Commit graph

311 commits

Author SHA1 Message Date
08396d4b2f Bug 27420: Use object accessor for $attr_type->class()
We introduced a bug in the patron attribute forms with bug 5161.

Test plan
1/ Create two PA_CLASS authorized values
2/ Create two corresponding patron attribute types referencing the above
classes.
3/ Edit a patron, both attributes should appear within their own
fieldsets at the bottom of the member entry form.
4/ Set a value for the first of the two patron attributes and save
5/ Edit the patron again, note that the first attribute no longer
resides within it's own fieldset
6/ Apply the patch
7/ Edit the patron again, note that the first attribute now resides
inside it's own fieldset again
8/ Signoff

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-01-19 15:31:55 +01:00
Julian Maurice
96cc447045 Bug 25898: Prohibit indirect object notation
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-15 12:56:30 +02:00
Agustin Moyano
5848da810e Bug 23816: Add minimum password length and require strong password overrides by category
This patch adds the capability to override minPasswordLenth and RequireStrongPassword settings by category

To test:
1. koha-shell kohadev
2. koha-mysql kohadev

3. drop database koha_kohadev;
4. create database koha_kohadev;

5. go to admin page and start webinstaller. There continue the steps until onboarding.
6. reach step 3 of onboarding and create a new administrator patron
CHECH => Password control woks as normal (Minimum length 3 and strong required)

7. finish Koha installation and enter admin with your new administrator
8. set minPasswordLength to 3 and RequireStrongPassword to “Don’t require”
9. Create a new category (CAT2 from now on.. CAT1 is the category you made in onboarding process) and set minimum password length to 8 and require strong password
10. Create two new patrons, one with CAT1(patron1) and one with CAT2 (patron2)
CHECK => In both cases, try different combinations of length and strength. For patron1 the only requirement is to have 3 letters, but for patron2 the minimum length will be 8 and will require strong password.
CHECK => Try changing patron category before saving. Password requirements will change with category change.

11. Edit CAT1 and set minimum password length to 5
12. Go to patron1 details page, and change password.
CHECH => Now password minimum length is 5, but still it doesn’t require strong password

13. Edit CAT1, leave blank minimum password length and set require strong password to yes.
14. Go to patron1 details page, and change password.
CHECH => Password minimum length is back to 3, but now strong password is required

15. Set minimum password length in CAT2 to 12.
16. Go to patron2 details page, and click to fill a random generated password
CHECK => generated password should be 12 characters length

17. Set PatronSelfRegistration to Allow in admin settings
18. Go to OPAC and fill self registration from.
CHECK => Play with patron category. For each change in category, password requirements are modified.
CHECK => Set CAT1 as patron category, set ‘aA1’ as password (or another valid password for CAT1) and before hitting submit button, change to CAT2. Form should enter invalid state, and CAT2 password requirements should be displayed as error in password input.

19. Create a patron for CAT1 and another for CAT2, leaving password blank
CHECK => For CAT1’s patron, generated password length is 8 (minimum length for generated passwords), but for CAT2’s patron should be 12

20. In admin set PatronSelfRegistrationVerifyByEmail to require
21. Fill self registration form again with CAT2 as category
CHECK => Password requirements works as previous case.
22. Leave password blank and click submit

23. select * from message_queue;
24. Copy the link in the message and paste it in OPAC
CHECH => Generated password is 12 characters long. (Copy user id for next steps)

25. In admin set OpacResetPassword to Allow
26. Go back to OPAC, reload and click on “Forgot password?” link
27. Paste user id and click submit
28. Repeat steps 23 and 24
CHECK => Info message says “Your password must contain at least 12 characters, including UPPERCASE, lowercase and numbers.”
CHECK => enter an invalid password and you’ll get the same message in warning.

29. Login OPAC with the last user and your newly created password
30. Go to “Change your password” option
CHECK => Info message says “Your password must contain at least 12 characters, including UPPERCASE, lowercase and numbers.”
CHECK => enter an invalid password and you’ll get the same message in below “New password” input.

31. prove t/db_dependent/AuthUtils.t t/db_dependent/Koha/Patron/Category.t

32. Sign off

Sponsored-by: Northeast Kansas Library - NEKLS

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-09 15:39:52 +02:00
638786e719 Bug 24663: Remove authnotrequired if set to 0
It defaults to 0 in get_template_and_user

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-03 10:40:35 +02:00
9524c1d761 Bug 23634: (follow-up) Prevent updates on POST
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-02 15:40:55 +02:00
087af360cc Bug 23634: Prevent non-superlibrarians from editing superlibarian emails
This patchset prevents a non-superlibrarian user from editing a
superlibrarians email address via memberentry.  This is to prevent a
privilege escalation vulnerability whereby a user could update a
superlibrarians contact details to match their own and then request a
password reset via the OPAC.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-02 15:40:55 +02:00
883e86a571 Bug 6725: Make patron duplicate matching flexible
This patch adds a new system preference PatronDuplicateMatchingAddFields
to list the patron's attributes to use for deduplication.
The default value is surname, firstname and dateofbirth to keep existing
behaviour.

Test plan:
0. Apply the patch and execute the update DB entry
1. Create a new patron with surname, firstname
2. Create another patron with the same surname, firstname values
=> Confirm you get the duplicate warning
3. Modify the syspref to edit the list of attributes used to dedup
4. Repeat 1 and 2 with different values and confirm that you get the
behaviours you expect

Note: This is only impacting the add patron form from the UI, not the
import patrons tool.

Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-08-18 17:39:48 +02:00
David Roberts
66e70c9201 Bug 25364: Add "Other" to the gender options in a patron record
This patch adds "Other" as an option, and also changes the wording of
"None specified" slightly.

To test:

1) Apply the patch
2) Check that there is an "Other" radio button in the patron record, and
that the wording of "None specified" has changed to "None specified /
Prefer not to say".
3) Check that you can save changes to the gender of this patron record,
both on create and modify.
4) Check that these changes also work in the Opac Self-Registration
functionality.

Correct typos in previous commit

Signed-off-by: Devinim <kohadevinim@devinim.com.tr>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-08-18 17:39:48 +02:00
810972db7a Bug 22844: Make the attribute mandatory when editing a patron
Note: I am not confident with this patch, I think it's not polished. I
will not have time to improve it to make it ready for 19.05.00
1. Conflict with bug 20443 (which would have make this change way much
easier!)
2. It does not work :) You will be able to submit the memberentry form
even if the patron attribute is marked as mandatory (??)
3. What about the OPAC?
4. What about repeatable fields? We certainly will need JS code here
5. What about the "Quick add" feature? (I had trouble in the past to not
introduce regression when we played with this template...)

Do not forget to run updatedatabase.pl and regenerate DBIC schema if you
want to play with this patchset.

Signed-off-by: David Nind <david@davidnind.com>

Bug 22844: (follow-up) Make the attribute mandatory when editing a patron

Previous patch forgot the most important, adding the required attribute
to the select/textarea

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-07-20 16:08:22 +02:00
Petro Vashchuk
029f41a667 Bug 25322: fix for not selected "relationship" defaults to father
When a user creates a patron's guarantor on /cgi-bin/koha/members/memberentry.pl but doesn't select the relationship from a dropdown, the relationship defaults to first value, which in default sysprefs is "father". This may or may not be correct as this is not a conscious choice from the user.

The solution is to make the "Relationship" field mandatory when there is no empty entry in the system preferences, always starting with an empty option but not allowing the user to save an empty entry.
And if there is an empty option in sysprefs, it allows to save empty, as well as makes it default choice.

To reproduce with default system preferences:
    1) Create a new patron who is assumed to have a guarantor or modify the existing one.
    2) Under "Guarantor Information" click on "Search to add" button. After performing the search, select a user to act as guarantor. Don't use the dropdown menu to select a relationship. Save your changes.
    3) Observe that relationship is set as "father".
    4) Apply the patch.
    5) Repeat steps 1 and 2.
    6) Observe that it doesn't allow you to save the form until you pick a relationship type.

To reproduce with empty entry added to system preferences:
    1) Add an empty entry to borrowerRelationship at /cgi-bin/koha/admin/preferences.pl?tab=patrons in Patron relationships section (example: "|father|mother").
    2) Create a new patron who is assumed to have a guarantor or modify the existing one.
    3) Under "Guarantor Information" click on "Search to add" button. After performing the search, select a user to act as guarantor. Don't use the dropdown menu to select a relationship. Save your changes.
    4) Observe that relationship is set as "father".
    5) Apply the patch.
    6) Repeat steps 1, 2 and 3.
    7) Observe when you save the empty entry it does set the relationship as empty.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-06-29 12:37:02 +02:00
185d88bac6 Bug 20443: (follow-up) Remove C4::Members::AttributeTypes 2020-05-07 17:05:32 +02:00
b3e3067731
Bug 25311: Better error handling when updating a patron
Same as the precedent patch for patron's modification

Test plan is identical but with an existing patron

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-04 08:38:46 +01:00
580e6fabff
Bug 25311: Better error handling when creating a patron
This is still not ideal but brings a bit of enhancement.

One possible problem is that the patron creation will fail if the
streetnumber field is too long (borrowers.streetnumber is varchar(10).

Test plan:
0. Don't apply this patch
1. Create a new patron with a streetnumber longer than 10 characters
2. Save
=> The patron has not been created and the app explodes
The error is about extended_attributes and not meaningful
Can't call method "extended_attributes" on an undefined value at /kohadevbox/koha/members/memberentry.pl line 560
3. Apply the patch
4. Repeat 1. and 2
=> You get a warning on the interface and you still see the creation
form
5. Check the logs
=> The error is meaningful
"Data too long for column 'streetnumber'"

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-05-04 08:38:35 +01:00
866c6850e0
Bug 5161: Keep patron's attributes on warning/duplicate
When a patron is added or modified and a warning appears (duplicate,
inconsistent data, etc.) the form lost the patron's attributes.

Test plan:
Create some attribute types for patrons
Create a new patron, use an userid that already exists and fill the attributes
=> You get a warning and the attributes are kept
Modify the userid and save again
Edit the same patron
Modify the attributes, as well as the userid (to get the duplicate warning)
=> You get a warning and the attributes are kept with the modified
values
Modify the userid and save again
=> The new values are saved
Edit the attributes from the detail page (so not with the full edit form)
Modify them and save
=> The new values are saved

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-04-27 11:28:46 +01:00
dd0d2fa1c9
Bug 22534: Added syspref for defining what guarantee fields are pre filled
Librarians should be able to define what sections in member entryfields in 'Main address',
'Contact' and 'Alternate contact' in member entry form for guarantee's are pre-filled from guarantor's record

The 'Guarantor surname, 'Guarantor first name' and 'relationship' fields
in the 'Contact' section should not be filled from guarantor patron
record as those fields are intended for guarantor's without patron
records in Koha.

Test plan:
1. On an adult patron's record (which has all fields filled out in the
'Main address', 'Contact' (Except for 'Guarantor surname', 'Guarantor
first name', and 'relationship'), 'Alternate address', and 'Alternate contact') select 'Add guarantee'

2. Observe:

* Fields in 'Main address' are all automatically pre-filled
from guarantor record

* Fields in 'Contact' (except 'Guarantor surname', 'Guarantor firstname'
and 'relationship') are all automatically pre-filled from guarantor
record

* Fields in 'Alternate address' (except for Contact note) are pre-filled from guarantor record

* None of the fields in 'Alternate contact' are pre-filled from guarantor

4. Apply patch

5. Run database updates
cd installer/data/mysql
sudo koha-shell <instancename>
./updatedatabase.pl

6. Restart plack:
sudo koha-plack --restart <instancename>

7. Go to Administration > Global system preferences and search for the
new PrefillGuaranteeField system preference

8. Observe this syspref contains checkboxes and the following are
selected by default:
Contact - Primary email
Contact - Primary phone
Main address - Address
Main address - City
Main address - Country
Main address - State
Main address - ZIP/Postal code
Main address - street number

Please note: 'Contact - Guarantor surname', 'Contact - Guarantor first
name', Contact - relationship' are not in PrefillGuaranteeField syspref
as they are for non Koha patrons and so should not be pre-filled from a Koha
patron.

9. Repeat step 1 and observe the following fields are prefilled from guarantor:
In Main address section -
streetnumber
address
city
state
zipcode/postal code
country

In Contact section -
Primary phone
Primary email

10. In the PrefillGuaranteeField syspref click '[Select all]' checkboxes

11. Repeat step 1 and observe all fields in 'Main address', 'Contact'
(except Guarantor surname, Guarantor first name, and relationship),
Alternate address and Alterate contact are filled from guarantor record.

i.e. The values in guarantor's 'Alternate address' fields fill the
guarantee's 'Alternate address' fields

12. Change a few of the prefilled field values and 'Save' and observe your changes
have been saved in addition to the unaltered pre-filled values in other
fields

13. Amend PrefillGuarantee field syspref to have no checkboxes selected

14. Repeat step 1 and observe none of the fields in Main address,
Contact, Alternate address and Alternate contact are pre-filled

15. Run tests:
sudo koha-shell <instancename>
prove xt
prove t

Sponsored-by: Waitaki Distict Council, NZ
Signed-off-by: Sally <sally.healey@cheshiresharedservices.go.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-04-06 10:44:23 +01:00
47f9ec9446
Bug 24476: Allow patrons to opt out of auto-renewal
To test:
1 - Verify on staff side that patron can be edited to opt in our out of auto renewal
2 - Check out some items to a patron opted in to auto renewal
3 - Ensure the items are checked out and set to autorenew
4 - Login on the opac at the patron
5 - Verify items cannot be renewed as scheduled for auto-renewal
6 - On staff side, opt patron out of auto renewal
7 - Verify on opac items are no longer marked for auto renewal
8 - Run the auto renewal cron job, items are not renewed
9 - Set 'no renewal before' to a setting that would prevent renewal
10 - Verify that opting patron in or out of auto renewal changes only the reason items cannot be renewed
11 - Set 'no renewal before' to a setting that would allow for renewal
12 - Verify that opting patron in/out changes their ability to renew
13 - Verify that when opted out cron does not renew
14 - Verify that when opted in the item is auto renewed
15 - Reset the due date, opt out, verify manual renewal succeeds

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-24 11:23:47 +00:00
fc430529c1
Bug 20443: Fix creation of new patron with attributes
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-23 13:49:23 +00:00
7e1be8d385
Bug 20443: Use search_with_library_limits for attribute types
Dealt with that previously in the module during the rebase.
It conflicted with bug 23281.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-23 13:49:22 +00:00
e37bfe3e4b
Bug 20443: Remove extended_attributes_code_value_arrayref AND C4::Members::Attributes
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-23 13:49:22 +00:00
37e634bb5b
Bug 20443: Remove C4::Members::AttributeTypes
We do no longer need this package, we can use
Koha::Patron::Attribute::Types directly instead.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-23 13:44:41 +00:00
f1d210019b
Bug 20443: Move C4::Members::AttributeTypes::GetAttributeTypes to Koha::Patron::Attribute::Types
We can then now start to move methods from C4::Members::AttributeTypes
as well.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-23 13:44:35 +00:00
5dd44a8f08
Bug 20443: Remove CheckUniqueness
There is already a method in Koha::Patron::Attribute to check the
uniqueness constraint, let us it to replace CheckUniqueness

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-23 13:44:30 +00:00
ccfc6572f7
Bug 20443: Remove UpdateBorrowerAttribute and SetBorrowerAttributes
This patch replace Koha::Patron->get_extended_attributes with
->extended_attributes
It's now a getter a setter method.

It permits to replace UpdateBorrowerAttribute and use
create_related from DBIx::Class

Notes:
* We face the same variable names difference than in a previous patch
(value vs attribute)

Bug 20443: Remove SetBorrowerAttributes

squash  + RM get_extended_attributes

 RM get_extended_attributes

SQUASH Bug 20443: Remove UpdateBorrowerAttribute and SetBorrowerAttribute

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-23 13:44:16 +00:00
9707167a48
Bug 20443: Move GetBorrowerAttributes to Koha::Patron->extended_attributes
The GetBorrowerAttributes subroutine return the attributes for a given
patron.

Using get_extended_attributes we can acchieve it easily. The problematic
here is to restore the method's name (value vs attribute,
value_description vs description of the authorised value, as well as
display_checkout that should not be a method of Attribute, but
Attribute::Type instead)

value_description was used when the attribute types were attached to an
authorised value category. To avoid the necessary test in template and
controller there is now a $attribute->description method that will
display either the attribute's value OR the value of the authorised
value when needed. We should certainly use this one from few other
places.

Notes:
* This patch rename Koha::Patron->attributes with Koha::Patron->get_extended_attributes.
It will be renamed with Koha::Patron->extended_attributes in ones of the next
patches when it will become a setter as well.
* GetBorrowerAttributes did not care about the library limits, we still
do not
* The opac_only flag was not used outside of test, we drop it off.
* To maintain the existing behavior we add a default order-by clause to
the search method [code, attribute]
* From C4::Letters::_parseletter we always display the staff description
of the AV, There is now a FIXME to warn about it
* FIXMEs are not regressions, existing behaviors must be kept
* TODO add a new check to bug 21010 to search for inconsistencies in
patron's attributes attached to non-existent authorised values
* One test has been updated in Modifications.t, order_by is now
by default set to ['code', 'attribute']

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-23 13:39:25 +00:00
20b38829ce
Bug 23808: (follow-up) Object methods can be used directly, no need for unblessed
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-20 15:25:41 +00:00
6fc82e008c
Bug 23808: Pre-fill guarantor fields when adding guarantee to guarantor
Bug 14570 removed the guarantor pre-fill functionality when selecting
'Add guarantee' to an Adult patron. This is because guarantor
information would now only display if (1) the patron record exists
(which it won't when first adding guarantee to guarantor record) and (2)
if there is already a guarantor added to a guarantee

This patchfix will pre-fill guarantor fields and address fields (so the guarantee
has the same address as the guarantor) if no relationship (existing
guarantor data exists) and a guarantor_id is handed to memberenty.pl in
URL when clicking 'Add guarantee' button on Adults patron record.

Test plan:
1. Add adult patron make sure to fill in their 'Main address' details
2. Select 'Add guarantee'
3. Observe no details of the adult patron are displaying in the
   'Guarantor information' section or 'Main address' sections of memberentry.pl
4. Select 'Search to add', search for your adult patron and choose
  'Select' to add them as guarantor
5. Fill out rest of memberentry.pl and 'Save'
6. Observe adult is showing as the guarantor
7. Apply patch
8. Run tests:
   sudo koha-shell <instancename>
   prove xt
   prove t
9. Confirm tests pass
10. Return to your adult patron
11. Select 'Add guarantee'
12. Observe in 'Guarantor information' and 'Main address' sections of
    memberentry.pl are pre-filled with the 'patron #' (borrowernumber),
    surname, firstname and street number, address, address2 (if you
    filled that in on adults account), city
13. Fill out the rest of memberenty.pl and save and confirm your adult
    patron is showing as the guarantor and the pre-filled address details
    have been saved and are showing
14. Repeat steps 10,11 and 12 and in the 'Guarantor information' select
    'Search to add' and add another adult as guarantor
15. Fill out the rest of memberentry.pl and 'Save' and notice with this
    patch applied you can still add multiple guarantors successfully

Sponsored-by: South Taranaki District Council, NZ
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: George Veranis <gveranis@dataly.gr>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-20 15:20:47 +00:00
Julian Maurice
0e73e723ef
Bug 19809: Re-allow to call Koha::Objects::find in list context
and remove 'scalar' keyword in calls where it's not needed.

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-01-23 10:27:28 +00:00
eaee34f47a
Bug 24018: Remove die "Not logged in"
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-01-20 14:03:49 +00:00
7f6f4f3c68
Bug 24113: guarantor info lost when a duplicate is found
When a patron is created with a guarantor but a duplicate is found (or any other warnings I guess) the guarantor's info are lost.

This patch improves on previous functionality by retaining the select guarantor relationship as well.

Test Plan:
1) Create a new child with a name already used, add a guarantor
2) Attempt to save, no the guarantor is not shown when the editor is redisplayed
3) Apply this patch
4) Restart all the things!
5) Repeat 1
6) Note the guarantor is retained and the relationship is as well!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-11-27 07:51:04 +00:00
3ab5d3b125
Bug 14570: Remove wrong parameter in add_guarantor call
This patch just removes an unused parameter.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-08-20 16:06:06 +01:00
Agustin Moyano
53b3ebe9d0
Bug 14570: (follow-up) fix qa FAIL tests
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-08-20 16:05:14 +01:00
109334102f
Bug 14570: Make it possible to add multiple guarantors to a record
This patch adds the ability to set an unlimited number of guarantors
for a given patron. As before, each guarantor may be linked to another
Koha patron, and all the behavior that applies to a given guarantor
remains the same.

Test Plan:
 1) Apply this patch
 2) Run updatedatabase.pl
 3) Find some patrons with guarantors, verify the still have their guarantor
 4) Test adding and removing guarantors on a patron record, both Koha users and not
 5) Verify the "Add child" button works
 6) Verify NoIssuesChargeGuarantees still works
 7) Verify tools/cleanborrowers.pl will not delete a guarantor
 8) Verify the guarantors are displayed on moremember.pl
 9) Verify the guarantor is removed by members/update-child.pl
10) Verify the guarantor is removed by misc/cronjobs/j2a.pl
11) Verify import patrons converts guarantor_id, relationship, contactfirstname,
  and contactsurname into a guarantor
12) prove t/Patron.t
13) prove t/db_dependent/Circulation.t
14) prove t/db_dependent/Circulation/NoIssuesChargeGuarantees.t
15) prove t/db_dependent/Items.t
16) prove t/db_dependent/Koha/Patrons.t
17) prove t/db_dependent/Members.t
18) prove t/db_dependent/Patron/Relationships.t

Signed-off-by: Kim Peine <kmpeine@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-08-20 16:04:48 +01:00
fa390ca232
Bug 23199: Koha::Patron->store must check 'uppercasesurname' syspref
Test plan:
1/ set uppercasesurname to 'Do'
2/ register a new patron using the REST API with lowercase surname
3/ verify the surname is not saved in uppercase
4/ apply patch
5/ repeat 2
6/ verify the surname now is saved to uppercase

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-07-05 08:43:44 +01:00
8947d5939f
Bug 23082: Fatal error editing a restricted patron
In members/memberentry.pl we have to explicitely remove the template's
params that are not patron's attributes.

Certainly caused by
  commit 1bb6cec902
  Bug 20287: Fix update of patrons, clean the data before ->store

Test plan:
Create a restriction for a patron
Edit patron's details
Remove the restriction
=> Without this patch you get "No property remove_debarment for
Koha::Patron"
=> With this patch applied the restriction is removed

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-06-25 16:49:16 +01:00
Pasi Kallinen
f3358e97c8
Bug 22910: Do not copy unique patron attributes to duplicated patron
When creating a new patron by duplicating another, all of the patron
attributes are also copied into the form. Some of those value may be
unique, so don't copy those.

1) Create patron attribute types, one with "unique identifier", one without.
2) Create or a patron so it has values in both of those attributes.
3) Duplicate the patron
4) The edit form should retain the values from the "original" patron.
5) Apply patch.
6) Duplicate the patron - this time the attributes with unique values
   are cleared.

Signed-off-by: Pasi Kallinen <pasi.kallinen@koha-suomi.fi>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-06-06 16:03:26 +01:00
Kris Sinnaeve
086a0007d2 Bug 22139: Fields of ACCTDETAILS email not populating
To test:
* Make sure AutoEmailOpacUser is set to "send"
* Create a new patron with a username and password, and an email address
* In Kohadevbox, check the mail (usually you can type "mail" and go down
to the last message) - these do not go into the message queue and they
are processed immediately.
notice that the email does not have
<<borrowers.title>> <<borrowers.firstname>> <<borrowers.surname>>

Apply this patch, restart the things, retest as above.

Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-18 09:56:43 +00:00
4fe300dec1 Bug 12159: Fix getting extended patron attributes for circ-menu
Changes:
- Replace getting preference ExtendedPatronAttributes by Koha.Preference
in templates
- Add Koha::Patron->attributes for getting patrons extended attributes
- Use this method in circ-menu.inc
- Remove getting attributes from members perl scripts

Test plan:
0) Apply the patch
1) Add some patron attributes type - with free text, authorised value,
    limited by libraries...
2) Add some values to this attributes for some patrons
3) Go through as many patron pages as you can and confirm that
attributes are shown at side panel when they shoul and are not shown
when they should not be shown

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Removed Koha/Schema/Result/BorrowerAttribute.pm
[EDIT] Added missing semicolon on L114 in Koha/Patron/Attribute.pm

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 13:05:22 +00:00
0f83ac98c7 Bug 22253: Check we actually need to update the password
This patch makes memberentry.pl check if password needs to be updated
before attempting to call set_password. Above this there's a check that
won't raise any errors if no password is passed, or the default string (****) is received.

So we could reach that line of code with no password, but the code
wouldn't check that.

To test:
- In master, edit any patron without changing the password
=> FAIL: It raises an exception
- Apply this patch
- Edit the patron withtout changing the password
=> SUCCESS: Edit successful
- Edit the patron, changing the password
- Try to login with the new password
=> SUCCESS: The password got changed correctly
- Sigh off :-D

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-04 13:44:29 +00:00
b990b953b3 Bug 21993: Display a user-friendly message when the CSRF token is wrong
Instead of dying!

Test plan:
Assuming you have a patron with borrowernumber=51 and another one that
can be deleted with borrowernumber=42

- authorities-home.pl
 * Delete an authority record
 * hit /cgi-bin/koha/authorities/authorities-home.pl?op=delete

- basket/sendbasket.pl
 * Send a basket to someone
 * hit /cgi-bin/koha/basket/sendbasket.pl?email_add=1

- members/apikeys.pl
  * Generate and delete an API key for a patron
  * hit /cgi-bin/koha/members/apikeys.pl?patron_id=51&op=delete

- members/deletemem.pl
  * Delete a patron
  * hit /cgi-bin/koha/members/deletemem.pl?member=42&op=delete_confirmed

- members/mancredit.pl
  * Add a manual credit
  * hit /cgi-bin/koha/members/mancredit.pl?borrowernumber=51&add=1

- members/maninvoice.pl
  * Add a manual invoice
  * hit /cgi-bin/koha/members/maninvoice.pl?borrowernumber=51&add=1

- members/member-flags.pl
  * Change permissions for a patron
  * hit /cgi-bin/koha/members/member-flags.pl?member=51&newflags=1

- members/member-password.pl
  * Change the password for a patron (from the staff interface)
  * hit /cgi-bin/koha/members/member-password.pl?member=51&newpassword=aA1

- members/memberentry.pl
  * Edit some patron's info
  * hit /cgi-bin/koha/members/memberentry.pl?borrowernumber=51&op=save

- members/paycollect.pl
  * Pay an individual fine
  * hit something like /cgi-bin/koha/members/paycollect.pl?borrowernumber=51&pay_individual=1&accounttype=L&amount=1.00&amountoutstanding=1.00&accountlines_id=157&paid=1
  You may need to edit some values

- tools/import_borrowers.pl
  * Import some patrons
  * hit /cgi-bin/koha/tools/import_borrowers.pl?uploadborrowers=1

- tools/picture-upload.pl
  * Upload an image for a patron
  * You will need to edit the html content
  hit Home › Tools › Upload patron images
  then locate the csrf_token input and modify its value

Note for QA:
- Opac is not done as blocking_errors.inc does not exist for this
interface
- ill/ill-requests.pl
I did not manage to replace this occurrence

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-25 20:38:32 +00:00
c425a003fd Bug 22048: Use set_password in memberentry.pl
To test:
- Verify that changing the password and userid of a patron by globally
editing they works,

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-25 20:15:29 +00:00
d561273ef8 Bug 21986: Do not escape quotation marks when cataloguing
In several places we escape quotation marks using
  $value =~ s/"/&quot;/g;
All the occurrences are wrong and must be removed.
Most of them are leftover of bug 11638 (Remove HTML from
addbiblio.pl), which removes the construction of html from pl scripts.

The problem has been highlighted by bug 13618, I did not track down why
the issue did not exist before (?)

Test plan:
0/ Use strings with quotation marks, like:
'Fiddle tune history : "bad" tunes'
You can also use other html characters to make the tests more complete,
like 'Fiddle tune history : <"bad" tunes>'
1/ authorities/authorities.pl
a. Edit an authority filling different fields with quotation marks
b. Edit it again
=> The display (inputs' values) is wrong, if you save the escaped quotes
will be inserted
2/ cataloguing/addbiblio.pl
Same editing a bibliographic record
3/ cataloguing/additem.pl
Same editing items
4/ members/memberentry.pl
Edit a patron's record and fill some fields with quotation marks
+ fields borrowernotes and opacnotes
=> The quotes are inserted directly in DB (escape is done before the
insert!)
5/ opac/opac-review.pl
For QA only: $js_ok_review is never used
6/ tools/batchMod.pl
For QA only: $value is always undefined at that point

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-12-14 13:33:28 +00:00
449116857e Bug 21649: Pass guarantee info to template when adding child
To test:
1 - Find an adult patron
2 - Click 'Add child'
3 - Note address/phone info does not carry over
4 - Apply patch
5 - Repeat
6 - Note information populates

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Todd <tgoatley@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
It works, but the code is ugly and hard to maintain.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-26 12:33:52 +00:00
7c05f4fbe4 Bug 21068: Remove NorwegianPatronDB related code
Bug 11401 introduced code to support Norwegian national library card.
This code is too specific to be part of Koha as it, it should be a
plugin instead.
Moreover nobody uses it, but a modified version (see comment 3).

Test plan:
Add/edit/delete patron and make sure there are no regressions introduced
by these patches

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:29 +00:00
644de1c4e7 Bug 21222: (bug 20226 follow-up) Fix patron creation
Since bug 20226 you cannot longer creation a patron, memberentry.pl will
explode with
Template process failed: undef error - DBIC result _type  isn't of the
_type Category at /home/vagrant/kohaclone/koha-tmpl/intranet-tmpl/prog/en/includes/str/members-menu.inc
line 22.

The problem is that "patron" is actually defined and the test in
str/members-menu.inc does not work as expected.

It comes from
  commit 7b1d08df0f
  Bug 19936: Replace Generate_Userid - Update the occurrences
where I needed $patron to be defined in order to use Koha::Patron->generate_userid
on an blessed object.
But this was actually wrong, as it could have side-effects.

Test plan:
Create a new patron
Edit it
Retest bug 19936 and make sure the userid is generated correctly in the
different situations

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-16 13:19:54 +00:00
51933c7753 Bug 21221: Shortcut memberentry scripts if patron does not exist
If borrowernumber is passed and that it does not refer to a valid patron
in DB, we should not continue the script and display an error instead.

Test plan:
Create a patron
Edit a patron
=> Both should work ok
You can also test the other action memberentry.pl manage.

Edit it again but modify the borrowernumber parameter
=> You should see a friendly user message saying that the patron does
not exist.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-16 13:19:51 +00:00
9d4c735061 Bug 20828: Step 4 of moremember is used for Housebound and additional attributes
This patch modifies the patron edit process so that "Housebound roles"
can be edited as a separate step.

To test, apply the patch and open an existing patron's detail page
(moremember.tt). Test the "edit" links for 'Housebound roles' and
'Additional attributes and identifiers' and confirm that each opens its
own edit page, and saving changes works correctly.

Signed-off-by: Cab Vinton <bibliwho@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 11:28:58 +00:00
b7fa3b9b43 Bug 21136: Fix add/edit patron when cities are defined
Same as bug 21085.

When cities are defined, there is a select with name="select_city" added
to the DOM and its value will be passed to memberentry.pl
We must remove it from the attribute list before creating the
Koha::Patron object

No property select_city for Koha::Patron at
/usr/share/perl5/Exception/Class/Base.pm line 73

Test plan:
Define cities
Add or edit a patron, save

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2018-08-02 10:11:40 -03:00
ce1f9033fb Bug 21087: Fix one wrong call
Signed-off-by: John Doe <you@example.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2018-07-30 14:58:06 -03:00
2e6fb40ef8 Bug 21087: Hash passwords in ->update_password
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: John Doe <you@example.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2018-07-30 14:58:06 -03:00
c95f5c17a6 Bug 21085: Fix add/edit of patrons when HouseboundModule is set
This script takes all the parameters then set it to create/edit the
patron. We must list housebound_chooser and housebound_deliverer as not
part of patron's attributes

Test plan:
- Enable HouseboundModule
- Create a patron
=> When you save, if the patch is not applied, you will get:
No property housebound_deliverer for Koha::Patron

- Edit a patron
=> When you save, if the patch is not applied, you will get:
Patron creation failed! - DBIx::Class::Row::store_column(): No such column 'housebound_chooser' on Koha::Schema::Result::Borrower at /home/vagrant/kohaclone/Koha/Object.pm line 75

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-19 15:44:03 +00:00