Commit graph

31640 commits

Author SHA1 Message Date
027aa4f349 Bug 20624: Add RESTOAuth2ClientCredentials syspref
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:01 -03:00
0d96a9080d Bug 20612: (QA follow-up) Fix typo in method POD
As Martin correctly highlighted, the method name is not correctly
spelled in POD. This patch fixes it.

To test:
- Look carefully
=> FAIL: Method name is _verify_client_cb but POD says _verify_client_db
- Apply this patch
- Look carefully
=> SUCCESS: Notice the POD is fixed!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:01 -03:00
c46439abda Bug 20612: koha-conf.xml cleanup
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:01 -03:00
5bf71bb837 Bug 20612: Make OAuth2 use patron's client_id/secret pairs
This patch wires the OAuth related code so it leverages on the new
Koha::ApiKey(s) classes and tools introduced by bug 20568 instead of the
hardcoded entries in koha-conf.xml originally proposed by bug 20402.

To test revisit the test plan for bug 20402, and verify that it works.
But create API key pairs instead of writing them down in koha-conf.xml.
Also:
- Run:
  $ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass!
- Sign off :-D

Sponsored-by: ByWater Solutions

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:01 -03:00
8eb9239a34 Bug 20612: Unit tests
This patch makes the oauth.t tests leverage on the new Koha::ApiKey(s)
classes. It adds tests for expired tokens too.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests should fail without the rest of the patches.

Sponsored-by: ByWater Solutions

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:01 -03:00
ef7a900742 Bug 20568: DBRev 17.12.00.043
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:00 -03:00
2a8c3fad0a Bug 20568: fix shebang
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:00 -03:00
d2454d6868 Bug 20568: Fix bad resolution conflict with bug 18403
borrowers module permission has now several subpermissions

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:00 -03:00
0cb1020e0c Bug 20568: (QA follow-up) Remove unused vars
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:00 -03:00
82edceb2ed Bug 20568: (QA follow-up) Remove api-key management from OPAC
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:00 -03:00
45841d9ec7 Bug 20568: CSRF protection
Edit: fix warning introduced by this patch

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
28a750fb76 Bug 20568: (QA follow-up) Get rid of the id column
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
45efd8e3ec Bug 20568: (QA follow-up) Make sure client_id and secret are not overwritten on store
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
175b773051 Bug 20568: (QA follow-up) Test client_id and secret are not overwritten
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
b3f7026254 Bug 20568: (follow-up) Atomic update fix
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
b67e88f429 Bug 20568: Move value => client_id + secret
This patch addresses the request from Julian that api keys are expected
to be client id/secret pairs.

It does so by
- Adding 'client_id' and 'secret' columns
- Removing 'value'

Tests got adjusted and so controller scripts and templates.
Both libs and tests changes have been squashed. This ones remain in
order to keep Owen's attribution on the template changes and avoid
rebase conflicts.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
37efe6ff76 Bug 20568: (follow-up) Interface and markup changes
This patch makes some interface changes to bring things better in line
with existing interface patterns. This patch also re-indents the
modified templates with 4 spaces instead of 2 and makes <input>s
self-closing.

Also changed: Corrected system preference check in opac-apikeys.pl.

To test, apply the patch and:

In the staff client:

 - Open a patron record and choose More -> Manage API keys.
   - There should be a standard message dialog containing a link to
     "Generate a new key."
     - Clicking the link should show the form for adding a new key.
     - Test that clicking the "Cancel" link hides the form.
     - Test that creating the new key works correctly.
   - You should now see a table showing existing keys and a "Generate a
     new key" button above it.
     - Test that the "Delete" button asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.

In the OPAC:

 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Allow."
 - Log in to the OPAC and click the "your API keys" link in the sidebar.
   - Clicking the "Generate new key" button should display the form for
     adding a new key.
     - Clicking the "cancel" link should hide the form.
     - Submitting the form should add a new key.
   - You should now see a table showing existing keys.
     - Test that the "Delete" link asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.
 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Don't
   allow."
   - Log in to the OPAC and confirm that the "your API keys" link in the
     sidebar is no longer visible.
     - Confirm that navigating directly to /cgi-bin/koha/opac-apikeys.pl
       results in a 404 error.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:58 -03:00
9007b25d09 Bug 20568: API key management for OPAC users
This patch makes the OPAC interface for API keys management work
with the new lib. Verify all actions work for a logged user.

Users without login should be redirected to an error page.

The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the
OPAC feature is enabled or not.

To test:
- Verify the syspref works
- Verify users can manage their API keys

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:58 -03:00
30b763040c Bug 20568: Unit tests
This patch adds unit tests for the introduced classes: Koha::ApiKey(s).

To test:
- Apply this patch
- Run
  $ kshell
 k$ prove t/db_dependent/Koha/ApiKeys.t
=> FAIL: Tests fail because the feature is not implemented.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:58 -03:00
05101f0afa Bug 20568: Add mandatory description field for api keys
This patch changes the table structure adding fields usually found on
this kind of api management pages.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:58 -03:00
Julian Maurice
3aa102d0c3 Bug 20568: API keys management in interface
This introduces the concept of API keys for use in the new REST API.
A key is a string of 32 alphanumerical characters (32 is purely
arbitrary, it can be changed easily).
A user can have multiple keys (unlimited at the moment)
Keys can be generated automatically, and then we have the possibility to
delete or revoke each one individually.

Test plan:
1/ Go to staff interface
2/ Go to a borrower page
3/ In toolbar, click on More -> Manage API keys
4/ Click on "Generate new key" multiple times, check that they are
   correctly displayed under the button, and they are active by default
5/ Revoke some keys, check that they are not active anymore
6/ Delete some keys, check that they disappear from table
7/ Go to opac interface, log in
8/ In your user account pages, you now have a new tab to the left "your
   API keys". Click on it.
9/ Repeat steps 4-6

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:58 -03:00
462dc01cee Bug 20402: Update DBIX schema
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:57 -03:00
d012552ab6 Bug 20402: DBRev 17.12.00.042
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:47:43 -03:00
714e553889 Bug 20402: only output if verbose flag is set
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:47:43 -03:00
Julian Maurice
99b8206534 Bug 20402: Remove useless call to Koha::OAuthAccessTokens->search
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:43 -03:00
3ada121431 Bug 20402: Add missing POD
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:43 -03:00
a5c28cc24b Bug 20402: Atomic update and kohastructure.sql fixes
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:43 -03:00
Julian Maurice
5b2aec72a9 Bug 20402: Use TestBuilder->build_object in oauth.t
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:43 -03:00
Julian Maurice
5c7d12e4e0 Bug 20402: Remove dependency on Mojo::Plugin::OAuth2::Server
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:42 -03:00
Julian Maurice
996b100f1f Bug 20402: Don't look at cookies if OAuth2 is attempted and has failed
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:42 -03:00
Julian Maurice
ccc034195e Bug 20402: Fix oauth.t
GET /patrons now requires { "borrowers": 1 } instead of
{ "borrowers": "edit_borrowers" }

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:42 -03:00
Julian Maurice
43a4b3c22c Bug 20402: Implement OAuth2 authentication for REST API
It implements only the "client credentials" flow with no scopes
support. API clients are tied to an existing patron and have the same
permissions as the patron they are tied to.
API Clients are defined in $KOHA_CONF.

Test plan:
0. Install Net::OAuth2::AuthorizationServer 0.16
1. In $KOHA_CONF, add an <api_client> element under <config>:
     <api_client>
       <client_id>$CLIENT_ID</client_id>
       <client_secret>$CLIENT_SECRET</client_secret>
       <patron_id>X</patron_id> <!-- X is an existing borrowernumber -->
     </api_client>
2. Apply patch, run updatedatabase.pl and reload starman
3. Install Firefox extension RESTer [1]
4. In RESTer, go to "Authorization" tab and create a new OAuth2
   configuration:
   - OAuth flow: Client credentials
   - Access Token Request Method: POST
   - Access Token Request Endpoint: http://$KOHA_URL/api/v1/oauth/token
   - Access Token Request Client Authentication: Credentials in request
     body
   - Client ID: $CLIENT_ID
   - Client Secret: $CLIENT_SECRET
5. Click on the newly created configuration to generate a new token
   (which will be valid only for an hour)
6. In RESTer, set HTTP method to GET and url to
   http://$KOHA_URL/api/v1/patrons then click on SEND
   If patron X has permission 'borrowers', it should return 200 OK
   with the list of patrons
   Otherwise it should return 403 with the list of required permissions
   (Please test both cases)
7. Wait an hour (or run the following SQL query:
   UPDATE oauth_access_tokens SET expires = 0) and repeat step 6.
   You should have a 403 Forbidden status, and the token must have been
   removed from the database.
8. Create a bunch of tokens using RESTer, make some of them expires
   using the previous SQL query, and run the following command:
     misc/cronjobs/cleanup_database.pl --oauth-tokens
   Verify that expired tokens were removed, and that the others are
   still there
9. prove t/db_dependent/api/v1/oauth.t

[1] https://addons.mozilla.org/en-US/firefox/addon/rester/

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:42 -03:00
896bb7ec54 Bug 20525: Add --timezone switch to koha-create
This patch adds a --timezone switch to koha-create so the timezone can
be set on creation time. It defaults to empty (i.e. using the server's
local time).

To test:
- Create an instance:
  $ sudo koha-create --create-db timezone1
=> SUCCESS: /etc/koha/sites/timezone1/koha-conf.xml contains an empty
<timezone> entry.
- Apply this patch
- Run:
  $ perl misc4dev/cp_debian_files.pl
- Create a new instance:
  $ sudo koha-create --create-db timezone2
=> SUCCESS: /etc/koha/sites/timezone2/koha-conf.xml contains an empty
<timezone> entry (i.e. the current behaviour is preserved).
- Create a new instance:
  $ sudo koha-create --create-db --timezone Your/Timezone timezone3
=> SUCCESS: /etc/koha/sites/timezone3/koha-conf.xml contains
    <timezone>Your/Timezone</timezone> (i.e. introduced behaviour works)
- Sign off :-D

Sponsored-by: ByWater Solutions

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 12:14:46 -03:00
8bb531b530 Bug 20721: (bug 19403 follow-up) Prevent Circulation.t to fail randomly
If items.restricted == 1, CanBookBeIssued will not returned what we are
testing.

The easiest and global fix is to define a default value at TestBuilder
package level

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 13:15:34 -03:00
9a1bed84d6 Bug 20531: (follow-up) Set the timestamps to the same value to get a correct order
There were 2 places where it was failing!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 12:22:44 -03:00
affd3f0ece Bug 20686: OPAC shows 'Login to OverDrive account' with 'OverDriveCirculation' syspref disabled
ps: you will need an active and working overdrive account to test this patch

1/ prepare a koha with overdrive sysprefs set and working
    (OverDriveLibraryID,OverDriveClientKey,OverDriveClientSecret)

2/ set OverDriveCirculation syspref to 'disable'

3/ do an opac search, note the 'Login to OverDrive account' message is incorrectly displayed
    see pic 1

4/ apply patch

5/ do an opac search, note the 'Login to OverDrive account' message is no longer displayed (good)
    see pic 2

Can confirm that bug is replicable and patch applies and functions as described.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:32 -03:00
23aa986612 Bug 20305: Remove warnings from tools scripts
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:23 -03:00
f0b88ed328 Bug 20687: (follow-up) Look for invitekey in show_accept and fix error codes
We should check the invitekey in show_accept by passing it along in the
search call.
On the way I fixed some error checking: if the list number is invalid, or
the list is public or you are the owner, or if the key is not found, we
should set the right error code; the template contains those messages.

Test plan:
[1] Share a list and accept a correct invitation with another user.
[2] Try to accept some invalid proposals: wrong key, wrong list.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested invalid key, wrong list, owner, public list, expiry.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:13 -03:00
90d249b39d Bug 20687: Check all share keys for a given list
This patch gets all the shares for a list and iterates through to find
the correct one when accepting from a link

To test:
1 - Create a private list in the opac
2 - Invite 2 patrons to the list
3 - Try to accept from the patron you first shared to
4 - You will get a failure message about expiration of the link
5 - Apply patch
6 - Now try to accept the first share
7 - It works! Success!

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:13 -03:00
ab52b1f3ac Bug 20284: Fix minor compilation errors
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:01 -03:00
046f1f3401 Bug 20284: (QA follow-up) superlibrarian has ill permissions
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:01 -03:00
Andrew Isherwood
1b67f20823 Bug 20284: (follow-up) Added missing 'exit's
This patch adds the exits that were missing after the redirects

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:01 -03:00
Andrew Isherwood
b12d5e7c20 Bug 20284: ILLModuleCopyrightClearance text breaks
This patch fixes the display of the copyright notice text that is defined
in ILLModuleCopyrightClearance preference when placing ILL requests from
the OPAC. Handling of the copyrightclearance stage was missing,
this has been added.

To test:
1) Ensure you have at least one ILL backend available:
   https://wiki.koha-community.org/wiki/ILL_backends
2) Ensure you have the "ILLModule" preference enabled
3) Add some text to the "ILLModuleCopyrightClearance" preference
4) Navigate to a search results page in the catalog
5) Click the "Make an Interlibrary Loan request" link at the bottom
6) Choose "Create a new request", then select a backend
7) Observe the text you added earlier is displayed with buttons for
   agreeing or disagreeing (prior to this patch, this screen displayed
   an error)
8) Observe that clicking "Yes" takes you to the form for adding request
   details
9) Observe that clicking "No" takes you back to the "Interlibrary loan
   requests" page

Signed-off-by: Barry Cannon <bc@interleaf.ie>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:01 -03:00
Mark Tompsett
6db7ab6b93 Bug 20477: Silence floody noise on fast cataloging
TEST PLAN
---------
See comment #0 to reproduce.
apply this patch
restart_all

echo | sudo tee /var/log/koha/kohadev/place-error.log
restart_all
cat /var/log/koha/kohadev/plack-error.log
-- just restart information

log into staff client again, home -> circulation -> fast cataloging

cat /var/log/koha/kohadev/plack-error.log
-- just restart information

run qa test tools

Signed-off-by: Roch D'Amour <roch.damour@inlibro.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-04 09:25:58 -03:00
4c36d4beb6 Bug 20620: Remove warnings in moredetail.pl
Since 19995 warnings are displayed in moredetail.pl, we should get rid
of them.

Test plan:
Hit moredetail.pl with different biblionumbers and confirm you do no
longer see warnings in logs.

Make sure values for rentalcharge, item type, ccode and replacementprice
are displayed correctly.

Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-04 09:19:36 -03:00
Mark Tompsett
be35e4883a Bug 20663: Add some POD, so koha test tools don't complain
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-04 09:19:26 -03:00
Mark Tompsett
32a2528d53 Bug 20663: Remove dead code related to compound reports
TEST PLAN
---------
git grep "Create Compound Report"
-- only one file
git grep compound | grep 1
-- this is the only setting of the compound tt variable
less koha-tmpl/intranet-tmpl/prog/en/modules/reports/guided_reports_start.tt
-- There is an TT IF statement for compound.
-- In that statement it would trigger 'Save Compound'
git grep save_compound
-- only the template and the guided report perl
git grep create_compound
-- only triggered by the save code in the guided report perl
-- in the export for the C4/Reports/Guided.pm
git grep run_compound
-- left over in export

apply the patch
look around and see the pieces are cleaned up.

run koha qa test tools

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-04 09:19:26 -03:00
Katrin Fischer
d2d937fc9b Bug 19171: Attempt to make "no holds possible" messages less confusing
At the moment, when no holds are possible, the OPAC reads something
like:

Sorry, none of these items can be placed on hold.
No items available.

This is confusing to the patrons, because the records have items,
but they are not showing. The record also may have available items,
they are just not permitted to place holds on them.

Changes:
- Only display the first message, when somoene tried unsuccessfully
  to place holds on multiple records.
- Change first message to: Sorry, none of these titles can be placed on hold.
- Change the second message to read:
  No items available to be placed on hold.
- Remove <strong> around Sorry for better translatability.

To test:
- Try to place a hold on single record, where no hold is possible.
- Try to place a hold on a single record, where a hold is possible.
- Try to place holds on multiple records where no hold is possible.
- Try to place holds on multiple records where at least one hold
  is possible.

  Verify the screen messages make sense in all cases.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Fixed stray </strong> during signoff.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
For consistency with staff, I renamed multi_holds to multi_hold.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-04 09:17:10 -03:00
305d3c36cb Bug 20685: Escape letter template content in textarea
Test plan:
enter the following text into the Email template for 'HOLD_SLIP'
in Home › Tools › Notices & Slips › Modify notice

<div style='max-width: 4in;'>
<h3><<borrowers.surname>>, <<borrowers.firstname>></h3><br />
<<borrowers.streetnumber>> <<borrowers.address>><br />
<<borrowers.address2>><br />
<<borrowers.city>>, <<borrowers.state>> <<borrowers.zipcode>><br />
<br />
<br />
<img src="/cgi-bin/koha/svc/barcode?barcode=<<borrowers.cardnumber>>&type=Industrial2of5&notext=1">

Edit it again
Without this patch you will get:
<img src="/cgi-bin/koha/svc/barcode?barcode=<<borrowers.cardnumber>>&type=Industrial2of5¬ext=1">

Signed-off-by: Barton Chittenden <barton@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-04 09:15:38 -03:00
75dc3fb0f3 Bug 11317: Add id and class attributes to body
This fixes xt/tt_valid.t
 #   Failed test '<body> tag with id and class attributes'
 #   at xt/tt_valid.t line 91
 # Files list:
 # intranet-tmpl/prog/en/modules/tools/access_files.tt: 8
 # Looks like you failed 1 test of 3.
 [16:44:56] xt/tt_valid.t
 Dubious, test returned 1 (wstat 256, 0x100)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-03 14:30:03 -03:00