If you click on a link that opens a new tab/window to another site, that tab
has access to the original window through JavaScript. The browsing context is
related, even if the domains are totally different.
The tab retains access to the original window's object via window.opener, even
if you navigate to another page or domain, in the new or original window.
Access to the Window object means the new window can use Window.location to
open a different URL in the original window, perfect for phishing attacks.
Depending on the site's Same-Origin Policy settings, the new window may have
access to other parts of the original window's DOM as well.
Any 'A HREF' that contains a target of of '_blank' or '_new' or a fixed name
is vulnerable. Previous security best practice often suggested creating a random
fixed name for an unpredictable namespace - that won't help with this problem!
Targets of '_self' and '_parent' are safe.
We do not use _new (at first glance) but several _blank. Some are used
to refer internal url, we do not need to update or remove them. Others
are used to satisfy OPACURLOpenInNewWindow, in these case, we should add
the rel="noreferrer" attribute to the a tags.
In other cases, we can simply remove them and let the users discover
that a mouse has more than one button (we are in 2016, they can do it!)
Signed-off-by: Chris <chrisc@catalyst.net.nz>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This patch fixes the display of the currency symbol on invoice.tt
See comment #5
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This trivial follow-up adds an "actions" class to the table cell
containing the new buttons. In conjunction with the style update in Bug
16048, this will prevent the buttons from wrapping at narrow browser
window widths.
To test, apply the patch for Bug 16048 and search for a vendor in
Acquisitions which has at least one open basket.
Confirm that the "View" and "Add to basket" buttons look correct and do
not wrap when you make your browser window narrower.
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
1) Go to Acqui -> do a vendor search
2) Confirm actions 'View' and 'Add to basket' are now buttons and behave as
expected
Sponsored-by: Catalyst IT
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
When closing a basket in Acquisitions the confirmation dialog should be
styled using Font Awesome icons. This patch adds them.
The cancel button has been moved into its own form so that we can get
rid of several problematic JavaScript issues: The use of the
"javascript:" pseudo-protocol, the use of an "onclick" attribute, and
the use of a JS redirect where a GET action will do.
To test, apply the patch and locate an open basket in Acquisitions which
can be closed.
- Click the 'Close this basket' button and confirm that the icons in the
dialog look correct.
- Test the cancel operation to make sure you are redirected back to the
page showing the basket details.
- Test the confirm operation and verify that the basket is closed.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Please note that the confirmation message display depends on
BasketConfirmations.
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
In Acquisitions, when you delete (cancel) an order, a dialog asks you to
confirm. This dialog should be styled with Font Awesome icons.
Other minor edit: Changing page grid style for centered main content
area.
To test, apply the patch and locate a basket in Acquisitions with an
order.
- View the details for the basket.
- Click the 'Delete' link next to the order you want to delete.
- Confirm that the dialog is correctly styled.
- Test the cancel operation and verify that you are correctly redirected
back to where you were.
- Test the confirmation operation and verify that your order is deleted.
- Also test the deletion process from Acquisitions -> Vendor -> Invoices
-> Invoice -> Go to receipt page -> Delete order.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Most part of the code here is unnecessary complex. We should selected
the currency if it is selected, that's all :)
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
The "highlight" class on table rows is unnecessary since we have a CSS
rule which defines colors for alternating row colors. This patch removes
use of the "highlight" class from templates and removes the definition
from staff-global.css
To test, view the affected pages and confirm that the change has not
broken anything.
Acquisitions -> Vendor -> View basket
Acquisitions -> Late orders
Acquisitions -> Ordered
Acquisitions -> Vendor -> Receive shipment
Acquisitions -> Spent
Acquisitions -> Vendor details -> Contracts table
Administration -> MARC frameworks (comment removed only)
Administration -> Class sources
Authorities -> Authority search results
Catalog -> Bibliographic detail page -> Items -> View item's checkout
history
Catalog -> subject.tt (is this template used?)
Cataloging -> Cataloging search results
Patrons -> Patron account
Reports -> Patrons who haven't checked out
Reports -> Statistics wizards -> Patrons
Reports -> Top lists -> Most-circulated items
Reports -> Inactive -> Items with no checkouts
Reports -> Reports dictionary
Reports -> Statistics wizards -> Circulation
Reports -> Statistics wizards -> Holds
Holds -> Place a hold -> Existing holds table
Serials -> New subscription -> Search for a vendor -> Search results
Serials -> Check expiration
Serials -> Subscription -> Serial collection
Serials -> Subscription -> Serial collection -> Edit serials
Suggestions
Tags -> View tags -> View titles with a tag
Tools -> Manage staged MARC records -> Batch (I think the affected
section of this template is obsolete)
Tools -> Log viewer -> Log result
Lists -> View lists (May be broken by Bug 15916)
Note that if you search the templates for instances of a <tr> with a
"highlight" class you'll find two instances in slip templates which
refer to a class defined in printreceiptinvoice.css.
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Looks good. Haven't seen any regression.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
A warning is raised when order amount exceed budget or fund this dialog needs to be styled with Font Awesome icons.
To test:
-Add orders to a basket
-Exceed a fund or budget
-Notice about the dialog alert
-Apply patch
-Exceed again and see the new icons
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
The tables using the treetable plugin don't display correctly (with JS
error).
The lazy way to fix it is to redefine the dom of the table and remove
the button area (B).
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Revert "DBRev to make notes of the XSS patches and the new important dependency."
This reverts commit e140603a59.
Revert "Bug 13618: Specific for branches.opac_info"
This reverts commit 06e4a50f00.
Revert "Bug 13618: (follow-up) Specific for other prefs"
This reverts commit d6475a111f.
Revert "Bug 13618: Fix for debarredcomment and patron messages"
This reverts commit dd98c9df92.
Revert "Bug 13618: Do not display html tags in patron's notices"
This reverts commit a065b243fe.
Revert "Bug 13618: Do not display and html tags in item fields content"
This reverts commit baeeaffbf8.
Revert "Bug 13618: Fix for system preference description"
This reverts commit a967a09261.
Revert "Bug 13618: Remove html filters for newly pushed code"
This reverts commit 0e98662b10.
Revert "Bug 13618: (follow-up) add missing lines for opac-shelves"
This reverts commit fc2fb605e5.
Revert "Bug 13618: (follow-up) Specific for ColumnsSettings"
This reverts commit bc308fdd9c.
Revert "Bug 13618: Fix for edit biblios and items"
This reverts commit 811c4e8402.
Revert "Bug 13618: followup to remove tabs"
This reverts commit ca8e8c397c.
Revert "Bug 13618: Fix last occurrences recently introduced to master"
This reverts commit bb417b256b.
Revert "Bug 13618: Fix for news"
This reverts commit ae5b98020a.
Revert "Bug 13618: Fix escape on sending baskets or shelves by email"
This reverts commit a7731ffe25.
Revert "Bug 13618: Specific for XSLTBloc"
This reverts commit 11fa38dc29.
Revert "Bug 13618: Specific for Salutation on editing a patron"
This reverts commit 36c07ad6d3.
Revert "Bug 13618: Specific for other prefs"
This reverts commit e6ea281a3b.
Revert "Bug 13618 - memberentrygen.tt errors Not a GLOB reference"
This reverts commit 7824874557.
Revert "Bug 13618: Specific for ColumnsSettings"
This reverts commit 1834da3da3.
Revert "Bug 13618: Specific for IntranetUser* and OPACUser* prefs"
This reverts commit 21ae62b253.
Revert "Bug 13618: Fix error 'Not a GLOB reference'"
This reverts commit 602bdbab4c.
Revert "Bug 13618: Specific for the ISBD view"
This reverts commit d254362435.
Revert "Bug 13618: Specific for pagination_bar"
This reverts commit 8837a8ae68.
Revert "Bug 13618: Specific places where we don't need to escape variables - intra"
This reverts commit 00eff140b3.
Revert "Bug 13618: Remove html filters at the intranet"
This reverts commit 7db851ff03.
Revert "Bug 13618: Specific places where we don't need to escape variables"
This reverts commit 49a3738b8d.
Revert "Bug 13618: Remove html filters at the OPAC"
This reverts commit cedaa0e23e.
Revert "Bug 13618: Use Template::Stash::AutoEscaping to use the html filter"
This reverts commit 01b38d3b13.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
On editing biblios or items, the marc_lib, marc_value and javascript
values are often populated with html code which needs to be displayed
raw.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
1) Reproduce warn following steps above
2) Apply patch
3) Create a new basket and click Save. Do not add any items
4) Notice warn is gone
5) Click 'Delete this basket' and confirm that the validation message reads: "Are you sure you want to delete this basket?" Click cancel.
6) Add an order to the basket, then click 'Delete this basket'. Confirm the validation message gives more information and more delete options.
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
To Test -
1. If you don't have a budget and a fund, make at least one of each.
2. Go to funds from budgets.
3. Either make a new fund or edit an existing one and then click Edit owner, which will bring up a pop-up tab.
4. Search for a patron.
5. Using the tab key try to navigate onto the Select link.
6. Notice it skips select.
7. Apply the patch and then repeat steps 3-5, notice the select link can now be accessed through using the keyboard.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Fix translatibiity issues and use include in admin/aqplan.tt as well.
See comment #24
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
This follow up hides currency, but the alert pops
if no currency is active.
To test:
1) Apply the patch
2) Unset any active currency
3) Alert must show on Acquisitons home
4) Set a currency active, no currency display on Acqui home
5) Check that currency IS displayed on /cgi-bin/koha/admin/aqbudgets.pl
or /cgi-bin/koha/admin/aqbudgetperiods.pl
Amended for better translation
Currency does / does not display as described in test plan.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: JM Broust <jean-manuel.broust@univ-lyon2.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
If no active currency is defined, Acquisitions does not work properly and software
can occur while receiving.
This patch adds the warning message about missing active currency to Home > Acquisitions
To test:
- Apply patch
- Go to Home > Administration > Currencies & Exchange Rates > Currencies
- Make sure that no active currency is set
- Go to Home > Acquisitions
- Verify that a warning displays:
- If user has at least permission for parameters_remaining_perissions,
the warning should display a link to Currencies and exchange rates (currency.pl)
- If the user has no permission to edit the Currencies and exchange rates,
no link is displayed.
- Set an active currency
- Veryfy that the warning no longer displays
(Amended to remove superfluous line / mv)
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Work as described. No errors
Signed-off-by: JM Broust <jean-manuel.broust@univ-lyon2.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Changes the 'Fund' to 'Shipping fund' so it's clear
what the fund setting is used for.
To test:
- Receive a new shipment
- Verify that 'Shipping fund' displays on the parcels page
- Search for your invoice
- View invoice details
- Verify that 'Shipping fund' displays on the invoice page
Followed test plan (changed lines: '...cost' -> '...fund')
Display OK on both places.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
In order to reduce the number of dependencies for common interactions we
should attempt to use Bootstrap modals in place of Greybox ones.
This patch modifies the page in Acquisitions for ordering from a staged
file so that the "MARC" and "Card" previews display in Bootstrap modals.
To test:
1. Apply the patch and navigate to Acquisitions.
2. Locate an exsiting basket or create a new one.
3. Add to the basket using the option to order from a staged file.
4. Click "Add orders" from any staged file.
5. Test the "MARC" and "Card" links for multiple results and confirm
that the correct data is shown each time.
Followed test plan, works as expected
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In order to reduce the number of dependencies for common interactions we
should attempt to use Bootstrap modals in place of Greybox ones.
This patch modifies the page in Acquisitions for ordering from an
existing record so that the "View MARC" preview is displayed in
Bootstrap modals.
To test:
1. Apply the patch and navigate to Acquisitions.
2. Locate an exsiting basket or create a new one.
3. Add to the basket using the option to search for an existing
record.
4. Perform any search which will return results.
5. Test the "View MARC" link for multiple results and confirm
that the correct data is shown each time.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In order to reduce the number of dependencies for common interactions we
should attempt to use Bootstrap modals in place of Greybox ones.
This patch modifies the page in Acquisitions for ordering from an
external source so that the "MARC" and "Card" previews display in
Bootstrap modals.
This patch also fixes a bug where the in-table popup menu points to the
wrong record (fixed in Cataloging by Bug 6367).
To test:
1. Apply the patch and navigate to Acquisitions.
2. Locate an exsiting basket or create a new one.
3. Add to the basket using the option to order from an external source..
4. Perform a search which will return multiple results.
5. Test the "MARC" and "Card" links for multiple results and confirm
that the correct data is shown each time.
6. Click anywhere in the results table to show the hidden menu and test
the "MARC" and "Card" links it displays, confirming that the data
looks correct and corresponds correctly to the title you selected.
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The date a basket was created was not displayed
according to the dateformat system preference.
Also fixes wording of the message shown when there
are no baskets for a chosen vendor.
To test:
- Create an order with an order line
- Click on the "Transfer" link on the basket
summary page
- Search for a vendor without open baskets
- Verify change of message shown:
"There are no open baskets for this vendor."
- Choose another vendor with open baskets
- Verify the creation date of the basket is
displayed correctly formatted.
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 7298 tried to fix this issue, but it was not correct.
We have 3 files in acqui/csv:
basketgroup.tt, basket.tt and lateorders.tt
The first 2 don't contain translatable string, and are not modified on
translating the templates (`translate install`)
On the contrary, lateorders.tt has some strings to translate ('Author:',
'Published by:', etc.). After being translated, all carriage returns
between TT tags are removed.
Test plan:
1/ choose a language and update + translate the templates
for instance:
cd misc/translate;
./translate update es-ES; ./translate install es-ES
2/ Go to acqui/lateorders.pl using this language
3/ Generate a csv for 1+ late orders and confirm the first line only
contains the headers.
Signed-off-by: Laurence Lefaucheur <laurence.lefaucheur@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch replaces all use of C4::Dates with Koha::DateUtils, which is
the best practice to follow.
It also fixes a bug on the invoice search, the shipment date (from and
to) were not passed correctly from one page to the other.
Test plan:
1/ Search for orders using the different filters
2/ Create an invoice, try with setting and leaving empty the date
fields.
Default should be an undefined value (not today)
3/ Search for invoices and use the 4 different filters.
Close and reopen invoices.
The filters should be kept from one page to the other (not that it does
not work with shipment date before this patch).
4/ Receive an order, on creating the invoice, the default date should be
today.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
I can't quite figure this out. When I run CGI version of Koha, I see following response (recorded using tcpdump):
HTTP/1.1 302 Found
Date: Thu, 27 Aug 2015 13:28:41 GMT
Server: Apache/2.4.10 (Debian)
Location: /cgi-bin/koha/acqui/basket.pl?basketno=5610
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/x-perl
However, when running behind apache 2.4.10 on Debian wheezy I see chunked response:
HTTP/1.1 302 Found
Date: Thu, 27 Aug 2015 13:21:28 GMT
Server: Apache/2.4.10 (Debian)
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/x-perl
60
Transfer-Encoding: chunked
Date: Thu, 27 Aug 2015 13:21:28 GMT
Connection: keep-alive
0
0
This response doesn't work in firefox (where it reports page not found) nor in chrome (where it returns lines below 60 on screen).
In the template the hidden input 'basketno' is listed twice. What the cgi script reads in the parameter, what is does is concat the values of the multiple basketno instances together createing what is likely an invalid basketno. For reasons beyond my understanding this is what triggers this error!
Test Plan:
1) Using plack, add an order to a basket from an external source
2) Note the error
3) Apply this patch
4) Add an order to a basket from an external source
5) Note you get no error!
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
While transferring an order, a untranslatable JavaScript confirmation
dialog pops up.
This patch moves the information about the order to be transferred to the
top of the screen to better inform the user what order is to be transferred,
and simplifies the confirmation dialog.
To test:
- Apply patch
- Transfer an order from a basket to another basket
- Verify, that on top of the screen an information is displayed about which
order from which vendor and basket is to be transferred
- Verify that the transfer works OK
- Update a po lang file and confirm you see the string and you are able
to translate it.
Signed-off-by: Frederic Demians <f.demians@tamil.fr>
Dialog box with readable & translatable info.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch moves the word "basket" out of the <a> tags to have a better context for translation.
To test:
- Transfer an order from one basket to another basket
- Verify that "basket" is detached from the strings "Transferred to" rsp
"Transferred from" by th <a> tag (See screenshot)
- Apply patch
- Verify that the word "basket" is now otuside the <a> tags
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised. Tested with es-ES
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Noticed that an icon was missing in the templates.
Replaced fa-remove-sign with same-looking fa-times-circle.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
We should be using Font Awesome for our icons instead of Glyphicons, for
the reasons discussed on bug 13696.
Test Plan:
1) Apply this patch
2) Note all Glyphicons have been replaced with FA icons in the staff intranet
3) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/modules/
should give no results
4) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/includes/
should give no results
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
We need a follow-up to cover the files changes since this
patch was written. Especially to cover the changes in the
label creator modules.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Currently the date of the order reception is the date of shipping date,
which is wrong.
This patch makes this date editable (with default is today).
Test plan:
1/ Create an order and receive it
2/ Confirm that you can edit the reception date and it's take into
account as the datereceived.
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
There are some issues here:
1/ Message not translatable (set in the pl file)
2/ ' by 'displayed even if no author defined
3/ Message not the same every where
4/ Nothing displayed on the invoice page
Test plan:
1/ Create a basket
2/ Add 4 orders A, B, C, D
3/ On the basket, you see "$title by $author", or "$title" if no author
defined
4/ Delete order A, B
5/ Close the basket
6/ Receive B, C
7/ Delete record created for A, C
8/ Go on the basket page, you should see the title and "Deleted
bibliographic record, can't find title" for the deleted record
9/ Go on the invoice page, you should see the title and "Deleted
bibliographic record, can't find title" for the deleted record
Signed-off-by: Joonas Kylmälä <j.kylmala@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Joonas Kylmälä <j.kylmala@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
It does not make sense to have 2 paginations here.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Numbered links have incorrect url. Links to result pages
don't work in Receive Shipment List (but fortunately, Next
and Previous buttons work) It's because the booksellerid is
not furnished in the url.
Test Plan :
1) Go to Acquisitions module, enter a bookseller name that you
know you can get many page of invoices for and search for it.
2) click on Receive shipment button.
3) On bottom of the first results page, click on page number 2
link. (cf joined screencast)
You'll see that the results include invoices from other
booksellerid. Indeed, I suppose that you get results from all booksellerid.
Intall patch and redo 3 steps.
NOTE: I did not follow this test plan.
I read the acqui/parcels.pl code.
The template parameter numbers is assigned in a function which has
no reference to booksellerid at all!
Additionally, the booksellerid is set directly elsewhere.
It is also strange that the booksellerid references before and after
this loop do not use the numbers.booksellerid, but just booksellerid.
The change from numbers.booksellerid to booksellerid is correct!
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
It will avoid further changes.
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Patch adds the shipment as a new separate column to the
search results of the invoices search.
To test:
- Search for invoices in the acquisition module
- Verify the results table shows the shipment date
- Verify that sorting works correctly
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch make inactive vendors really inactive.
That means an inactive vendor would not be able to add a basket / add an order.
Revised test plan
=================
1/ In the acquisition module create 2 vendors: 1 active and 1 inactive.
2/ On the acqui/booksellers.pl, acqui/uncertainprice.pl,
admin/aqcontract.pl and acqui/supplier.pl (pages which include the
acq toolbar), you should be able to, for both the 'active' as well
as the inactive vendor :
(a) add new basket
(b) add order items to the basket
Remark: This is *wrong*. You should be able to do so only for active
vendor.
3/ Apply the patch
4/ Go to the links in step #2 above and select the inactive vendor
you should no longer be able to:
(a) add new basket
(b) add order items to the basket
Remark: This is the *correct* behaviour
5/ No change should be noted for vendor marked "active", and should
be able to undertake operations 4 (a), 4 (b) and 4 (c).
Remark: This is the *correct* behaviour.
6/ run koha qa tests tool
Bug 12054: (follow-up) Inactive vendors should be inactive
Don't display "add order""block and buttons if the vendor is inactive.
Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
'Show all' in acquisition makes the inactive funds in the fund list
box visible. This patch changes the text to 'Show inactive' to be more
clear about the functionality.
Patch changes 2 pages. To test:
1) Order from staged file
- make sure you have uploaded a few records via the tools
- create a new order using the 'From a staged file' option
- select a file to order from - 'Add orders'
- Verify the 'Select to import' tab now displayed the text
'Show inactive funds' and that it works as expected
- Switch to the 'Default accounting details' tab
- Verify the text there is also changed to 'Show inactive' and
works like expected.
2) Receive shipment
- receive a new shipment for a vendor with unreceived orders
- Verify the label next to the fund list has changed to
'Show inactive' and works as expected.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Simple string change, no errors.
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
On the order form there is a checkbox next to the fund list labelled
'show all'. Checking the checkbox will result in the inactive funds
showing in the pull down list as well.
The patch renames the label to 'Show inactive' to make the purpose
more clear.
To test:
- Create a new order
- Verify the label has changed as described above
- Decide if the change makes sense
Signed-off-by: tadeasm <tadeas.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
When adding a batch of records to a basket, duplicates are skipped and
an alert is displayed with a link to them so as they could be treated
individually.
Test plan :
You need the 2 test attached files TestFile1.mrc and TestFile2.elc
(TestFile1 includes only the title "Amilec ou La graine d'hommes" that
is also included in TestFile2)
1) go to “Stage MARC records for import” page, upload TestFile1 and
stage it (select iso 5426 encoding).
2) Manage staged record and import the batch.
3) Make sure that the new record is indexed (depending to your indexing
system and test platform).
4) Go back to go to “Stage MARC records for import” page upload
TestFile2 and stage it (select iso 5426 encoding).
5) Go to acquisitions module and create a new basket.
6) From your basket, in the “Add order to basket block” choose 'From a
staged file'.
7) Then click File2 (‘addorder button').
8) Go down the "Import all" block and save.
9) You are redirected to the basket page : a warning is displayed to
tell you that some duplicates have been found and skipped.
There's a link on the warning throughout you can go back to the list of
remaining records and treat them individually if necesary.
10) Click the link : you fall upon the title of TestFile1 (of course as
it's a duplicate).
11) Check that the imported records have been indexed.
11) Go down the "Import all" block and save.
12) A warning is displayed saying that no records have been imported
because they all match an existing record. The “Import all” block is not
any more visible.
Signed-off-by: JA <aloi54@live.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
1/ hit a url like http://localhost:8081/cgi-bin/koha/acqui/lateorders.pl?delay=<script>alert('oh noes')</script>&estimateddeliverydatefrom
2/ Not you get an alert box
3/ Apply patch notice it is fixed
4/ Test functionality still works
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The 'notify on receiving' patron search on the new order form
in acquisitions didn't allow you to scroll, so there was no
way to select users from the bottom of a longer result list.
To test:
- Create a new order in acquisitions
- On the order form, use the 'Add user' button to open
the popup
- Perform a patron research with a lot of results
- Verify that with the patch you can scroll, but
that you couldn't without it
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
without patch: no scroll bar in Firefox 38
with patch: scrolling works fine
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The link on the start page of Koha goes to the pending suggestions tab
explicitly. The link on the acquisition start page doesn't do that so
when you have your own status it might show another tab first.
Patch links to be the same and explicitly target the pending tab.
To test:
- create a new suggestion
- verify link from the acq start page leads to the pending tab
- verify link from the Koha start page does the same
Signed-off-by: Marjorie <marjorie.barry-vila@ccsr.qc.ca>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
The order status after closing the basket is 'ordered' in the
database, but displays as 'pending' in the staff interface.
As we use 'pending' when you have to review a suggestion, this
clashes in translations and the meaning is different. The patch
renames 'pending' for the order status to 'Ordered' to be more
clear.
To test:
- Verfiy 'Ordered' shows in the pull down on the acq advanced
search and search still works correctly
- Verify the results table also display 'Ordered' as the status
Signed-off-by: Cédric Vita <cedric.vita@dracenie.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This condition is never reached, the confirmation to delete a basket is
done with a popup in the template.
Test plan:
Confirm you don't find any regression when creation/editing and deleting
a basket.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
NOTE: I didn't create or edit. However, the only perl script that uses
the template is acqui/basket.pl and the only place delete_confirm
is set in acqui/basket.pl is in that code which is only called if
del_basket actually existed anywhere else, which it doesn't.
I did have two baskets, one with two transfers from the first, so
I transferred one back, and then proceeded to test the two delete
buttons in the modal. No issues. Cancel (to close the modal) works
too.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch fixes some minor display issues in 'Add order from a suggestion'
To test:
- Add order form a suggestion
- The copyright date iss dispayed like 'copy.year:2015'
- Apply patch
- The copyright date now displays as (copyright sign) 2014, similar to the display in suggestion management
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
