a
Bug 29744: (QA follow-up) Call psgi_env in OO style
Result of git grep -l -E "::psgi_env" | xargs sed -i -e's/::psgi_env/->psgi_env/g'

Also resolving this warn from Auth.t:
Use of uninitialized value $ENV{"SCRIPT_NAME"} in pattern match (m//) at /usr/share/koha/Koha/AuthUtils.pm line 211.

Note that the following warn is resolved on report 30588 (underway).
Use of uninitialized value $return in numeric gt (>) at /usr/share/koha/C4/Auth.pm line 1154.

Test plan:
Run t/db_dependent/Auth.t
Hit some opac, intranet pages. API call.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 08:11:58 -03:00
097b2afb17
Bug 29744: (QA follow-up) Add underscore test, move to OO
The underscore test comes from bug 31468.
Context methods should actually be OO.

Test plan:
Run t/Context.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 08:11:57 -03:00
97b1bd1dae
Bug 29744: Remove unnecessary condition in C4::Auth::safe_exit
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Adding David's comments from Bugzilla to safe_exit here.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 08:11:57 -03:00
0b80172a49
Bug 29744: Harmonize psgi/plack detection methods
This patch updates and moves the existing psgi_env method out of Auth
and into Context and then replaces any manual references of the same
code to use the new method.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: David Cook <dcook@prosentient.com.au>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 08:11:57 -03:00
Johanna Raisa
35724169c1
Bug 30359: GetBudgetHierarchy is slow on order receive page
This patch adds skiptotals parameter to GetBudgetHierarchy so calculating
totals can be skipped from some pages.

Test plan:
1) Open browser's Inspect -> Network
2) Go to receive orders
3) Check the timings for page load
4) Apply the patch
5) Refresh the page
6) Check the timings again
7) prove t/db_dependent/Budgets.t

Sponsored-by: Koha-Suomi Oy

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-21 19:02:17 -03:00
bdb107bcec
Bug 27421: (QA follow-up) BatchCommitImportRecords needs param for skipping commits
When you submit a background jobs, and it fails, you do not expect
partial results in the database.
Note that when the Background feature would support a partially
completed status, things might change again.

Note that the >0 test was superfluous if you check for ^\d+$.

Test plan:
Run t/db_dependent/Koha/BackgroundJobs/StageMARCForImport.t

Note: This serves to verify that it still runs as expected.
The test plan of the following patch covers the new param.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-19 15:14:59 -03:00
8497ed67b7
Bug 27421: Use Background job for staging MARC records for import
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-19 15:14:55 -03:00