Commit graph

15 commits

Author SHA1 Message Date
f1c150c98f Bug 22451: Use Asset everywhere
Test plan:
Use installer and onboaarding tool, make sure the js and css files are
loaded

Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-16 13:17:32 +00:00
9ceb745fb2 Bug 20658: Move template JavaScript to the footer: Installer and onboarding
This patch updates the installer and onboarding templates so that
JavaScript is included in the footer instead of the header. A new
include file is added, installer-intranet-bottom.inc, so that only
required JS is being loaded.

Some markup changes are included to improve validity.

To test, apply the patch and start with a blank Koha database. Run
through the installer and onboarding processes and confirm that there
are no problems. Check especially JS-related interactions like
datepickers and fields which are validated via JS, like the password
inputs.

NOTE: The qa tool will flag this patch for not using the Asset plugin,
but it doesn't work correctly for installer files.

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-15 19:44:45 +00:00
Jonathan Druart
dcd1f5d48c Bug 13618: Add html filters to all the variables
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.

This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.

To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags

- Remove them from borrower_debarments.comments (there are allowed here)
update  borrower_debarments set comment="html tags possible here";

- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)

Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:05 +00:00
c24abd7dc1 Bug 20189: Fix style on installer and onboarding pages
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-13 12:57:21 -03:00
0ad922011c Bug 12904: Force browser to load new javascript files after upgrade
This patch has been automatically generated using:
  perl kv.pl **/*.tt **/*.inc

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
2018-02-08 14:53:24 -03:00
Te Rauhina Jackson
f37ebd0f76 Bug 19221: Onboarding tool says user needs to be made superlibrarian
I changed the "To give new patron superlibrarian permissions go to:"
message to "To edit patron permissions, go to:". Please clarify if this
is clearer or not.

Test plan:
1) Apply patch
2) Go through the web installer
3) At the create koha administrator patron step, notice that at the
   bottom, there is a message saying "To edit patron permissions, go
   to:"

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-01-19 15:50:31 -03:00
6ea21c395a Bug 19514: Add client-side check
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-14 16:58:13 -03:00
Marc Véron
79338bde3e Bug 18649: Translatability: Get rid of tt directive in translation for admin/categories.tt and onboardingstep2.tt
New patch without trailing IF construction in tt directives as
requested in comment #28

To test: Verify that translation tool no longer shows tt directives as
described in comment #1

New patch, needs SO.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-30 16:43:35 -03:00
Marc Véron
17fd5a4ffb Bug 18702: Translatability: Get rid of exposed if statement in tt for translated onboardingstep2.tt
The file onboardingstep2.tt exposes the following to translations:

"[%% IF (categories && categories.count > 1 ) # This if statement checks if "
"the categories variable handed to this template # by onboarding.pl has data "
"in it. If the categories variable does have data # in it this means that the "
"user has previously imported sample patron category # data and so we do not "
"need to show them the create patron category screen 1, #instead we can "
"display a screen with ubtton redirecting the user to step 3 %%] "

Translators should not be confronted with such internals. This patch removes it

To test:
- Verify that code change makes sense
- Run QA tools
- Bonus test: Create a new "language" aa-AA and verify that the lines above
  are no longer exposed.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-06-05 16:35:23 -03:00
1832b315e7 Bug 17942 [Follow-up] Update style of the web installer with Bootstrap 3
This patch makes changes following QA comments:

- Login error messages now have a style
- Select all/Select none links should now be translatable
- Date format hint now correctly detects date format preference
- Unused JS is removed from onboarding.js

This patch also modifies the 'category_code_check' validation method to
allow numbers as well as letters.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-05-09 20:54:31 +00:00
f5fc081265 Bug 17942: Remove type for messages
It it no longer in used by the templates.

Also add the include files for step5 (if the circ rule is not inserted)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-05-09 20:54:31 +00:00
6596513d4b Bug 17942 - Update style of the web installer with Bootstrap 3
This patch makes style and markup changes to the web installer and new
onboarding tool (Bug 17855).

- Markup has been corrected, improved, and in many places reindented.
- Some page titles have been made more specific.
- Some JavaScript and CSS have been moved to separate files.

In the onboarding tool I have removed form validation from the markup
and JavaScript in many cases where the requirements were not matched
elsewhere in Koha. For instance, we shouldn't limit item type
descriptions to only letters because the database doesn't require such a
limit.

To test, apply the patch and run the web installer with an empty
database. Confirm that the installation process completes correctly and
that each page looks good and works correctly.

Works as advertised
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-05-09 20:54:30 +00:00
45a35f1ecc Bug 17855: Simplify the onboarding tool
This patch should not modify a lot the behaviours of the onboarding
tool.
Its goal is mainly to remove duplicated as well as useless (because
copy/pasted from existing script files) code.

It assumes that the onboarding tool will be done on an empty database
and will skip steps that are not needed. For instance if a library
already exists, the first step will be skipped.

One of the main problem was the lack of feedback messages sent to the
user when something wrong/ok happened.

Explanation on main changes:
1. Use checkauth first, then get_template_and_user
=> As we do not know the template to use, it's better to use checkauth
first to know if the user is logged in, then retrieve the template we
need, depending on the success or the failure of the action
2. Create a @messages variables
Pushing messages to this variable and handling the messages via an
include files (onboarding_messages.inc) simplify error handling. Note
that we could remove this include file if we merge all the
onboardingstepX.tt files altogether
3. Simplify creation of the admnistrator user
This patch removes some unecessary checks done on the user's info
(passwd to short, mandatory fields

Todo (minor): Add style to feedback messages

Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-04-28 08:36:20 -04:00
a8935fdea2 Bug 17855 - Followup patch following requests in comments 176 and 177
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-04-28 08:36:19 -04:00
0492fcf87f Bug 17855: Onboarding tool
Tested 3 patches together on current master
- Dropped database
- Recreated database
- Went through installer
- Language en, Marc21
- Installed mandatory data only
- Went through Onboarding tool
- After finishing, logged in as superlibrarian
  that was created by onboarding tool
Everything worked fine.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-04-28 08:36:19 -04:00