Test plan:
0) Have either CAS or Shibboleth authentication enabled under Plack.
1) Hover over the authentication link on the staff client or OPAC, and
notice that it has either '.../opac/...' or '.../intranet/...' instead
of '.../cgi-bin/koha/...'. (This will be a complete dealbreaker for CAS
authentication.)
2) Apply patch.
3) Check links again; they should now have the correct paths.
Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Did not test CAS or Shibboleth, but no regression found.
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Bug 14507 introduced the use of checkpw in C4::SIP::ILS::Patron so that
non-Koha internal authentication processes would be able to function via
SIP ( LDAP et al ).
The problem is that checkpw changes the userenv to that of the patron!
This is not usually an issue in Koha because most of the time that
patron running through checkpw is the one to be logged in.
Aside from SIP2 the only other area where this may be an issue is in SCO
when using SelfCheckoutByLogin.
Test Plan:
1) On master, check out an item to a patron via SIP2
2) Note the checkout lists the item as having been checked out
from the patron's home library not matter which library is was
supposed to be checked out from.
3) Apply this patch
4) Re-checkout the item
5) The item should now be checked out as if it was checked out from
the library as defined in the SIP configuration file.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This uses a hacky but simple method to get the correct script name under
proxied packaged Plack.
Test plan:
1) Log out of both the OPAC and staff side.
2) Try to access a page that requires login (opac-reserve.pl is a
good one for the OPAC), then log in.
3) You will be redirected back to mainpage.pl or opac-user.pl.
4) Repeat above for both staff side and OPAC.
5) Apply patch.
6) Repeat steps 1-4; you should be redirected back to the original
page you were on.
7) Repeat the above for both a traditional CGI and kohadevbox/package
Plack installation.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
There are 2 prefs to drive this feature: StaffAuthorisedValueImages and
AuthorisedValueImages. AuthorisedValueImages is not added by
sysprefs.sql and does not appear in updatedatabase.pl, we could easily
imagine that nobody uses it.
With XSLT enabled, the feature is only visible on a record detail page
at the OPAC, if AuthorisedValueImages is set. Otherwise you need to turn
the XSLT off. In this case you will see the images on the result list
(OPAC+Staff interfaces) and OPAC detail page, but not the Staff detail
page.
This patch suggests to remove completely this feature as it does not
work correctly.
The ability to assign an image to an authorised value is now always
displayed, but the image will only be displayed on the advanced search
if defined.
Test plan:
Confirm that the authorised value images are no longer visible at the
opac and the staff interfaces.
The prefs should have been removed too.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Currently if not logged in when browsing to
http://YOURCATALOG/cgi-bin/koha/sco/sco-main.pl
You are redirected to opac-auth.tt and SCOUserCSS and SCOUserJS are not
loaded. This page passes through a parameter to the template to indicate
this is an SCO login and appropriate CSS and JS should be loaded.
Additionally this patch ensure that when loggin in using the form you
are redirected to the sco-main.pl instead of the patron account page for
the user.
To test:
1 - Verify that normal login works on both staff and opac
2 - Verify that SCO link goes to login page if AutoSelfCheckAllowed is
set to "Don't allow"
3 - Enter changes into SCOUserJS and SCOUserCSS and observe these are
present on SCO log in page with AutoSelfCheck disabled
4 - Verify that a logged in opac user without permissions cannot access
the self-checkout module
5 - Verify that AutoSelfCheckAllowed and associated system preferences
function as expected
6 - Verify the AutoSelfCheck user is logged out if they attempt to visit
another page
Followed test plan.
If I go to http://YOURCATALOG/cgi-bin/koha/sco/sco-main.pl, CSS and JS trigger already on
the login form, I suppose that is intended.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
The login page should not be displayed if the page is displayed in a
frame.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
Test Plan (remains the same):
0) Back up your database
1) Apply all these patches
2) In your mysql client use your Koha database and execute:
> DELETE FROM systempreferences;
> SOURCE ~/kohaclone/installer/data/mysql/sysprefs.sql;
-- Should be no errors.
> SELECT * FROM systempreferences LIKE 'GoogleO%';
-- Should see 4 entries.
> QUIT;
3) Restore your database
4) Run ./installer/data/mysql/updatedatabase.pl;
5) In your mysql client use your Koha database and execute:
> SELECT * FROM systempreferences LIKE 'GoogleO%';
-- Should see the same 4 entries.
6) Log into the staff client
7) Home -> Koha administration -> Global system preferences
8) -> OPAC
-- make sure your OPACBaseURL is set (e.g. https://opac.koha.ca)
9) -> Administration
-- There should be a 'Google OAuth2' section with the ability
to set those 4 system preferences.
10) In a new tab, go to https://console.developers.google.com/project
11) Click 'Create Project'
12) Type in a project name that won't freak users out, like your
library name (e.g. South Pole Library).
13) Click the 'Create' button.
14) Click the 'APIs & auth' in the left frame.
15) Click 'Credentials'
16) Click 'Create new Client ID'
17) Select 'Web application' and click 'Configure consent screen'.
18) Select the Email Address.
19) Put it a meaningful string into the Product Name
(e.g. South Pole Library Authentication)
20) Fill in the other fields as desired (or not)
21) Click 'Save'
22) Change the 'AUTHORIZED JAVASCRIPT ORIGINS' to your OPACBaseURL.
(http://library.yourDNS.org)
23) Change the 'AUTHORIZED REDIRECT URIS' to point to the new
googleoauth2 script
(http://library.yourDNS.org/cgi-bin/koha/svc/auth/googleopenidconnect)
24) Click 'Create Client ID'
25) Copy and paste the 'CLIENT ID' into the GoogleOAuth2ClientID
system preference.
26) Copy and paste the 'CLIENT SECRET' into the GoogleOAuth2ClientSecret
system preference.
27) Change the GoogleOpenIDConnect preference to 'Use'.
28) Click 'Save all Administration preferences'
29) In the OPAC, click 'Log in to your account'.
-- You should get a confirmation request, if you are
already logged in, OR a login screen if you are not.
-- You need to have the primary email address set to one
authenticated by Google in order to log in.
30) Run koha qa test tools
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Mainly a
perl -p -i -e 's/^.*3.07.00.049.*\n//' **/*.pm
Then some adjustements
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
perl -p -i -e 's/^(use vars .*)\$VERSION\s?(.*)/$1$2/' **/*.pm
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
The singleBranchMode system preference does not make sense.
Either the install has only 1 library defined or several. In both case,
we can easily guess the behavior to follow.
So the idea of this patch is to replace the fetch of this syspref with a
call to count the number of libraries defined in DB.
Test plan:
1/ From a fresh Koha install, execute the DB entry to remove the pref.
2/ Define only 1 library
3/ Confirm that Koha behaves the same as before (try to change your
library, look at the facets)
4/ Create another library (or more) and reinsert the pref and set it:
insert into systempreferences (variable, value)
values('singleBranchMode', 1);
5/ Execute the DB entry
You should get a warning message.
6/ Repeat 3.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Does what it says, but will change behaviour for any Koha install that
has 2 branches defined, One circulation, and this preference set.
If that is an acceptable change, we might need to make sure this is noted well in the
release notes.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Test plan:
Log you in!
Without this patch applied, you will get a warning
"Fetching the value or values of a single named parameter"
With this patch applied, the warning from C4::Auth line 401 should not
appear anymore in the log file.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Note: no warnings for older CGI versions.
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
If you use multiple instances on one server, you could have the situation
that instance A creates the cgisess subfolder and instance B could have a
permission problem. This patch resolves that by allowing each instance to
have its own cgisess subfolder.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
When some users want to improve performance, one suggestion is to switch the syspref "sessionstorage" to 'tmp',
which store the session info in the /tmp directory instead of the database.
Depending on the frequency of the cleaning process (or lack thereof),
this can be heavy pollution into the /tmp directory, making it unusable.
"rm cgi*" would not even work since cgi* extends to over 8000 items...
A simple fix is to modify the target directory in C4/Auth.pm to /tmp/cgisess.
Testing scenario:
1) change the syspref SessionStorage to 'tmp'
2) Log into the OPAC, validate that a file named /tmp/cgisess_(something) got created
3) Apply the patch
4) Log into the OPAC, validate that a file /tmp/cgisess/cgisess_(something) got created
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Works as advertised. Session files are created in /tmp/cgisess/ instead
of directly in /tmp. I usually store sessions in memcached, but a
couple of times memcached has died on me, and before I knew it, /tmp
was so full of sessions files, I could not easily delete them with
"rm /tmp/cgisess*". Being able to delete /tmp/cgisess/ should be a
bit easier.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Test plan
1/ enable OpacAddMastheadLibraryPulldown
2/ Defined a group of libraries as searchdomain
and tick 'show in pull down'
3/ At the OPAC, go on the advanced search form, limit by the group of
libraries you have just created.
4/ The group should be selected by default in the dropdown list
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
http://bugs.koha-community.org/show_bug.cgi?id=15294
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This is similar to bug 12877
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
While this is missing a detailed test plan, what I did to test was
1/ Login to koha .. it works
2/ Apply patch
3/ Login to koha .. it still works, no regressions. I can't test the
shibboleth part but it doesnt break anything else so I'm happy to sign
off
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
We had to implement this fix for one of our customers using Shibboleth.
Can verify that it fixes the issue (which, incidentally, breaks
stage-marc-import since that depends on a constant sessionID).
Passing QA (verified with QA tools). Thanks, Martin!
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This subroutine does a lot a processing and should only be called when
necessary.
In the get_template_and_user subroutine (so called from any pages of
Koha), it is call to pass the branchcode, title, firstname, surname and
borrowernumber values for the logged in user.
This subroutine calls GetMemberAccountRecords which retrieve the items
infos for all accountlines entries of the logged in user.
On members/members.pl, let's say you have 74 entries in the accountlines
tables, the page will execute 115 SELECT instead of 35 if you don't have any
accountlines entries.
With this patch, the number of SELECT is always 31.
To test this patch you should have technical skills to know what to do.
Note that USER_INFO was an array of... 1 element. Now it's a hashref.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch enable use of IntranetUserCss on staff client
login page.
To test:
1) Add something to IntranetUserCSS to modify login page,
for example
#login h1 a {
height:30px;
}
2) Logout from staff client, no changes on login page.
3) Apply the patch
4) Reload, now logo is cut in half :)
Bonus) Login again an try changing image, add
#login h1 {
background: url(http://example.com/img/other-logo.png) no-repeat top center;
}
and fix height. Logout and check
This also affects 3.20 and perhaps earlier versions.
Re-upload to fix examples
Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The SCO user should only be allowed to access to the SCO module.
This patch make the session ends if the user tries to access another
page after the SCO module.
Test plan:
0/ Configure the SCO module correctly
1/ Go on the sco main page (sco/sco-main.pl)
2/ Try to go somewhere else: you should not be logged in
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
* Extends login screen to pass along #hash
* Adds JSONP support to C4::Service
* Extends humanmsg to allow per-message classes
* Adds proper charset to results of svc/bib
Test plan:
1. C4/Auth.pm and .../intranet/.../auth.tt: verify that login/usage
works as expected, despite the change to pass on the fragment (...#blah)
from the URL.
2. C4/Service.pm and humanmsg.js: verify that editing system
preferences (the main user of these modules) works correctly despite
updates.
3. svc/bib: verify that records can be correctly downloaded with the
change of character set. This can be done in a Firebug/Chrome Devtools
console by running `$.get('/cgi-bin/koha/svc/bib/1')` and inspecting the
results (possibly replacing 1 with a different valid biblionumber).
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
These 2 fields are not used anymore, but we want to keep them anyway.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
CGI->url does not return the correct url on install using packages.
Test plan:
1/ Try to reproduce the bug from the description of bug 15005.
You should be able to login to the intranet and the OPAC
2/ Send a basket and a list from the intranet and the OPAC.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Mubassir Ahsan asked on the Koha mailing list:
Is there any option to set Saturday as the first day of
the week? Please help me.
CalendarFirstDayOfWeek is currently either Sunday|Monday.
By converting it to 0|1|2|3|4|5|6
(Sunday, Monday, ..., Saturday), we can allow any day of the
week to be the first day of the week in the date picker.
TEST PLAN
---------
1) Backup DB
2) In mysql:
> DELETE FROM systempreferences;
> SOURCE .../installer/data/mysql/sysprefs.sql
> SELECT variable,value FROM systempreferences;
-- It should say 'CalendarFirstDayOfWeek' and '0'
May say '1' if you are using Norwegian.
3) Restore your DB
4) .../installer/data/mysql/updatedatabase.pl
-- If your previous value for 'CalendarFirstDayOfWeek' was
'Sunday', it should be '0'. For 'Monday', it should be '1'.
5) Test an installation with 'de-DE' as the language.
-- The default value should be '1'.
6) Test an installation with 'nb-NO' as the language.
-- The default value should be '1'.
7) In the staff client, confirm that any day of the week is
available in the I18N/L10N system preferences for the
CalendarFirstDayOfWeek dropdown.
-- I'm aware they aren't in order, but I'm after
functionality, not finesse.
8) In another tab, go to a staff place that has a datepicker.
For example, Home -> Tools -> Inventory/stocktaking
9) For each possible value in the CalendarFirstDayOfWeek,
go to the other tab, refresh the page after updating the
system preference, and click the datepicker icon.
-- The date picker should then start on the selected
day of the week.
10) Log into OPAC
-- This may require setting: opacuserlogin to 'Allow'.
11) Click the personal details tab on the left.
12) There is a date picker for the date of birth.
-- The date picker should then start on the selected
day of the week.
13) Run koha QA test tools.
NOTE: not an atomic update, since this is an old patch.
Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
In Bug 14408 first patch, the regexp used needs an escape on dot and does not need an ending "?"
Test plan :
- prove t/db_dependent/Auth.t
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Counter counter patch
Please test well, including with the null byte %00, this uses a whitelisting to only allow files ending with .tt
and not allowing ../etc
Note the previous patch tries to protect against /etc/passwd
but //etc/passwd is now vulnerable. I do think a whitelist is safer than trying to do a blacklist
/cgi-bin/koha/svc/virtualshelves/search
/cgi-bin/koha/svc/members/search
Are vulnerable
To test:
1/ Hit /cgi-bin/koha/svc/members/search?template_path=members/tables/members_results.tt
Notice you get a valid JSON response
2/ Hit
/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
(You may have add more ..%2f or remove them to get the correct path)
Notice you can see the contents of the /etc/passwd file
3/ Hit
/cgi-bin/koha/svc/members/search?template_path=test%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd
4/ Apply patch
5/ Hit the first url again, notice it still works
6/ Hit the second url notice it now errors with a file not found
7/ Hit the third url notice it now errors with a file not found
Repeat for the other script also
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Most of them were found and fixed using codespell.
Fix also some related grammar issues.
In C4/Serials.pm a variable was renamed to make future codespelling
checks easier.
Signed-off-by: Stefan Weil <sw@weilnetz.de>
http://bugs.koha-community.org/show_bug.cgi?id=14383
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This pref does not work at all, the interface let the user choose to
list all suggestions, but whatever he chooses the suggestion list is the
same.
This patch cleans a bit the suggestedby management.
There are a lot of cases to test, because linked to 2 prefs:
AnonSuggestions and OPACViewOthersSuggestions.
1/ AnonSuggestions = 0 and OPACViewOthersSuggestions = 0
- A non logged in user is not able to make a suggestion.
- A logged in user is not able to see suggestions made by someone else.
2/ AnonSuggestions = 0 and OPACViewOthersSuggestions = 1
- A non logged in user is not able to make a suggestion.
- A logged in user is able to see suggestions made by someone else.
3/ AnonSuggestions = 1 and OPACViewOthersSuggestions = 0
- A non logged in user is able to make a suggestion.
The suggestedby field will be filled with the AnonymousPatron pref value.
He is not able to see suggestions, even the ones made by AnonymousPatron.
- A logged in user is not able to see suggestions made by someone else.
4/ AnonSuggestions = 1 and OPACViewOthersSuggestions = 1
- A non logged in user is able to make a suggestion.
He is able to see all suggestions.
- A logged in user is able to see suggestions made by someone else.
In all cases a logged in user should be able to search for suggestions
(except if he is not able to see them).
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
All use cases tested, work as expected
No errors
Only comment is perhaps (in the future) a gracefull failure
when AnonymousPatron is not set, or has '0' value
Message is DBIx::Class::ResultSet::create(): Column 'suggestedby' cannot be null at ...
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
The borrow permission was used but uselessly.
For instance, at the opac, the flagsrequired parameter was set to
'borrow' but the 'authnotrequired' was set also (which means no auth
required).
At the end, this permission was used at only 1 place: for the basket,
intranet side.
This can be replaced with the catalogue permission (which is used to
search).
Test plan:
1/ Confirm that you are able to show/download/sent the cart (intranet side)
with the catalogue permission.
2/ At the OPAC, you should be able to access the same pages as before
with any other permissions.
Concretely it is quite difficult to test this patch, you should have a
look at the code.
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
To reproduce:
- Allow commenting in OPAC (Syspref reviewson)
- Log in to OPAC
- Do a search with many results
- Click on a biblio in result list
- Verify that you can browse the results in detail view ("Browse results")
- Repeat teh search above
- Click on the same biblio as above
- Add a comment (Tab "Comments")
- Close commenting window
- Click on "Next" in result browser
Result: The next biblio is displayed, but result browser has disappeared.
To test:
- Apply patch
- Try to reproduce issue above, verify that result browser does no longer disappear
AMended to remove whitespace chars. / MV
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Bug & solution checked, works well. No koha-qa errors
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
First, it is strongly recommended to set the OPACBaseURL. But
this patch allows the inclusion of the protocol and not just
a site.
Next, C4/Auth now puts OPACBaseURL into the template parameters
regardless of OPAC or Staff clients. t/db_dependent/Auth.t was
tweaked to add a check for confirming that get_template_and_user
adds OPACBaseURL to both OPAC and Staff templates.
In the staff client, once the OPACBaseURL is set, you get a nice
OPAC View link when viewing a biblio's detail. It should reflect
the protocol used now.
Hard coded 'http://' strings were removed from the
sample_notices.sql files. This is what required also updating
the letters table in the updatedatabase.pl script.
The explanation text in the sysprefs.sql needed updating too to
reflect the inclusion of the protocol. And this was the other
update done in the updatedatabase.pl script. The opac.pref file
was similarly changed as well.
catalogue/detail.pl had no need to pass a custom OpacUrl value,
since C4/Auth passes the required OPACBaseURL, so it and the
corresponding template were modified.
Both the MARC21 and NORMARC intranet details files had 'http://'
hard coded in them. This was removed.
Both the bootstrap and prog theme opac-detail template had a
protocol parameter that was used. The logic for the parameter
was not removed, because it is used extensively in one template.
Perhaps it should be used to simplify the other. However, the
calculated current_url parameter had references to the protocol
removed, because of the changes to OPACBaseURL.
opac/opac-shareshelf.pl had a hard coded 'http://' which was
removed.
t/db_dependent/Auth_with_cas.t had 'http://' added to the value
set for OPACBaseURL.
In virtualshelves/sendshelf.pl explicit code which sent the
OPACBaseURL preference was removed, since C4/Auth sends it all
the time now.
C4::Context::set_preference was tweaked to ensure that
OPACBaseURL would always start with http.
t/db_dependent/Context.t was tweaked to specifically test this.
The Shibboleth authentication needs OPACBaseURL set, and that
it be https protocol. The _get_uri routine was tweaked to always
pass back https:// as the protocol on the OPACBaseURL.
t/Auth_with_shibboleth.t was tweaked to specifically test the
changes.
TEST PLAN
---------
This is not an easy patch to test. Difficulties include:
- configuring Koha to run under https
(tweaking apache2 isn't so hard, just tricky)
- configuring Koha to run OPAC and Staff with Plak
(since code with comments about plak were sliced out)
- configuring Koha to use CAS
(may be requires for the CAS test)
1) Apply patch
2) Make sure OPACBaseURL is set without the protocol included.
UPDATEDATABASE
3) back up your DB
4) ./installer/data/mysql/updatedatabase.pl
-- It should run without errors.
5) Look up the OPACBaseURL system preference in the staff
client
-- It should have http:// prepended.
6) Run the mysqlclient from your koha git directory
USE koha_library;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
-- There should be no prepended http:// on the
<<OPACBaseURL>>.
7) restore your DB
8) Make sure OPACBaseURL is set with the protocol included,
preferably https.
-- Using https requires a bunch of apache2 tweaks.
AUTH
9) Call up staff client.
10) Call up OPAC.
-- C4/Auth.pm doesn't barf.
11) Call up Plack staff client
12) Call up Plack OPAC.
-- C4/Auth.pm doesn't barf.
13) prove -v t/db_dependent/Auth.t
CONTEXT
14) Home -> Koha administration -> Global System Preferences
-> OPAC
15) Modify and save OPACBaseURL to not have http:// or https://
on it.
-- It should be modified to include http://
16) Modify and save another system preference.
-- It should save normally
17) prove -v t/db_dependent/Context.t
CATALOGUE/DETAIL (tt & pl)
18) Confirm the OPACBaseURL is set
19) Navigate to any biblio details in the staff client
-- There should be a "OPAC view" link which has the
correct http:// or https:// in it.
SQL (sample notices and sysprefs)
20) Run the mysqlclient from your koha git directory
USE koha_library;
DELETE FROM letter;
source installer/data/mysql/de-DE/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/en/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/nb-NO/1-Obligatorisk/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/es-ES/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/fr-FR/1-Obligatoire/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/it-IT/necessari/notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/pl-PL/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/ru-RU/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/uk-UA/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
-- Each of the selects should should lines that have
<<OPACBaseURL>> starting them, but no hard-coded http://
DELETE FROM systempreferences;
source installer/data/mysql/sysprefs.sql;
SELECT * FROM systempreferences WHERE variable='OPACBaseURL';
-- The explanation should reflect the new explanation.
QUIT
21) restore your DB
22) Make sure OPACBaseURL is set with the protocol included,
preferably https.
-- Using https requires a bunch of apache2 tweaks.
SLIM2INTRANETDETAIL
23) Set 'XSLTDetailsDisplay' system preference to default.
24) Set 'marcflavour' system preference to MARC21.
25) View any biblio's details.
-- the URL beside 'OPAC View' should have the appropriate
http:// or https://
26) Set 'marcflavour' system preference to NORMARC.
27) View any biblio's details.
-- the URL beside 'OPAC View' should have the appropriate
http:// or https://
OPAC-DETAIL
28) Set 'opacthemes' to bootstrap.
29) Set 'SocialNetworks' to enabled.
30) In OPAC, view any biblio's details.
-- the Share links should have the appropriate protocol on
the OPACBaseURL.
31) Set 'opacthemes' to prog.
32) In OPAC, view any biblio's details.
-- the Share links should have the appropriate protocol on
the OPACBaseURL.
AUTH_WITH_CAS
33) prove -v t/db_dependent/Auth_with_cas.t
OPAC-SHARESHELF
34) Set 'OpacAllowSharingPrivateLists' to allow.
35) In OPAC, 'Save to Lists' a search result.
36) Save it to a new private list.
37) Click the Lists button, and select the new list.
38) Click the Share button.
AUTH_WITH_SHIBBOLETH
39) prove -v t/Auth_with_shibboleth.t
-- needs to be tests on Debian, because I can't get
the Test::DBIx::Class installed in Ubuntu. :(
Rebased again on kohadevbox...
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
TEST PLAN
---------
1) $ prove t/db_dependent/Auth.t
-- warnings
2) Apply this patch
3) $ prove t/db_dependent/Auth.t
-- only one specific type of warning
4) Apply bug 5010 patch
5) $ prove t/db_dependent/Auth.t
-- noisy is eliminated
6) koha qa test tools.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
With patch only one warn
With 5010 no more warns
No errors
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Test plan:
Same as previous patch for opacuserjs
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
NOTE: Worked before and after updatedatabase.pl, though after
is less confusing to the programmer unaware of case-insensitivity.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
To match IntranetUserCSS, intranetuserjs should be renamed
IntranetUserJS.
Test plan:
1/ Be sure there is no occurrence of intranetuserjs
2/ Confirm the pref still works as before
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
NOTE: Worked before and after updatedatabase.pl, though after
is less confusing to the person unaware of case insensitivity.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This code causes the installer to re-check dependencies during the
upgrade process.
Test Plan
---------
1) Log in to staff client
2) Koha Administration -> Global system preferences -> Local
3) Change Version to previous version -- DO NOT HIT SAVE YET!
4) In command line: sudo apt-get purge libpdf-fromhtml-perl
NOTE: This could be ANY required library. I chose
PDF::FromHTML, because it has been a thorn in my side.
5) NOW! Hit the 'Save' button.
6) Log in, etc. etc...
-- Blows up on redirect to log in.
7) In command line, add it back (I had to compile my own so,
I used sudo dpkg -i /path/to/libpdf-fromhtml-perl...)
8) Apply patch
9) Edit the C4/Installer/PerlDependencies.pm to make
PDF::FromHTML required. See also bug 14103.
10) Log in to staff client
11) Koha Administration -> Global system preferences -> Local
12) Change Version to previous version -- DO NOT HIT SAVE YET!
13) In command line: sudo apt-get purge libpdf-fromhtml-perl
14) NOW! Hit the 'Save' button.
15) Log in, etc. etc...
16) Once warned you are missing it, add it back at the command line.
17) Click 'Recheck'
-- Proceeds as expected now.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
It will permit not to run another perl interpreter.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds:
- links to the new pages.
- syspref description
- links on the main page (intranet)
- the DISCHARGE type for debarment
Signed-off-by: Lucie <lucie.rousseaux@dracenie.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
http://bugs.koha-community.org/show_bug.cgi?id=9987
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch allows to use CAS authentication for intranet login.
It works exactly the same as the OPAC login, except that the
staffClientBaseURL syspref must be set for intranet login
(like OPACBaseURL must be set for OPAC login).
Signed-off-by: Koha Team AMU <koha.aixmarseille@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
In C4::Auth there is a use C4::VirtualShelves.
Virtualshelves are displayed in all OPAC pages, but not in intranet.
For performance, we should move this into a require only for opac pages.
This patch adds a condition to fetch virtualshelves only if opac and moves the dependancy on C4::VirtualShelves into require calls.
On my desktop, I have those compilation times for C4/Auth.pm :
- Without patch : 0,41 seconds
- With patch : 0,22 seconds
This performance improvement is very usefull for pages that only use a few as dependancy, like errors/404.pl
Test plan :
- Be sure there are some public lists
- Apply patch
- Go to opac (not logged-in)
- Click on "Lists"
- Check you see the public lists
- Login with a user
- Be sure this user has some private lists
- Click on "Lists"
- Check you see the public and private lists
- Logout
- Go to /cgi-bin/koha/opac-reserve.pl
- You see the loggin page
- Click on "Lists"
- Check you see the public lists
- Go to intranet
- Check you can loggin
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Test plan (from comment #1)
1) Apply this patch
2) Run updatedatabase.pl
3) Verify the system pref OpacColorStyleSheet still works
i.e. no change should be noted
Additionally, I changed the path to an other stylesheet and verified that it worked.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described and no more occurences of opaccolorstylesheet were found.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
If the user is already logged-in, do not trigger CAS authentication
even if there is a ticket in the parameters.
1) Authenticate to the OPAC through CAS.
2) Once redirected to your account, hit F5 or the refresh button of your browser.
3) You're logged out.
Signed-off-by: Koha Team Lyon 3 <koha@univ-lyon3.fr>
Signed-off-by: Luce Barbey <luce.barbey@cirad.fr>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Added sign of lines according to bug.
Works as described, small change.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
C4::Reserves:
* Added OnShelfHoldsAllowed() to check issuingrules
* Added OPACItemHoldsAllowed() to check issuingrules
* IsAvailableForItemLevelRequest() changed interface, now takes
$item_record,$borrower_record; calls OnShelfHoldsAllowed()
opac/opac-reserve.pl and opac/opac-search.pl:
* rewrote hold allowed rule to use OPACItemHoldsAllowed()
* also use OnShelfHoldsAllowed() through
* IsAvailableForItemLevelRequest()
templates:
* Removed AllowOnShelfHolds and OPACItemHolds global flags, they now
only have meaning per item type
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
I have tested this patch left, right and upside down for the last
several months. All tests have passed.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
There were multiple calling conventions for C4::Context's
set_userenv routine. So the following commands were used to
find discrepancies:
grep "::set_userenv" `find .`
grep "\->set_userenv" `find .`
The first grep demonstrated that the smaller change is from
:: to -> as only C4/Auth.pm, installer/InstallAuth.pm, and
t/db_dependent/Circulation.t would need to be modified. This
patch corrects C4::Context's set_userenv routine to be object
call based (use ->) by using a shift to ignore the first
parameter, and modify the three files found with :: calls.
As the result of trying to roll a distribution,
t/Circulation_barcodedecode.t was discovered to be faulty. The
cause being incorrect parameters! This was hidden when there
was no shift in the set_userenv routine. However, with its
correction, the test broke.
This led me to read the POD documentation for the function
set_userenv in C4::Context and realize it was outdated as
well. It has been revised to match the current version of
the function.
Then intentionally bad parameters passed to the set_userenv
routine in C4::Context were hunted down. The biggest problems
were missing surnames or branch names.
Rebase required because of shibboleth change in C4/Context.pm
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
There was an instance of the pragma missed which meant the the original
patch set didn't actually solve the problem in a large number of cases
This patch adds in the relevant statement.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
To Test:
1) Enable the system preference SessionRestrictionByIP
2) Change your system IP. It will not checkout your system IP or signout.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
A failed login should not leave the user in a half logged authenticated
state, but rather return them to an anonymouse session as per the
pre-login attempt state.
To replicate error:
1. Try to log in with some nonexisting user id or wrong password in the
OPAC
2. Go directly to /opac-user.pl (e.g., enter it in the browser address
bar, or just click on the "Log in" link)
3. Observe a DBI error displayed on the screen
4. You are now in the "deadloop" of sorts (opac/opac-user.pl refuses to
display the login screen, no matter how many times you try to reload
it); to break the deadloop, one needs to:
- remove session cookie from the browser (or cause the session to
expire in some other way - closing browser window would be probably
enough for that)
- remove offending session on the server (from mysql sessions table,
..)
- log in with proper credentials using some other page (like
opac/opac-main.pl right-side panel), which does not involve
opac/opac-user.pl being called without "userid" CGI parameter.
To test:
1. Test as above, the DBI error should no longer be present
2. Check that search history works across failed and sucessful login
attempts
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Add a missing semicolon to the end of a template variable assignment
line. This patch should not affect operation.
Note: With Bug 13499 we did a non-destructive perltidy, as such we only
affected indenting and whitespace to maintain blame history. However, a
number of minor code issues were also highlighted, in this series of
patches I hope to correct other minor style issues.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Removed an uneeded semicolon from the end of an 'if' block. This should
not affect operation of the script.
Note: With Bug 13499 we did a non-destructive perltidy, as such we only
affected indenting and whitespace to maintain blame history. However, a
number of minor code issues were also highlighted, in this series of
patches I hope to correct other minor style issues.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This tidy should only change whitespace and not line breaks, thus
retaining history.
There are no code changes, and thus there should be no regressions to
test for koha wise.
To test the non-destrcutive nature of the patch, run a 'git blame -w' on
the file before and after the patch. The resulting blame should include
a comparabile history of the file, with only some additional blank
lines being attributed to this commit.
A 'git blame -wM' may also be useful for comparison purposes.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
The password should be encoded before hashing.
Test plan:
- Before applying the patch, create a user with utf-8 in password
- apply patches
- try to log in
- change the password
- log out
- try to log in
Signed-off-by: Paola Rossi <paola.rossi@cineca.it>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Dobrica Pavlinusic <dpavlin@rot13.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch adds links to "My account" and "My checkouts" to drop down in staff client header.
To test:
Apply patch
Got to drop down of logged in user (top right)
See new links to "My account" and "My checkout" (above "Log out")
Test the links.
Signed-off-by: Magnus Enger <digitalutvikling@gmail.com>
Works as advertised. The options are not displayed when you are logged
in as the db/admin user.
Added classes "toplinks-myaccount" and "toplink-mycheckouts" to li tags to make it possible to hide them (per Kyle M $
Switching back to "Signd-off" (Hope this is OK becuause it is a tiny string addition)
Marc
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
While testing a bug, warnings in the opac error log were
building up due to a particular line in C4::Auth. After
reviewing the code, it was discovered that removal of the
OpacMainUserBlockMobile system preference created this.
Since the system preference no longer exists, and is not
used, the line was deleted from C4/Auth.pm to prevent this
warning from occuring.
TEST PLAN
----------
1) Go to any OPAC page.
2) Check your opac error log.
-- there should be something about uninitialized values
used in C4/Auth.pm around line 443.
3) Apply the patch
4) Refresh the page.
-- that same error should not be triggered.
5) prove -v t/db_dependent/Auth.t
-- this runs the get_template_and_user function
which had the parameter removed.
6) run the koha qa test tools
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
With CCSR now deprecated there is no longer a need for the
OPACMobileUserCSS system preference. This patch removes it.
To test, apply the patch and run updatedatabase. Check that the
preference can no longer be found in system preferences.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Preference removed, no koha-qa errors.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
With CCSR having been deprecated there is no longer a use for the
OpacShowLibrariesPulldownMobile system preference. This patch removes
it.
To test, apply the patch and run updatedatabase. Check that the
preference can no longer be found in system preferences.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Preference removed, no koha-qa errors.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
- The shibboleth patch introduced an undefined message into the error
logs, when shiboleth is disabled.
Testplan
1. Ensure shibboleth is disabled.
2. Refresh any opac page
3. See 'Use of uninitialized value $ENV{"REMOTE_USER"} in string ne at
/home/koha/kohaclone/C4/Auth.pm line 711.' popup in the opac-error.log
4. Apply patch
5. Refresh opac page
6. Error should no longer appear
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
- Convert Auth_with_shibboleth to use dbic stanzas.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
- A number of issues were highlighted whilst writing sensible unit tests
for this module.
- Removed unnessesary call to context->new();
- Global variables are BAD!
- Croaking is a wimps way out, we should handle errors early and
properly.
Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
- Local fallback was not very well implemented, this patch adds
better handling for such cases allowing clearer failure messages
- This patch also adds the ability to use single sign on via the
top bar menu in the bootstrap theme.
BUG8446, Follow up: Adds perldoc documentation
- Add some documentation to the Auth_with_Shibboleth module
including some guidance as to configuration.
BUG8446, Follow up: Correct filenames to match guidlines
- Moved Auth_with_Shibboleth.pm to Auth_with_shibboleth.pm to match
other files present on the system.
BUG8446, Follow up: Correct paths after file rename
BUG8446, Follow up: Implemented single sign out
- This follow up rebases the code against 3.16+ which managed to break
some of the original logic.
- As a side effect of the rebasing, we've also implemented the single
sign out element. Upon logout, koha will request that the shibboleth
session is destroyed, and then clear the local koha session upon
return to koha. Due to the nature of shibboleth however, you will
only truly be signed out of the IdP if they properly support Single
Sign Out (which many do not). As a consequence, although you may
appear to be logged out in koha, you might find that upon clicking
'login' the IdP does NOT request your login details again, but instead
logs you silently back into your koha session. This is NOT a koha bug,
but a shibboleth implementation issue that is well known.
BUG8446, Follow up: Fixed bootstrap login via modal
- The bootstrap theme enable login from any opac page via modal. To
enable this with shibboleth we had to make some template parameters
globally accessible when shibboleth is enabled.
BUG8446, Follow up: Add template rules for Shibboleth and CAS
- Add template rules so that CAS and Shibboleth can coexist.
BUG8446, Follow up: Added default config to config file
BUG8446, Follow up: Embellished perldoc documentation
- Updated perldoc to correct detail about configuring shibboleth
authentication.
- Updated perldoc to include subroutines and their respective functions.
BUG8446, Follow up: Enable configuration of match field
- Added clearer, more flexible, configuration of shibboleth attribute to
koha borrower field matching for authentication
- Correcting of documentation to make it more clear to the current
implementation
- Minor refactoring of code to reduce some code duplication
Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
- Use the shibbolethAuthentication syspref to enable Shibboleth authentication
- Configure the shibbolethLoginAttribute to specify which shibboleth user
attribute matches the koha login
- Make sure the OPACBaseURL is correctly set
BUG8446, Follow-up: Adds Shibboleth authentication
- Fix logout bug: shibboleth logout now occurs only when
the session is a shibboleth one.
- Do some refactoring: getting shibboleth username is now
done in C4::Auth_with_Shibboleth.pm (get_login_shib function)
BUG8446, Follow-up: Adds Shibboleth authentication
- Adds redirect to opac after logout
BUG8446, Follow-up: Adds Shibboleth authentication
- Shibboleth is not compatible with basic http authentication
in C4/Auth.pm. This patch fixes that.
BUG8446, Follow-up: Adds Shibboleth authentication
- Use ENV{'SERVER_NAME'} instead of syspref OpacBaseURL in order to work with
multiple vhosts.
BUG8446, Follow-up: Adds Shibboleth authentication
- Adds missing protocol for $ENV{'SERVER_NAME'}
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jesse Weaver <pianohacker@gmail.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested with the feide idp.
- LDAP login and logout are working
- local login/logout are still working
- CAS login/logout are still working
Instructions for setup can be found on the wiki:
http://wiki.koha-community.org/wiki/Shibboleth_Configuration
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
It is kosher now to use the Koha template toolkit plugin for retrieving
system preferences values. This followup does that.
It also changes the class for ids, for people considering this patch
introduces too much noise on the home screen being able to control
its visibility.
Regards
To+
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Enable staff to setting a text for OPAC user/pass information
Modified:
C4/Auth.pm
koha-tmpl/opac-tmpl/bootstrap/en/includes/usermenu.inc -add a text to the popup login page
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-main.tt -add a text to the main login page
Testing:
I Apply the patch
0) Search NoLoginInstructions preference
1) Add/modify a text
2) Open OPAC main page
3) Validate the text added under Login button
4) Click in "Log in to your account" link
5) Validate the text added under input password (popup)
Sponsored-by: CCSR ( http://www.ccsr.qc.ca )
Patch behaves as expected.
Signed-off-by: Marc Veron <veron@veron.ch>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch covers LDAP auth_by_bind configuration so that wrong
LDAP password will return -1 to C4::Auth so we can abort local auth
and prevent users logging in with stale database passwords.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
http://bugs.koha-community.org/show_bug.cgi?id=8148
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Dobrica Pavlinusic <dpavlin@rot13.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
CCSR having been deprecated there is no longer a use for the
OpacShowFiltersPulldownMobile system preference. This patch removes
it.
To test, apply the patch and run updatedatabase. Check that the
preference can no longer be found in system preferences.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Preference removed, no koha-qa errors
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
The opacsmallimage system preference is unused in the bootstrap theme.
It can be removed now that prog and ccsr are deprecated. This patch does
so.
To test, apply the patch and run updatedatabase. Confirm that the OPAC
works properly and the preference can no longer be found.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Preference removed, no koha-qa errors
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Since we switched to Template Toolkit we don't need to stick with the
sufix we used for HTML::Template::Pro.
This patch changes the occurences of '.tmpl' in favour of '.tt'.
To test:
- Apply the patch
- Install koha, and verify that every page can be accesed
Regards
To+
P.S. a followup will remove the glue code.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch changes how the OPACBaseURL parameter gets set in the subroutine
get_template_and_user in Auth.pm.
Currently, it's being set by the $ENV{'SERVER_NAME'} variable. In many
cases, this will probably match the URL that the user uses to access a
page. However, this causes problems with reverse proxies.
There are ways to compensate for proxy servers (such as inspecting
other variables set by the web server), but such a solution seems
a bit convoluted...especially since we already use the system preference
OPACBaseURL in many other parts of Koha.
We probably shouldn't be passing OPACBaseURL from Auth.pm at all, and
instead use the Koha TT plugin and using_https param to determine
protocol. However, that's outside the scope of this bug/patch.
This patch is just meant to fix an existing bug.
I did leave the $ENV{'SERVER_NAME'} as a full back if OPACBaseURL isn't
set, but that's it.
_TEST PLAN_
Before applying:
1) Clear your OPACBaseURL preference
2) Perform a search in the OPAC
3) Click on or hover over the orange RSS icon
4) Note that the URL used for the RSS links is either:
a) The same URL you used to access Koha (no reverse proxy)
b) The ServerName from your Koha apache conf which isn't the
same URL you used to access Koha (reverse proxy)
5) Add an OPACBaseURL that isn't the same as the actual OPAC URL
6) Note that the OPACBaseURL system preference has no effect here
After applying the patch:
7) Refresh the page
8) Note that the URL you see now is actually the OPACBaseURL system
preference that you set
9) Clear your OPACBaseURL system preference
10) Refresh your search page
11) Note that the URL has reverted back to the URL that you saw before
(either the original Koha site URL or the Koha ServerName defined
in Apache and not the URL of the proxy)
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
If flagsrequired is set, authnotrequired should be 0.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
To test:
Verify that pages in the OPAC and staff interface display correctly.
Note that there are cases where 'authnotrequired' was not passed
at all to get_template_and_user, so there may be pages that start
requiring authentication. Whether that is correct or not depends
on context.
Follow up patches are to remove all the unnessecary setting of this
value, so that the only places we set are when we do want
authnotrequired=1
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch implements 2 suggestions on comment #3
- Prevents creation of a new user with same userid
of database user
- When checking password, if userid matches database user,
only check against pass on config file
To test:
1. Create a new user with same login as database user
any password different from real db user
2. Check that you can login on staff using this user/pass
and you are superlibrarian
3. Apply the patch
4. Login again using new pass, it must fail
5. Login again using db pass, you are now superuser,
but system does not warn you :( No problem, that's
for having one borrower with that login
6. Delete user with same login as db user
7. Try to create one again as in 1, system must return
an error of duplicate login!
8. Check for no regressions on user/pass authentication
Resubmited, has an error
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
This works nicely and as described.
Also editing the former 'superuser' will force you to
change the userid in order to save any other change.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Since the addition of search groups to Koha, the branch limiting
parameter in multiple PAC by URL support should also support
limiting by these search groups. This patch adds this ability.
Signed-off-by: Srdjan <srdjan@catalyst.net.nz>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Bug 10029 tries to fix the use of URL parameters in CAS authentication.
But is does not work.
The full URL must be used in all methods of C4::Auth_with_cas.
Also, in checkpw_cas(), the 'ticket' parameter must be removed to find
the original URL.
This patch removes the 'ticket' parameter from query before calling
checkpw_cas() since the ticket is passed as method arguemnt.
In C4::Auth_with_cas, many methods use the same code to get the CAS
handler and the service URI. This patch adds a private method
_get_cas_and_service() to do the job.
Test plan:
- Enable CAS
- Go to opac without been logged-in
- Try to place hold on a record
=> You get to /cgi-bin/koha/opac-reserve.pl?biblionumber=XXX showing
authentication page
=> Check that CAS link contains query param "biblionumber"
- Click on CAS link and log in
=> Check you return well logged-in to reserve page with biblionumber
param
- Check CAS loggout
- Check Proxy CAS auth
Signed-off-by: Koha team AMU <koha.aixmarseille@gmail.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests in t, xt, and t/db_dependent/Auth.t.
Also passes QA script.
As I have no working CAS server, I focused on regression testing:
Activated Persona and casAuthentication.
- Verified normal login against database still works.
- Verified Persona login works.
Note: With Persona you are always forwarded to the patron
account - so you have to search for the record again before
you can place a hold.
- Verified that the CAS URL contains the biblionumber when
logging in while placing a hold.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Retested 2014-04-12
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Also store interface (intranet, opac) in context to not have to pass it
as parameter.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
No koha-qa errors
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Comments on last patch.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
When using Plack, the https method returns 'OFF'.
We have to test this value before sending the value to templates.
Test plan:
1/ Fill your OPACBaseUrl
2/ Configure apache for using http
3/ Check the social networks links (should be http://OPACBaseUrl)
4/ Launch Plack
5/ Check the social networks link (should be http://OPACBaseUrl)
6/ Stop Plack
7/ Configure apache for using https
sudo openssl req -x509 -nodes -days 365 -newkey rsa:1024 -out
/etc/apache2/server.crt -keyout /etc/apache2/server.key
and add in you virtualhost (with :443)
SSLEngine on
SSLCertificateFile /etc/apache2/server.crt
SSLCertificateKeyFile /etc/apache2/server.key
a2enmod ssl
service apache2 restart
8/ Check the social networks links (should be https://OPACBaseUrl)
FIXME: Under Plack, with ssl actived, the CGI->https() method always
returns 'OFF'.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Like OPAC, the search history is now available for intranet. This
is controlled by the EnableSearchHistory system preference.
Test plan:
1/ Switch on the 'EnableSearchHistory' syspref.
3/ Launch some biblio and authority searches.
4/ Go on your search history page (top right, under "Set library").
5/ Check that all yours searches are displayed.
6/ Click on some links and check that results are consistent.
7/ Delete your biblio history searches.
8/ Delete your authority searches history searches.
9/ Launch some biblio and authority searches
10/ Play with the 4 delete links (current / previous and biblio /
authority).
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This ensures that if an anonymous session is converted to a logged-in
session, that search history times from the anonymous session get
stored corectly.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Like biblio, this feature provides an authority search history.
This history is available for connected and disconnected user.
If the user is not logged in Koha, the history is stored in an
anonymous user sessin.
The search history feature is now factorized in a new module.
This patch adds:
- 1 new db field search_history.type. It permits to distinguish the
search type (biblio or authority).
- 1 new module C4::Search::History. It deals with 2 different storages:
DB or cookie
- 2 new UT files: t/Search/History.t and t/db_dependent/Search/History.t
- 1 new behavior: the 'Search history' link (on the top-right corner of
the screen) is always displayed.
Test plan:
1/ Switch on the 'EnableOpacSearchHistory' syspref.
2/ Go on the opac and log out.
3/ Launch some biblio and authority searches.
4/ Go on your search history page.
5/ Check that all yours searches are displayed.
6/ Click on some links and check that results are consistent.
7/ Delete your biblio history searches.
8/ Delete your authority searches history searches.
9/ Launch some biblio and authority searches
10/ Delete all your history (cross on the top-right corner)
11/ Check that all your history search is empty.
12/ Launch some biblio and authority searches.
13/ Login to your account.
14/ Check that all previous searches are displayed.
15/ Launch some biblio and authority searches.
16/ Check that these previous searches are displayed under "Current
session".
17/ Play with the 4 delete links (current / previous and biblio /
authority).
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
All patches together pass QA script and tests.
Also, new tests in t/db_dependent/ pass.
Tested in all 4 OPAC themes, being logged in and anonymous.
Anonymous search history will be appended to personal search
history after logging in.
Also verified that cleanup_database still purges search history,
now also including the authority searchs.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This patch uses the TT helper function Koha.Preference() to
retrieve the value of NoLoginInstructions rather than passing
it to all templates as a template variable.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
On a failed login, the default message is harcorded into opac-auth.tt.
It would be preferable to allow for a preference to override that message (for example: ...Please bring an ID to t
The changes modify
-opac-auth.tt to allow for custom value
-admin/preferences/opac.pref to add it to the preferences with a description
-C4/Auth.pm for the loading of the preference
-sysprefs.sql
-updatedatabase.pl
TESTING
1) in OPAC, logged out, try login in by entering no or wrong credentials. Acknowledge the "Don't have a p
2) Apply the patch
3) Regression Test: Redo step 1. Same (default) message should appear.
4) Log in to intranet,
- select NoLoginInstructions in system preferences.
- Enter new (xml) message. Possible:
<h5>Welcome to Koha, please bring your passport to the front office</h5>
- and save
5) refresh the OPAC, try login again with invalid credentials. The new message should appear.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
This patch makes sure that the search history from an
anonymous session is cleared from the session after a user
logs in (and the session history is saved to that user's
record in the database). This fixes a problem where the
search history from the session got repeatedly added to the
database each time the user did something while logged
into the OPAC.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This is recommended in CGI::Session documentation.
Signed-off-by: Charlene Criton <charlene.criton@univ-lyon2.fr>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
- Remove unit tests for ParseSearchHistoryCookie, which doesn't exist
anymore
- Add unit tests for ParseSearchHistorySession and
SetSearchHistorySession
- Remove/Modify comments about search history cookie
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Tests fixed and moved, and comments tidied up
Signed-off-by: Charlene Criton <charlene.criton@univ-lyon2.fr>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Storing search history into cookie can cause problems, due to the size
limitation of 4KB.
The solution here is to store search history into the CGI::Session
object, so there is no size limitation (but anonymous search history
still remember up to 15 requests max.)
Test plan:
- Go to OPAC in anonymous mode.
- Check that the "Search history" link is *not* shown in the top right
corner of the page
- Make some searches on /cgi-bin/koha/opac-search.pl
- The "Search history" link should appear. Click.
- Your search history should be displayed.
- Try to log in with invalid username/password
- Go back to search history, it's still there
- Now log in with valid username/password
- Your anonymous search history should be saved into your own search
history.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Restoring original sign offs and comments below
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Work as described. No koha-qa errors
Well, search history saving is similar before and after patch.
i.e. anonmymous search is saved when user logs in, but cookie
KohaOpacRecentSearches is empty.
Shows current an previous session searches
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
All tests and QA script pass, works as described.
Signed-off-by: Charlene Criton <charlene.criton@univ-lyon2.fr>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This gets rid of some more warnings.
It also corrects a noisy ne condition.
$userid = $retuserid if ( $retuserid ne '');
became
$userid = $retuserid if ( $retuserid );
It also integrates Srdjan Jankovic's patch with Petter Goksoyrsen's
patch, while correcting the problems found.
This includes:
my $q_userid = $query->param('userid') // '';
along with:
my $s_userid = '';
and:
my $s_userid = $session->param('id') // '';
Indentation does not reflect actual scoping.
A missing system preference would have triggered a ubiquitous
undef compare check failure message. This makes the flooding
message more useful, so as to help correct it.
The change to accomplish this was:
my $pki_field = C4::Context->preference('AllowPKIAuth');
if (!defined($pki_field)) {
print STDERR "Error: Missing AllowPKIAuth System Preference!\n";
$pki_field = 'None';
}
Signed-off-by: Srdjan <srdjan@catalyst.net.nz>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
During login at the Staff interface you get warnings in the logs
regarding an uninitialized value for the $pki_field variable.
To test:
- tail -f /path/to/your-intranet-logs
- Point your browser to your staff login page
- Login
- Three warnings are showed
- Apply the patch
- Log out
- Log in
- No new warnings, and you can still log in.
Sponsored-by: Universidad Nacional de Cordoba
Signed-off-by: Petter Goksoyr Asen <boutrosboutrosboutros@gmail.com>
Followed test plan; it works as advertised.
Also works when I deleted AllowPKIAuth system pref.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
A "busc" param is cleared if the template name is not opac-.*detail.tt.
So if a user adds a biblio to a list, he cannot continue to browse
results.
Test plan:
- launch a search at the OPAC (opac-search.pl).
- click on a result and browse results (using previous/next links).
- a title attract your attention and you add it to a list
("Save to yours lists" link on the right).
- save the list.
- browse again results.
Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tested according to test plan, also checked some other pages and actions
accessible from the detail page.
Passes all tests and QA script.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
In the serial module, we want to hide serials from others libraries.
However, to permit central serials manage, this patch introduces a
new permission, 'superserials'. If a staff member has this permission,
that person can override the restriction.
Test plan:
- Switch on the IndependantBranches syspref
- Add the permission 'superserials' for a patron and test you can
navigate and see all serials
- Remove this permission and test you cannot manage/view subscriptions
from others libraries
Signed-off-by: Frederic Durand <frederic.durand@unilim.fr>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
These variables still need to be exported to the template by default for
the 'prog' OPAC template to work correctly.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
The goal of this theme is to provide a fully-responsive OPAC which
offers a high level of functionality across multiple devices with varied
viewport sizes. Its style is based on the CCSR theme, with elements of
the Bootstrap framework providing default styling of buttons, menus,
modals, etc.
The Bootstrap grid is used everywhere, but Bootstrap's default
responsive breakpoints have been expanded to allow for better
flexibility for our needs.
All non-translation-depended files are in the root directory of this new
theme:
css, images, itemtypeimg, js, less, and lib. Languages.pm has been
modified to ignore the new directories when parsing the theme language
directories.
This theme introduces the use of LESS (http://lesscss.org/) to build
CSS. Three LESS files can be found in the "less" directory: mixins.less,
opac.less, and responsive.less. These three files are compiled into one
CSS file for production: opac.css. "Base" theme styles are found in
opac.less. A few "mixins" (http://lesscss.org/#-mixins) are found in
mixins.less. Any CSS which is conditional on specific media queries is
found in responsive.less.
At the template level some general sturctural changes have been made.
For the most part JavaScript is now at the end of each template as is
recommended for performance reasons. JavaScript formerly in
doc-head-close.inc is now in opac-bottom.inc.
In order to be able to maintain this structure and accommodate
page-specific scripts at the same time the use of BLOCK and PROCESS are
added. By default opac-bottom.inc will PROCESS a "jsinclude" block:
[% PROCESS jsinclude %]
Each page template in the theme must contain this block, even if it is
empty:
[% BLOCK jsinclude %][% END %]
Pages which require that page-specific JavaScript be inserted can add it
to the jsinclude block and it will appear correctly at the bottom of the
rendered page.
The same is true for page-specific CSS. Each page contains a cssinclude
block:
[% BLOCK cssinclude %][% END %]
...which is processed in doc-head-close.inc:
[% PROCESS cssinclude %]
Using these methods helps us maintain a strict separation of CSS links
and blocks (at the top of each page) and JavaScript (at the bottom). A
few exceptions are made for some JavaScript which must be processed
sooner: respond.js (https://github.com/scottjehl/Respond, conditionally
applied to Internet Explorer versions < 9 to allow for layout
responsiveness), the _() function required for JS translatability, and
Modernizr (http://modernizr.com/, a script which detects browser
features and allows us to conditionally load JavaScript based on
available features--or lack thereof).
Another new JavaScript dependency in this theme is enquire.js
(http://wicky.nillia.ms/enquire.js/), which lets us trigger JavaScript
events based on viewport size.
I have made an effort to re-indent the templates in a sane way,
eliminating trailing spaces and tabs. However, I have not wrapped lines
at a specific line length. In order to improve template legibility I
have also tried to insert comments indicating the origin of closing tags
like <div> or template directives like [% END %]:
</div> <!-- / .container-fluid -->
[% END # / IF ( OpacBrowseResults && busc ) %]
TESTING
Proper testing of this theme is no easy task: Every template has been
touched. Each page should work reasonable well at a variety of screen
dimensions. Pages should be tested under many conditions which are
controlled by toggling OPAC system preferences on and off. A variety of
devices, platforms, and browsers should be tested.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
The move avoids a problem where many modules would gain
a dependency on C4::Auth just because C4::Members needs access
to hash_password().
This patch also adds a couple unit tests for the new password
hashing code.
To test:
[1] Verify that there are no regressions on the test plan for bug
9611.
[2] Verify that t/AuthUtils.t and t/db_dependent/Auth.t pass.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
The current implementation didn't build the cookie array correctly,
yielding login problems in some scenarios.
Sponsored-by: Universidad Nacional de Córdoba
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Passing language=<valid_language_code> as a parameter in any Koha's URL
can be used to set the desired language.
This patch touches
- C4::Templates
- C4::Auth
Adds a new method getlanguagecookie that does exactly that, for use in
get_template_and_user.
Also modifies getlanguage so it checks (a) if there's a 'language'
parameter in the CGI object and (b) checks if its valid and enabled for
the desired interface.
To test:
* Without the patch
- access any koha page
- add ?language=code to the end of the URL (change code for a valid language code
it needs to be installed using perl translate install code, and enabled either for
the staff or opac interface, depending where are you testing)
- Nothing happens with the language parameter
* With the patch
- access any koha page
- add ?language=code (the same as before) and hit enter
- the language should be changed to the one you chose
- if you browse through some links, you will see
koha 'remembers' the language you passed as a parameter
(i.e. the language cookie has been updated).
Sponsored-by: Universidad Nacional de Córdoba
Signed-off-by: Brendan <brendan@bywatersolutions.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Comment: Works very well. No errors.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script.
More comments on last patch.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Small patch to make koha-qa happy.
Fixes small POD error
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
What this patch aims to accomplish?
* All new passwords are stored as Bcrypt-hashes
* For password verification:
- If the user was created before this patch was applied then use
MD5 to hash the entered password <-- backwards compatibility
- If the user was created after this patch was applied then use
Bcrypt to hash the entered password
* Any password change made via the staff interface or the OPAC will
be automatically Bcrypt-hashed; this applies to old users whose
passwords were stored as MD5 hashes previously
Test plan:
1) Add new users and check whether their passwords are stored as
Bcrypt hashes or not.
2) To test that authentication works for both old as well as new
users:
a) Login as an existing user whose password is stored as a
MD5 hash
b) Login as an existing user whose password is stored as a
Bcrypt hash
3) In the staff interface, change the password of an existing user
whose password is stored as an MD5 hash
a) Check the new password is stored as a Bcrypt-hash in the database
b) Try to login with the new password
4) In the OPAC, verify that
a) Old user with old pass can change password, new format
b) New user with new pass can change password
c) Old and new user with self-updated pass can login
Whitespace cleanup was contributed by Bernardo Gonzalez Kriegel.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Add validation of the value of the KohaOpacRecentSearches. In
particular, this patch avoids the generation of an internal server
error when the OPAC is presented with an old cookie that uses the
old Storable-based serialization.
This patch also moves parsing of the cookie value into a
new routine in C4::Auth, ParseSearchHistoryCookie, and adds
a test case.
To test (in conjunction with the previous patch):
Exercise the OPAC search history functionality, after
turning on the EnableOpacSearchHistory syspref:
- As an anonymous user, conduct a variety of searches,
including ones that include non-ASCII characters
- Check the search history and verify that all searches
are listed
- Apply this patch and the previous one.
- Do *not* clear the KohaOpacRecentSearches cookie
- Check the search history and verify that no searches
are listed any more
- As an anonymous user, conduct a variety of searches,
including ones that include non-ASCII characters
- Check the search history and verify that all searches
are listed
- Log into the OPAC
- Verify that current and past searches are listed in
search history.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
To test:
Exercise the OPAC search history functionality, after
turning on the EnableOpacSearchHistory syspref:
- Clear the KohaOpacRecentSearches cookie
- As an anonymous user, conduct a variety of searches,
including ones that include non-ASCII characters
- Check the search history and verified that all searches
are listed
- Log into the OPAC
- Verify that current and past searches are listed in
search history.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Several system preference variables are unavailable to the OPAC login
template because they are not explicitly enabled for that page. Instead
of adding them to Auth.pm using the old method this patch uses the new
system preference check syntax using the Koha TT plugin.
The following preferences are now checked using this syntax in
masthead.inc:
OpacAddMastheadLibraryPulldown
UseCourseReserves
reviewson
OpacShowRecentComments
In order for the call in masthead.inc to the new plugin to work on all
OPAC pages "[% USE Koha %]" must be added to any template which
includes it (most of them).
Also in this patch: A change to Auth.pm to enable correct display of the
LibraryName in the title of the OPAC login page.
To test, turn on the above system preferences and confirm that the
relevant links appear under the OPAC's main search bar on all pages
including the login page.
Confirm that the text specified in the LibraryName system preference is
shown as the title of the login page.
Confirm that course reserves and comments are displayed correctly on the
biblio detail page.
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
I checked both prog and ccsr - all seems well and the links are appearing and disappearing in accordance with the appropriate sysprefs.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works as described.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
If you are not logged in to the OPAC, looking at the login page, and you
click the Lists button to see public lists it says there are none. This
patch corrects Auth.pm so that it loads the list of public lists in this
situation.
To test you must have at least one public list. Make sure you are logged
out of the OPAC and visit the login page (/cgi-bin/koha/opac-user.pl).
Clicking the "Lists" button should show you a list of public shelves.
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
works as described, and list button is not shown when opacpublic is disabled.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Adjusting to reflect the removal of the branchcode parameter
to GetBranchCategories; also filter on the 'searchdomain'
library group type, as appears to have been intended.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
When clicking the login link for opac-user.pl in a multiple branch
scenario the environment variable for OPAC_CSS_OVERRIDE was ignored from
the koha-conf.xml file. It seems like is is working on every page in
the opac except for the login page.
Test Plan:
1) Set up a Koha server with 2 separate catalog configurations
( e.g. opac1.kohatest, opac2.kohatest )
2) Set the OPAC_CSS_OVERRIDE directive for separate css files
in each opac
3) Browse to the opac login page, note the css is not applied
4) Apply this patch
5) Reload the page, note the css is now applied
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Test Plan:
1) Enable IndependantBranches
2) Apply this patch
3) Run updatedatabase.pl
4) Verify that the system preference still functions correctly
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Adds a course reserves system for academic libraries.
The course reserves system allows libraries to create courses
and put items on reserves for those courses.
Each item with at least one reserve can have some of its attributes
modified while it is on reserve for at least one active course.
These attributes include item type, collection code, shelving location,
and holding library. If there are no active courses with this item
on reserve, it's attributes will revert to the original attributes
it had before going on reserve.
Test Plan:
1) Create new authorised value categories DEPARTMENT and TERM
2) Create a new course, add instructors to that course.
3) Reserve items for that course, verify item attributes have changed.
4) Disable course, verify item attributes have reverted.
5) Enable course again, verify item attributes again.
6) Delete course, verify item attributes again.
7) Create two new courses, add the same item(s) to both courses.
8) Disable one course, verify item attributes have not reverted.
9) Disable both courses, verify item attributes have reverted.
10) Enable one course, verify item attributes are again set to the
new values.
11) Edit reserve item attributes, verify.
12) Disable all courses, edit reserve item attributes, verify
the item itself still has its original attributes, verify
the reserve item attributes have been updated.
13) Verify the ability to remove instructors from a course.
14) Verify new permissions, top level coursereserves, with
subpermissions add_reserves and delete_reserves.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Corinne Bulac <corinne.hayet@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
http://bugs.koha-community.org/show_bug.cgi?id=8125
- the dateformat value is send to all templates (from
C4::Auth::get_template_and_user)
- remove all assignment of dateformat in all .pl files
- Remove "all" occurrences (those I found!) of dateformat_*
From now the only way to get the date format is a string comparaison
(dateformat == "metric")
Checked with the command:
git grep "\(dateformat_us\|dateformat_metric\|dateformat_iso\)" | grep
-v translator
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Tested all the datepickers I could find, looks good.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Decodes userid on two places in checkauth of C4/Auth.pm
Test plan:
Include some non-Latin characters in your userid (loginname). Arab, Chinese?
Login into opac and check user page.
Go to staff (no new login), check your login name at various places.
Logout, login via staff.
Do the same.
Go to opac again (no new login), check user page.
Optionally: Remove all your sessions from table. Do a login. Check sessions.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Comment: Works as described. No errors.
This patch fixes this problem, but I wonder if
there is a general solution that handle all as utf8.
Tested in opac and staff.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Bug 6554 patched output_html_with_http_headers to encode utf8 data, and Templates.pm to expect utf8 data to be encoded.
(At least) the staff login screen outputs directly to STDOUT (Auth.pm does, WHICH IS WRONG!) and wasn't fixed to do the encoding first.
This patch makes it use output_html_with_http_headers and solves the problem.
Changed 'use' for 'require' as jcamins and marcelr suggested.
Regards
To+
Sponsored-by: Universidad Nacional de Cordoba
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This patch adds the ability to add groups to the library select
pulldown on the opac, if it is enabled.
Test Plan:
1) Apply patch
2) Run updatedatabase.pl
3) Go to Administration › Libraries and groups
4) Create a new group, or edit an existing one
5) Ensure the 'Show in search pulldown' checkbox is checked
6) Save the group
7) Enable OpacAddMastheadLibraryPulldown if it is not already enabled
8) Load the OPAC, try the group search from the libraries pulldown menu
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Yes! Now this works, and well.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Adds support for custom plugins. At the moment the Plugins
feature supports two types of plugins, reports and tools.
Plugins are installed by uploading KPZ ( Koha Plugin Zip )
packages. A KPZ file is just a zip file containing the
perl files, template files, and any other files neccessary
to make the plugin work.
Test plan:
1) Apply patch
2) Run updatedatabase.pl
3) Create the directory /var/lib/koha/plugins
4) Add the lines
<pluginsdir>/var/lib/koha/plugins</pluginsdir>
<enable_plugins>1</enable_plugins>"
to your koha-conf.xml file
5) Add the line
Alias /plugin/ "/var/lib/koha/plugins/"
to your koha-httpd.conf file
6) Restart your webserver
7) Access the plugins system from the "More" pulldown
8) Upload the example plugin file provided here
9) Try it out!
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This patch removes 'insecure' system preference.
Also removes remaining code that make use of
the preference. It's broken anyway.
Only remains a reference in POD of C4/Boolean.pm
To test:
1) If you like, enable 'insecure' syspref. Broken system.
WARN: be prepared to revert value in database.
2) Apply the patch
3) Run updatedatabase.pl
4) Check that Staff login proceeds as usual.
5) Check that 'insecure' syspref is no more.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Amended patch: Remove 2 occurrences of insecure (in comment only)
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Removed NoZebra vestiges. This comprises several code blocks that depend on the NoZebra syspref and NZ related functions/methods.
C4::Biblio->
GetNoZebraIndexes
_DelBiblioNoZebra
_AddBiblioNoZebra
C4::Search->
NZgetRecords
NZanalyse
NZoperatorAND
NZoperatorOR
NZoperatorNOT
NZorder
C4::Installer->
set_indexing_engine
Sponsored-by: Universidad Nacional de Córdoba
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Comment: Solve that problem, but now koha-qa complains about tabs
in C4/Context.pm.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Tests done:
1) System preference 'Persona' added correctly.
2) Persona off, normal login still possible
3) Persona on, Persona login works
4) Persona logout works
5) normal login still possible
6) normal logout still possible
Persona is off by default and uses the primary email address
from the patron account.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Not introduced by this work but no reason not to clean it
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Comment: no more complains from koha-qa
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
And translation problem in masthead.inc
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Working on Mozilla Persona support (browser id)
This will let a user log into Koha using browser id, if their email
address used matches the email address inside Koha.
Once an assertion is received, we simply need to find the user that
matches that email address, and create a session for them.
opac/svc/login handles this part.
The nice thing about it is, the user doesn't have to do anything, like
linking their account. As long as the email address they are using to
identify themselves in browserid is the same as the one in Koha it
will just work.
This is covered by a systempreference, to allow people to do it, and
is of course totally opt in, it works alongside normal Koha (or any
other method) of login. So only those choosing to use it, need use it
Test Plan
1/ Make sure OPACBaseURL is set correctly
2/ Switch on the Persona syspref
3/ Make a borrower (or edit one) to have the email you plan to use as
the primary email
4/ Click sign in with email, make or use a persona account
5/ Logout
6/ Check you can still login and logout the normal way
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Comment: Works great.
It's not browser dependent, but tested with chrome, firefox, opera and safari.
Old an new login system works.
Minor errors, addresed in follow-up.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
- the dateformat value is send to all templates (from
C4::Auth::get_template_and_user)
- remove all assignment of dateformat in all .pl files
- the DHTMLcalendar_dateformat variable is unused
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Fixed conflicts:
- opac/sco/sco-main.pl
- reports/acquisitions_stats.pl
- tools/cleanborrowers.pl
All tests pass, perlcritic problems appeared in some files
before and after these patches were applied.
Checked sorting in following pages:
- acqui/addorderiso2709.tt - list of staged imports in acq
- acqui/histsearch.tt - sorting of dates in acq search result list
- acqui/invoices.tt - billing date in list of invoices in acq
- acqui/lateorders.tt - list of late orders in acq
- acqui/ordered.tt - ordered titles and estimated costs for a fund
- acqui/parcels.tt - receive shipment page
- acqui/spent.tt - received titles and actual costs for a fund
...
- serials-search.tt - subscription search result list
...
- opac/sco/sco-main.tt - due dates in list of checked out items
- reports/acquisitions-stats.tt - date searches, display of dates
- tools/cleanborrowers.tt
- tools.holidays.tt - different views of dates library is closed,
adding dates
Checked dates display according to system preference everywhere and
searching, entering dates etc. still worked as expected.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
The 2 files C4/Auth.pm and install.pl *must* have the $version variable
set to what is the last old-mechanism for updatedatabase
This patch set to 3.11.00001 that is the last number when I QA this patch
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
This patch use DataTable, see BUG|BZ 6836
- css/datatables.css
- lib/jquery/plugins/jquery.dataTables.min.js
- js/datatables.js
http://bugs.koha-community.org/show_bug.cgi?id=7167
Bug 7167 follow-up
Major changes:
* creating database tables for update on the fly, the 1st time the update script is called
* version is checked on mainpage.pl (and here only). If syspref Version differ from kohaversion.pl, the old updatedatabase is launched. If there are updates missing from new mechanism, the updatedatabase page is reached
* kohaversion check on each page is now useless in Auth.pm, removed dead code
* Updated installer: at the end of the process, retrieve all updates and automatically mark them "OK", as they're included in installer
Minor changes:
* adding copyright
* adding poddoc
* updating a warning, for better clarity
* switching from $$var to $var->
* small TT glitch fixed in updatedatabase.tt
* about.pl now returns the Version systempreference PLUS all the patches that have been applied
Bug 7167 follow-up perlcritic & numbers display & partial apply depending on DEBUG
* add use strict to updatedatabase, that is now perlcritic compliant
* partial apply of DB revs is now managed by DEBUG env variable = if DEBUG=0, the user can just apply every DBrev. If DEBUG=1, we're in a dev env, the user know has the option to apply DBrevs one by one
Display:
* in updatedatabase, small spelling changes
* in about.pl, remove 0 just after . (3.06.01 is displayed as 3.6.1)
* improve the display of applied numbers on about.pl
- before this patch, if you have N, N+1, N+2, N+3 and N+10 DB rev applied, about was displaying : , N+1 / N+2 / N+3 / N+10
- after this patch you have N......N+3 / N+10
* add ORDER BY into list_versions_already_knows to have number retrieved in the same order whatever the order they are applied
http://bugs.koha-community.org/show_bug.cgi?id=6679
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Improve the update.pl script
* Added CLI options to update.pl
* Call update.pl from the installer.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Now, we check versions on mainpage.pl and after login
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Reimplementing Marcel's suggestions & fixes
* Fixing the bugguy old version check (that was made against 3.0900000 instead of 3.0900027 -the last current kohaversion number
* in the CLI script, if there is nothing to report, just say it
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Bug 7167: Remove check_coherency
As suggested by Katrin, we've removed the call to check_coherency. It intended to provide readable comments when some SQL was wrong. Removing this sub result in the SQL error being displayed. That's OK because the sysadmin or the developer can google the error, understand it, then fix it.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Changing in .sql parsing
We first split on delimiter and then extract comments. You can now put
\n for delimiter comments.
ex:
DELIMITER ;
-- this is a comment
SELECT * FROM my_table;
-- another comment
Before this patch, we had to write:
DELIMITER ;
-- this is a comment;
SELECT * FROM my_table;
-- another comment;
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Add .pl and .sql examples
Those files are in version directory, so will never be executed by the updater
If you want to provide an update, do it in a 3.09/ directory (if your update is expected for 3.10 version)
Note that the updater use a md5sum checker. So, if the same update is in 2 different places, it will be detected. That will be handy for changes made on both stable and master: a library running stable will get the update when updating. When upgrading to the next major release, Koha will detect the patch has already been applied, and no error will be thrown. With the previous mechanism, a DBRev ported to stable was re-executed when upgrading to master, resulting in a nasty (but usually harmless) error message
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Improve display + factorize get_queries
Despite it's size, this patch is dealing with display questions only:
* The text "comments" and "queries" was hardcoded in ajax-updatedb-getinfo.pl script. It has been replaced by a JSON call, returning 2 separate values, "comments:" and "queries:" is now in the template, making it translatable
* Some minor tweak in the display (like putting things in bold, displaying OK in green, warnings in yellow and KO in red)
* Reordering the column headers for more readability:
* Status column is merged with availability, column is after status
* Status/availability terms more clear: "Not applied" instead of "unknown", "Applied and OK", "Applied and failed", "Applied and forced" are the 3 other statuses
* Removed one click to display comments on DBREv not yet applied: before the patch, one had to click "Show details", then "Get comments", now, "Get comments" is enough
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: FIX typos & moving a script to a proper place
* renamed availables to available
* renamed already_knows to already_applied
* fixed FSF & copyright headers
* removing a "use strict" because we already had use Modern::Perl
* fixed a tiny typo in about.tt
* moving update.pl to misc/bin because it's a CLI script
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Add dependency File::Find::Rule
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: We want to execute non-numeric version with the -all option
Dealing with Marcel comment 100:
> Note that the current code around line 52/53 does not
> handle that correctly:
> Argument "\x{74}\x{65}..." isn't numeric in numeric ge (>=) at
> installer/data/mysql/update.pl line 52.
Now, a non-numeric DBRev will be applied if you provide the --all parameter, without throwing the error
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167 reindentation & removing dead code
* The if (! defined $ENV{PERL5LIB}... block was wrongly intented
* The 3 lines running update.pl are useless: the update (new mechanism) is run from admin/updatedatabase.pl script. This part of install.pl is run only when you have "old style" DB revisions.
Summary:
* old mechanism = it's run as previously, by reaching the installer/install.pl?step=3 page, that applies all revisions
* new mechanism = when you log-in or reach mainpage.pl, you reach admin/updatedatabase.pl, where you can see what will be run, and run it
Tiny side effect = the check for old mechanism is now done *after* authentification (thus it's not done on each page call). It means that the user will have to enter login/password twice :
* first to log-in to Koha
* second to run installer/updatedatabase.pl?step=3
As the old mechanism is deprecated, we can expect this will happend only a few time in the history of a setup, it's not a big deal.
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Don't raise an error in routine TableExists
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: FIX merge
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167: Add .pl and .sql examples
Those files are in version directory, so will never be executed by the updater
If you want to provide an update, do it in a 3.09/ directory (if your update is expected for 3.10 version)
Note that the updater use a md5sum checker. So, if the same update is in 2 different places, it will be detected. That will be handy for changes made on both stable and master: a library running stable will get the update when updating. When upgrading to the next major release, Koha will detect the patch has already been applied, and no error will be thrown. With the previous mechanism, a DBRev ported to stable was re-executed when upgrading to master, resulting in a nasty (but usually harmless) error message
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Bug 7167 follow-up fix POD syntax to please koha-qa.pl
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This patch fix the order of branches in the log-in page,
on Branch.pm we added the variable branchcode to the
hash returned by GetBranchesLoop, and this function is used
on Auth.pm to get a list of branches ordered by branchname
To test
1) Use an installation with some branches
2) On login screen the branches are ordered by branchcode
3) apply the patch
4) On login screen the branches are now ordered by branchname
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
This patch works as expected. Before applying the patch the branches
with lower case was at the end of the list. Now they are well ordered.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This development will add the ability for a new patron to register
himself or herself. The self-registration will attempt to match this
newly inputted data to any existing patrons and if any possible matches
are found, ask if the patron is sure he or she doesn't already have an
account at the library. A system preference may be set to prevent patron
self-registration if the system detects the possibility that the person
may already have an account.
Once the patron has registered, passing a captcha (or similar
bot-stopper), the patron will then be optionally verified a second time
via email. At this point, the patron will be able to print a temporary
library card (optional by system preference), and will be provided any
details necessary to access electronic resources (this body of text
would be a template in the slips and notices system). At the library's
choice, this new patron would either be set to a temporary patron status
(patron type set via system preference), or a fully-fledged patron
(allow patron type to be determined by age and/or other attributes).
Assuming the library uses temporary patron types for OPAC registrations,
this patron will next enter a queue and would need to physically enter
the library to verify himself and become a fully-fledged patron (most
likely by bringing in physical proof of address, etc.). The librarian
would look up the patron record and modify the patron type. If a
temporary patron has not been verified within a certain time frame
(defined by a system preference), the patron record will be deleted
from the system via a cron job.
For registered patrons, the system will allow each person to also
update his or her personal data via the OPAC. When a patron updates his
or her information, the changes will be entered into a queue to be
verified by a librarian (preventing a patron from inputting obviously
bogus data). The staff client home page will display the number of
patron records with changes awaiting approval. A librarian would then be
able to click through a list of modification requests, and approve or
deny each (with approval and denial alerts being sent to the patron via
the standard messaging system).
NEW SYSTEM PREFERENCES
* PatronSelfRegistration
* PatronSelfRegistrationDetectDuplicates
* PatronSelfRegistrationVerifyByEmail
* PatronSelfRegistrationPrintTemporaryCard
* PatronSelfRegistrationUseTemporaryStatus
* PatronSelfRegistrationExpireTemporaryAccountsDelay
NEW NOTICE
* Verify by email notice
NEW SLIP
* Temporary card slip
NEW CRON JOB
* delete_expired_opac_registrations.pl
- Deletes patrons that have not been upgraded from the temporary
status within the specified delay
* delete_unverified_opac_registrations.pl
- Deletes the unverified patrons based on the length of time specified
in the PatronSelfRegistrationExpireTemporaryAccountsDelay
The patron will register from self_registration.pl, linked off opac-main.pl if enabled. The registration page will be translatable to other languages in the same way that existing templates are.
Test Plan:
1) Enable PatronSelfRegistration
2) Set PatronSelfRegistrationExpireTemporaryAccountsDelay to a number
of days
3) Create a self-registered borrower category
4) Set PatronSelfRegistrationUseTemporaryStatus
5) Set PatronSelfRegistrationVerifyByEmail to "Don't require"
6) Go to OPAC, log out if logged in.
7) You should see the "Register here" link below the login box
8) Attempt to register yourself
9) Verify you can log in with your temporary password.
10) Set PatronSelfRegistrationVerifyByEmail to "Require"
11) Attempt another self-registration
12) Check the messages table, you should see a new message with a
verification link.
13) Copy and paste the link into a web browser to verify the registration
14) Log in with the given credentials to verify the account was created.
Test Plan - Part 2 - Borrower Modifications
1) Log in to OPAC, go to "my personal details" tab.
2) Make some modifications to your details.
3) Repeat steps 1 and 2 for two more borrowers.
4) Log in to Koha intranet with a user that can modify borrowers.
5) At the bottom of mainpage.pl, you should see:
Patrons requesting modifications: 3
6) Click the link
7) Approve one change, deny a different one, and ignore the third, then
submit.
8) Check the records, you should see the changes take affect on the
approved one, and no changes to the other two. You should also see
"Patrons requesting modifications: 1" at the bottom of mainpage.pl
now.
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Bug 7067 - OPAC Borrower Self Registration - Followup
* Rename PatronSelfRegistrationUseTemporaryStatus to PatronSelfRegistrationDefaultCategory
* Hide register link unless PatronSelfRegistrationDefaultCategory is set.
* Add invalid token page
* Add documentation and switches to cron scripts
* Add required fields check for editing exiting patrons
* Don't force require email address for existing patrons when
PatronSelfRegistrationVerifyByEmail is enabled.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Passed-QA-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Found three cases where variables were being
referenced which did not (in each case) exist. Adding
checks for those variables' existence.
Errors appeared when logged in and viewing a detail
page in the OPAC.
Revision simplifies logic as per RM suggestion.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
If the syspref OpacMaintenance is ON, it is useless to loaded the
requested page.
To test:
- switch on the syspref OpacMaintenace
- check in your apache access log, zebra log, etc. the requested page is
not loaded (i.e. on the opac-search.pl page)
Signed-off-by: Marc Veron <veron@veron.ch>
Checked by watching other_vhosts_access.log
Works as expected
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
A subroutine was not being imported by C4::ImportBatch (ironic, no?)
so this patch makes the call fully-qualified. This patch also cleans
up two warnings in C4::Auth that are raised when logged in as the
database user.
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Tested standard login, patron auto-complete, and system preferences.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Added the following missing code to ensure the correct icon
is used when logged out:
IntranetFavicon => C4::Context->preference('IntranetFavicon')
This was added into an existing $template->param() call.
Not to be confused with the koha logo on the login page, the
icon is a 16x16 pixel graphic in the browser tab. The default
is found at .../intranet-tmpl/prog/en/includes/favicon.ico.
If the "IntranetFavicon" system preference is set, it should be
used by the staff client regardless of login state. It was not
being used in the "AUTH rejected" section of Auth.pm, but the
OpacFavicon variable was being set. This explains why the
"OpacFavicon" system preference works for the OPAC client, but
not the staff client upon logout.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Subroutine prototypes used at line 561, column 1. See page 194 of PBP. (Severity: 5)
Bareword file handle opened at line 606, column 5. See pages 202,204 of PBP. (Severity: 5)
Two-argument "open" used at line 606, column 5. See page 207 of PBP. (Severity: 5)
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
This patch reintroduces 'use warnings' in C4/Auth.pm.
Keep attentive to new warning messages in your log
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This patch adds the following system preferences:
* OpacMainUserBlockMobile - alternate content for the MainUserBlock for
mobile
* OPACMobileUserCSS - custom CSS for mobile views only
* OpacShowFiltersPulldownMobile - whether or not to show the index
dropdown on the mobile view
* OpacShowLibrariesPulldownMobile - whether or not to show the library
dropdown on the mobile view
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This patch removes the AmazonReviews and AmazonSimilarItems
features from the OPAC and staff client. With on Amazon
feature remaining, cover images, the *AmazonEnabled preference
is also removed in favor of checking the *AmazonCoverImages
preference. Two other system preferences, AWSAccessKeyID and
AWSPrivateKey are removed as they were required only by the
removed features.
Handling of book cover images from Amazon is unchanged.
Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>
Turned on amazon covers in opac and staff client and all
worked as expected. Then tested to make sure other cover image
services still worked and they do.
Signing off.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This patch makes the use of opaccolorstylesheet and opaclayoutstylesheet more consistent. They may be: 1) just a file name, 2) a complete local path or 3) a full URL starting with http: for a remote css file.
This makes the syspref opacstylesheet that was only used for a remote css file obsolete.
June 20, 2012 Rebased.
July 18, 2012: Regex allows https too (thanks to Owen Leonard).
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
