Commit graph

51163 commits

Author SHA1 Message Date
c37b12ec4d Bug 36176: Exclude misc/releases_notes/*
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-27 13:45:17 +00:00
4079bdfbe8
Bug 24879: (follow-up) Fix test suite
Running cataloguing pluings (in cataloguing/value_builder) now requires
authentification.

This patch adds in failing unit tests a mock of C4::Auth::check_cookie_auth

Test with:
prove t/db_dependent/FrameworkPlugin.t t/db_dependent/Koha/UI/Form/Builder/Biblio.t t/db_dependent/Koha/UI/Form/Builder/Item.t t/db_dependent/Serials.t

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2024-03-27 08:27:48 -03:00
609b4c6225 (Rmaint follow-up) Fix bad tests in t/db_dependent/Serials.t
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 20:05:57 +00:00
27777f5116 Bug 36323: Move koha_perl_deps.pl to misc/devel
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 16:02:09 +00:00
9b6b29ac2b Bug 24879: Exclude koha_perl_deps.pl
And tidy.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:58:51 +00:00
f9001cc779 Bug 24879: Use perl shebang to list the exec
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:58:51 +00:00
d8063a332c Bug 24879: Add check_cookie_auth when missing
This can certainly be improved to adjust the permissions, but at least
they are no longer opened to the world..

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:58:51 +00:00
243bfef1ff Bug 24879: Adjust tests
Installer scripts cannot be run from the UI:
debian/templates/apache-shared-intranet.conf:RewriteRule ^/cgi-bin/koha/(C4|debian|etc|installer/data|install_misc|Koha|misc|selenium|t|test|tmp|xt)/|\.PL$ /notfound [PT]

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:58:51 +00:00
4b2f5472bf Bug 24879: Remove installer/externalmodules.pl
It is not used, if we need it back it must be moved to misc.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:58:51 +00:00
b36517fb0c Bug 24879: Add new test to catch missing auth statement
in intranet scripts

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:58:50 +00:00
a22c913c1f Bug 36322: Redirect docs dir to 404
http://localhost:8081/cgi-bin/koha/docs/CAS/CASProxy/examples/proxy_cas.pl

Test plan:
Hit the link
=> Erk
Copy the apache config to /etc/koha/apache-shared-intranet-git.conf
restart_all
Hit the link
=> 404

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:57:23 +00:00
33d5d852e9 Bug 31988: Remove reports/itemtypes.plugin
This "plugin system" is only used for the itemtypes report. We can
simply remove the reports/manager.pl script and this plugin in favor of
a dedicated report.

Test plan:
Same behaviour expected before and after this patch

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:54:33 +00:00
ded29930eb Bug 36244: DBRev 23.05.09.001 part 2
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:45:56 +00:00
426ca044e9 Bug 36244: DBRev 23.05.09.001
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:44:22 +00:00
5bbb73ed05 Bug 36244: Add atomic update to check for affected notices
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Fixed some typos in bug numbers and text.

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:44:22 +00:00
Andreas Jonsson
0e853fc146 Bug 36244: Do template toolkit processing first
To avoid injection of template toolkit code
from database fields that are controlled by
untrusted sources.

Test plan:

* review subtest 'Template toolkit syntax in
  parameters' in t/db_dependent/Letters.t
* Run the unit test:
  prove t/db_dependent/Letters.t

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:44:22 +00:00
Andreas Jonsson
fbbaad4ac3 Bug 36244: Unit test for tt syntax in parameters
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:44:22 +00:00
Julian Maurice
69e3424368 Bug 35960: Use .val() instead of string concat to prevent potential XSS
Test plan:
1. Log out
2. Go to /cgi-bin/koha/mainpage.pl#somestring"with<html>char
3. Open the brower's inspector and find "auth_forwarded_hash" input
4. Make sure the value attribute is there and corresponds to the URL's
   fragment. It should be URI-encoded.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-26 15:20:16 +00:00
f1803c7146 Bug 34755: (Rmaint follow-up) Fix tests
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-21 13:42:10 +00:00
5ffddeb4f5 Bug 35800: Remove item.can.be.edited check
To test:
APPLY PATCH
1. Check out an item to a patron from library A
2. Give permissions to a patron from library B
   (example of a circulation staff account)
     - circulate
     - catalogue
     - borrowers ( including view_borrower_infos_from_any_libraries )
     - reserveforothers
     - updatecharges
     - suggestions
     - lists
     - clubs -> enroll
3. If necessary, change the username and password of that staff member in order to be able to log in
4. In a private browser window, log in as the staff member
5. View the record with the checked out item
6. You should see the name/cardnumber of the patron the item is checked out ot.
7. Turn off the view_borrower_infos_from_any_libraries for this patron.
8. Now on the record detail page you should see text like `Checked out to A patron from library Midway : due 01/28/2024`.

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e8c0438d87)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 4c38b7140a)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-20 18:01:55 +00:00
adf3c9666a Bug 29522: Unit test
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3954808ac5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 284ff2d52c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:51:58 +00:00
d386baf2d9 Bug 29522: [alternate] Skip relinking bibliographic records when merging authorities
If autolinking is enabled, there are scenarios where the authorities merge process
updates the record, then sends it to ModBiblio which then AutoLinks the record, undoing
the changes in the record (as the 'from' authority is not removed until the process is complete)

This patch simply disables the autolinking process when merging authorities

To test:

Set system preferences
    AutoCreateAuthorities = don't generate
    RequireChoosingExistingAuthority = don't require
    AutoLinkBiblios = Do
    CatalogModuleRelink = Do
    LinkerKeepStale = Don't
    LinkerModule = first match
    LinkerRelink = Do

1. Create an authority record
   1.1. Go to Authorities
   1.2. Click on "New authority" and choose an authority type (I chose Corporate name)*
   1.3. Fill in the mandatory fields (000, 003, 005, 008, 040)
   1.4. In tab 1, click on the label of the main heading (110 for Corporate name)
   1.5. Fill in subfield
   1.6. Copy content of subfield
   1.7. Click on "Save"
   1.8. Note the authority record number

2. Duplicate the authority record
   2.1. Click on "Edit" and choose "Edit as new (duplicate)"
   2.2. Click on "Save"
   2.3. Click on "No: Save as new authority"
   2.4. Note the authority record number (should be the number from step 1.8 +1)

3. Link one of the authority records to a bibliographic record
   3.1 In another tab, do a catalog search
   3.2. Click on "Edit record" under one of the search results
   3.3. Go to the relevant tab (for corporate name, I used field 710 in tab 7)
        3.3.a. If there are no empty fields for that tag, click the "Repeat this tag" button (two rectangles)
   3.4. Paste the text previously copied in subfield
   3.5. Click on "Link authorities automatically" at the top of the page
   3.6. Note the authority record number in subfield
        --> The linked authority record should be the first authority record (step 1.8)
   3.7. Click on "Save"

4. Merge the two authority records, keep the one that is not linked to the bibliographic record
   4.1. Go back to the tab with the authorities
   4.1. Go to Authorities
   4.2. Search for the aurhorities previous created
   4.2. Click on "Actions" and choose "Merge" for both records
   4.3. Select the record number that is NOT linked to the bibliographic record
   4.4. Click on "Next"
   4.5. Click on "Merge"

5. Check the bibliographic record
   5.1. Go back to the tab with the bibliographic record and refresh the page (Ctrl+F5)
   5.2. Hover the mouse cursor over the name or term, without clicking
   5.3. Note the record number that appears at the bottom of the screen
        --> The record number was not changed
6. Apply the patch
    6.1. Run prove t/AuthoritiesMarc_MARC21.t
    6.2. Repeat Previous steps 1, 2, 3, 4, 5
        --> The record number is change

Signed-off-by: Barbara Petritsch <barbara.petritsch@wienmuseum.at>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 1b9371beb3)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 10661f70ff)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:51:58 +00:00
6cccf8f210 Bug 36277: Avoid useless warnings
As mentioned on bug 36329, this endpoint is only used with one of this
parameters:

* item_type
* collection_code

The other will be NULL both on the DB and the (deserialized) request
body. For the data from the DB, the author added `|| q{}` but missed to
do so on the incoming parameters when generates the hash key.

This generates the following warnings when using from the UI:

[2024/03/15 11:42:51] [WARN] Use of uninitialized value in sprintf at /kohadevbox/koha/Koha/REST/V1/TransferLimits.pm line 146.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 03b0f31b9e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit fa2e164f24)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:50:13 +00:00
667e675550 Bug 36277: Improve algorithmic complexity of batch_add
The 2 nested loops are terrible in term of algorithmic complexity.
Especially if we are fetching from there.

The goal of this patch is to fetch all the limits outside of the loop.

If you have 100 libraries, it will remove 100^2 - 1 fetches!

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 202628342a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 372adf555d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:50:12 +00:00
8e7d786871 Bug 36277: Do not fetch the whole library list
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 14388b6478)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 4c56374272)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:50:12 +00:00
Emily Lamancusa
1371bbbfbb Bug 35934: Correct missed case of switching items.transfer to transfer in detail.tt
To test:
1. Put an item with no holds/recalls in transit (manually or by checking
  it in at a branch other than its homebranch to trigger a ReturnToHome)
2. Go to the item's bib record
--> Note that the item's status will display as something like,
    "In transit from X to Y since 01/29/2024 Available"
3. Apply patch and refresh the page
--> Note that item now shows only the transit status, but not "Available"

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 687963b016)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit f726c7ebfe)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:48:14 +00:00
b42c001e18 Bug 36224: Remove unused spsuggest from templates
To test:
-APPLY PATCH
-Review the OPAC results and staff interface results pages.
-Nothing should change, it would be impossible to end up inside of the [% IF koha_spsuggest %] condition because there is nothing like that in the scripts!

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e07c6d0729)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 3e0bab0bb9)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:46:30 +00:00
Laura Escamilla
a3c01bbe37 Bug 36292: Fixed 'See all charges' hyperlink for guarantees/guarantor linked charges
To test:
1. Add a guarantee / guarantor relationship for two patrons.
2. Add a manual fee to the guarantees' account.
3. Go to the guarantor's account and view the 'Details' tab. Under contact information there should be a Guarantees section. There you will see the charges for your guarantee. Click on ‘See all charges’. The link leads you no where.
4. Apply the patch and restart_all
5. Refresh the guarantor’s page and click on ‘See all charges’ again. This time it will take you down to the ‘Guarantees’ Charges’ panel.
6. Sign off and have a great day! :D

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e2d54b1279)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit c8d97a97a1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:45:11 +00:00
cc83d8e19a Bug 36298: In patrons search fix road type with authorized value
In new patrons search via API, the road type code is displayed in patron address instead of authorized value description.

Also road type is missing a space separator in DE and FR format.

Test plan :
1) Create two entries in authorized value category "ROADTYPE" :
   R1 "Road"
   R2 "Street"
2) Edit a patron (ie Delgado, Floyd) to set road type to "Road"
3) Perform a search on patrons (click on letter D)
4) Check you see in address "Road" and not "R1"
5) Edit authorized value category "ROADTYPE" to delete entry "R1"
6) Perform a search on patrons (click on letter D)
7) Check you see in address "R1"

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3c0ac4cb9a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 72e78f72a3)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:43:42 +00:00
3f1fa1918e Bug 36332: Add missing semicolon in moremember.tt
It's fixing a JS error
Uncaught ReferenceError: script is not defined

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 23b05e812a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 5710afb1cd)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:41:56 +00:00
319f927e36 Bug 35796: Properly set patron_expiration value
To test:
1) Set an expiration on the password in a patron account and save.
2) Go to patron details (moremember.pl) and confirm the password has an expiration.
3) Edit the patron account without touching anything and save the account.
4) Go back to patron details (moremember.pl) and note that the expiration on the password has been removed.
5) APPLY PATCH
6) Try 1 - 4 again except this time password expiration is not removed.

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 60dcb2b077)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit e5cdf2bbc1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:38:06 +00:00
f3066ed0a2 Bug 36233: Set select2 width to 100%
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 638b5ef1b4)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 1a2c3ce39b)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:34:45 +00:00
b4b6eb3c46 Bug 36233: (follow-up) Fix width and enable clear option
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit c29390736f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit e6e927fa9d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:34:45 +00:00
58e9549c59 Bug 36233: Use select2 to load vendors on invoice search
This patch moves the dropdown to use select2 and avoids loading all
vendors at page load.

To test:
 1 - Create some extra vendors in your system, ideally over 20
 2 - Search for a vendor in acquisitions
 3 - Click 'Invoices'
 4 - Note the dropdown of all vendors 'Vendor:' in search bar on left
 5 - The vendor you came from shoudl eb selected
 6 - Apply patch
 7 - Repeat
 8 - Note only a partial list of vendors is loaded, confirm current vendor still selected
 9 - Search in the dropdown and confirm vendors are returned
10 - Select a vendor and search
11 - confirm selection is retained

Signed-off-by: Lisette Scheer <lisette@bywatersolutions.com>
Rebased-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 6b1b371888)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit bb5fd20c68)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:34:45 +00:00
cd3971a8fe Bug 33898: Implement reaping for database polling
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e29e058851)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit da258a3195)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:33:16 +00:00
7073696ade Bug 33898: Alternative approach with receive frame timeout
See bug 33898 comment6.

Test plan:
Based on comment12: Stage MARC import and manage. Look at the same
time to the results of ps aux|grep Z. Verify that the lines with
[background_jobs] <defunct> disappear within 10 seconds.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit bc42006019)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 7aa97b161c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:32:05 +00:00
7bcda46654 Bug 32671: Prevent selenium/basic_workflow.t to fail if run on slow servers
When submitting the form to create a new patron we are doing a POST
memberentry.pl that is redirecting to moremember.pl

The selenium test is expecting for the end of the request to test the
page's title against "Patron details for ".

But it's only waiting for the POST response (302), not the GET
moremember that will display the patron's details.

You can simulate a slow server using cpulimit: `cpulimit -b -p $PID -l 1`
replacing $PID with the pid of the starman process.

Note that other tests are failing using 1%, but... baby steps.

The current failre:
 #   Failed test at t/db_dependent/selenium/basic_workflow.t line 122
 Wide character in print at /usr/share/perl/5.32/Test2/Formatter/TAP.pm line 125
 #                   'Add patron (test cat description) › Patrons › Koha'
 #     doesn't match '(?^u:Patron details for test_patron_surname)'

The next one (NOT fixed by this patch):

 #   Failed test at t/db_dependent/selenium/basic_workflow.t line 256.
 #                   '
 #
 #             Checkouts (0)#         #         '#     doesn't match '(?^u:Checkouts \(1\))'
 t/db_dependent/selenium/basic_workflow.t .. 14/22 #   Failed test at t/db_dependent/selenium/basic_workflow.t line 256.
 #                   '
 #
 #             Checkouts (1)
 #
 #         '
 #     doesn't match '(?^u:Checkouts \(2\))'
 t/db_dependent/selenium/basic_workflow.t .. 16/22 #   Failed test at t/db_dependent/selenium/basic_workflow.t line 256.
 #                   '
 #
 #             Checkouts (2)
 #
 #         '
 #     doesn't match '(?^u:Checkouts \(3\))'

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 4e166e07c1)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 5d73ff2da1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:30:21 +00:00
19f79fa606 Bug 34755: Backport Koha::Token change from bug 34478
This change includes the Koha::Token changes which uses
Koha::Session for generating and checking CSRF tokens.

0. Apply the patch and koha-plack --restart kohadev
1. Setup Keycloak OIDC SSO according to "Testing SSO"
wiki guide
2. In a regular window go to http://localhost:8080
3. In a private window go to http://localhost:8080 and click
the SSO "Log in with..." button, but don't log into Keycloak
4. In the regular window, login locally, and navigate to 5-6 pages
5. In the private window, log into Keycloak
6. Note that you are redirected back to Koha and logged in
successfully (no wrong_csrf_token error).

Signed-off-by: Olivier Hubert <olivier.hubert@inlibro.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 46c0419a11)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:26:05 +00:00
a121f21c08 Bug 35955: Add tests
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0631153f06)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 97026a069d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:23:37 +00:00
7c9151e8ae Bug 35955: Cache CSRF token in template plugin
This change uses the Koha::Cache::Memory::Lite cache to
cache the CSRF token, so that it is only generated once,
and is re-used by the Koha::Template::Plugin::Koha object
throughout the entire template processing for the HTTP request.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 108c955eac)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 222777ba98)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:23:36 +00:00
a69ff262bf Bug 36066: (follow-up) Move 403 to 409 when status ne cancelled
Test plan:
Run t/db_dependent/api/v1/acquisitions_orders.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 4032da3f96)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit e0f35d65e2)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:21:31 +00:00
469ce36cda Bug 36066: Only allow cancelled order deletion in API
Note: I had trouble with listing orders in API without
status, although formally not required according specs.

Test plan:
Run t/db_dependent/api/v1/acquisitions_orders.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit dcbda39c0a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 1c556d6ed1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:21:31 +00:00
54e962bdfb Bug 36066: Add tests
Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] As Victor discovered, the test with status new in subtest
'delete' needed the authorised user now.

Test plan:
Run t/db_dependent/api/v1/acquisitions_orders.t
Without the follow-up patch this should FAIL.

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8bb61c4f88)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 1bc64dcef4)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:21:31 +00:00
ec2c6a1deb Bug 35983: Remove extra selected=selected from dropdown menu
To test:
1. Admin > Circ & fine rules
2. Select a library at the top of the forms ( #selectlibrary )
3. Try to change the 'Refund lost item replacement fee' to "Refund lost item charge (only if unpaid)".
4. Press save and let the page reload.
5. Look at the dropdown again, the value is now set to "Refund lost item charge and restore overdue fine".
6. APPLY PATCH
7. Try steps 2 - 5 again but this time the value in the dropdown should not change.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit af5453bbd2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit fdc2bbb76f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:19:38 +00:00
Shi Yao Wang
f94b6895f1 Bug 35916: Purchase suggestions bibliographic filter should be a "contains" search
Make all bibliographic information fields filter do a contain match
rather than an exact match

Test plan:
1. Create a purchase suggestion with a multi-word title (e.g. one day in december)
   1.1. Go to Acquisitions > Suggestions > New purchase suggestion
   1.2. Enter a title (e.g. one day in december)
   1.3. Click on Submit your suggestion

2. Search for one of the words in the title
   2.1. In the "Filter by" section, click on Bibliographic information
   2.2. In the title field, enter one of the words of the title (e.g. december)
   2.3. Click Go
   --> No results

3. Apply the patch
4. Redo step 2 and notice there is now a valid result

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3d7ea3bd99)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 8644a1165f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:18:53 +00:00
b846322c5d Bug 36103: Remove the "Cancel hold" link for item level holds
This link is broken and doesn't make sense from a UI/UX perspective
and thus should be removed.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit c91a43ca1f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit de4f54b3fa)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:16:37 +00:00
Shi Yao Wang
cd533cb16a Bug 35911: Make archived suggestions not show in patron's account
Remove archived suggestions in patron's account page

Test plan:
1. Go to a patron's account in the staff interface
2. Go to the Suggestions tab
3. Click New purchase suggestion and create a suggestion
4. In another browser tab, go to Acquisitions > Suggestions
5. Click the small arrow next to the edit button to the right of the suggestion, and choose Archive (alternatively, check the suggestion's box and click Archive selected)
   --> Suggestion disappears from the suggestions management page (OK)
6. Go back to the tab with the patron's account and refresh
   --> Suggestion is still visible
7. Apply the patch
8. Redo step 6 and notice the suggestion is not visible anymore
9. Redo step 4 and 5 but this time, unarchiving the suggestion
10. Redo step 6 and notice the suggestion is back

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit ac71adbd23)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit d35481b1ab)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:02:57 +00:00
Laura Escamilla
a6346c7e58 Bug 36004: Fixed typo in successfully
To test:

1. Turn on the syspref 'OpacCatalogConcerns'

2. Go to view a record in the OPAC and click on "Report a concern" in
   the column located on the right-hand side.

3. Fill out the title on the form and leave everything else the same.
   Click on submit and notice that the message on the screen says "Your
   concern was sucessfully submitted."

4. Apply the patch.

5. Submit a new concern. Notice that the text now has "successfully"
   spelled correctly.

6. Sign off and have a great day! :D

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 6bf839d892)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 17ba879fec)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:00:28 +00:00
Laura Escamilla
06bd7ef127 Bug 36005: Fixed typo in "Your concern was successfully submitted." text
To test:

1. Turn on the syspref 'CatalogConcerns'

2. Go to view a record in the staff intranet and click on "New catalog concern" which is located in the "+New" dropdown.

3. Fill out the title on the form and leave everything else the same. Click on submit and notice that the message on the screen says "Your concern was sucessfully submitted."

4. Apply the patch.

5. Refresh the page and submit a new concern. Notice that the message now has "successfully" spelled correctly.

6. Sign off and have a wonderful day! :D

Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 0fcf48c55f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 72dd84251e)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 20:59:12 +00:00
Raphael Straub
7f1b178fe8 Bug 36032: Use a single angle in the "Next" button
The "Next" pagination button in the OPAC result list has a double angle
whereas the "Previous" button only has a single angle. This patch fixes
that error.

To test:
1) Do a search in the OPAC with more than one page of results.
2) Observe that the "Next" button has a double angle whereas the
   "Previous" button has only a single angle.
3) Apply the patch.
4) Repeat steps 1 and 2.
5) Verify that the "Next" button now has a single angle.

Sponsored-by: Karlsruhe Institute of Technology (KIT)
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 7c1ce64593)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 0e511dffcf)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 20:56:47 +00:00