Commit graph

25 commits

Author SHA1 Message Date
Jonathan Druart
e20270fec4 Bug 11944: use CGI( -utf8 ) everywhere
Signed-off-by: Paola Rossi <paola.rossi@cineca.it>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Dobrica Pavlinusic <dpavlin@rot13.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
2015-01-13 13:07:21 -03:00
Meenakshi.R
0005f6bad3 Bug 7639: add option to forgive overdue fines when declaring items lost
This patch adds functionality to forgive overdue fine when an item is
set to lost status.  Fines are forgiven only when the syspref
WhenLostForgiveFine is set to yes. Item can be set to lost status from:

- catalogue/moredetail.pl
- cataloguing/additem.pl
- tools/batchMod.pl
- misc/cronjobs/longoverdue.pl

Changed subroutine C4::Circulation::LostItem to forgive fines on the
item depending on the value of syspref WhenLostForgiveFine. This
routine is currently used to return an item and charge a replacement
cost.

Also added a new syspref in C4::Circulation::LostItem -
WhenLostChargeReplacementFee.  The replacement fee will now be charged
only if this syspref is set to yes.  The default value of the
WhenLostChargeReplacementFee is yes, meaning that current behavior
will not change during upgrade.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Alex Hatley <alexh@cctexas.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Testing notes on last patch in series.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-09-17 15:10:46 +00:00
dbaefb626c Bug 10550: Fix database typo wthdrawn
This patch updates the wthdrawn field in items and deleteditems to be
withdrawn instead. No functional changes are made.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>

Comment: Save for translation files (that will be fixed on next release),
only occurrence of wthdrawn is on updatedatabase.pl
No koha-qa errors.

This touch many files, and I did not test everything,
but all seems normal. I think that any problem could
be fixed later.

Perhaps both entries in updatedatabase.pl could be joined
into one, but thats for QA.

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
2013-09-08 01:58:41 +00:00
Robin Sheat
4cbeeedbe8 Bug 6296: allow users to be authenticated by SSL client certs
This adds a new syspref: AllowPKIAuth. It can have one of three states:
* None
* Common Name
* emailAddress

If a) this is set to something that's not "None", and b) the webserver
is passing SSL client cert details on to Koha, then the relevant field
in the user's certificate will be matched up against the field in the
database and they will be automatically logged in. This is used as a
secure form of single sign-on in some organisations.

The "Common Name" field is matched up against the userid, while
"emailAddress" is matched against the primary email.

This is an example of what might go in the Apache configuration for the
virtual host:

    #SSLVerifyClient require # only allow PKI authentication
    SSLVerifyClient optional
    SSLVerifyDepth 2
    SSLCACertificateFile /etc/apache2/ssl/test/ca.crt
    SSLOptions +StdEnvVars

The last line ensures that the required details are
passed to Koha.

To test the PKI authentication, use the following curl command:
    curl -k --cert client.crt --key client.key  https://URL/
(look through the output to find the "Welcome," line to indicate that a user
has been authenticated or the "Log in to Your Account" to indicate that a
user has not been authenticated)

To create the certificates needed for the above command, the following series
of commands will work:
    # Create the CA Key and Certificate for signing Client Certs
    openssl genrsa -des3 -out ca.key 4096
    openssl req -new -x509 -days 365 -key ca.key -out ca.crt
    # This is the ca.crt file that the Apache config needs to know about,
    # so put the file at /etc/apache2/ssl/test/ca.crt

    # Create the Server Key, CSR, and Certificate
    openssl genrsa -des3 -out server.key 1024
    openssl req -new -key server.key -out server.csr

    # We're self signing our own server cert here.  This is a no-no in
    # production.
    openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key \
        -set_serial 01 -out server.crt

    # Create the Client Key and CSR
    openssl genrsa -des3 -out client.key 1024
    openssl req -new -key client.key -out client.csr

    # Sign the client certificate with our CA cert. Unlike signing our own
    # server cert, this is what we want to do.
    openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key \
        -set_serial 02 -out client.crt
    openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12
    # In theory we can install this client.p12 file in Firefox or Chrome, but
    # the exact steps for doing so are unclear, and outside the scope of this
    # patch

Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Tested with Common Name and E-mail authentication, as well as with PKI
authentication disabled. Regular logins continue to work in all cases when
SSL authentication is set to optional on the server.

Signed-off-by: Ian Walls <koha.sekjal@gmail.com>
QA comment: synchronized updatedatabase.pl version of syspref with sysprefs.sql
version, to avoid divergent databases between new and upgrading users.
2012-03-19 17:02:44 +01:00
Srdjan Jankovic
1713133fdd bug_5211: LostItem() - added charge_fee param to control fee charging
Pass charge_fee = yes wherever is LostItem() called, which effectively
means tha there's no change.

Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
2011-12-06 11:36:34 +01:00
Srdjan Jankovic
4770555855 bug_5533: Slightly improved marking items as lost
Call LostItem() whenever item is lost.
LostItem() new arg - mark returned.
Disabled Lost Status on catalogue item edit.

Signed-off-by: Nicole C. Engard <nengard@bywatersolutions.com>

For follow up we need to explain how to hide the 952$1 (lost) from
the framework by putting it in the 'ignore' tab.

Signed-off-by: Ian Walls <ian.walls@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-10-18 09:01:39 +13:00
7a587112f0 Fix for Bug 4853 - Rights needed to renew a document
Correcting check for circulation permission. Also updating
updateitem.pl (for setting lost and damaged statuses) with
circulate permissions.

Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
2011-03-06 08:26:35 +13:00
Henri-Damien LAURENT
39d70cf05b MT2938 : Adds a permission for editing items
This patch adds a permission on edit_items

Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
2010-06-03 21:04:01 -04:00
Lars Wirzenius
034e2c1cbb Fix FSF address in directory catalogue/
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
2010-03-16 20:17:49 -04:00
Ryan Higgins
49ffa55a2e Update longoverdue.pl cron job to manage setting lost values.
This patch deprecates the NoReturnSetLost system preference, which, as it
turns out, was not implemented anyway.  New longoverdue script allows one to
specify on the commandline system-wide delays for changing items to different
lost statuses, and optionally charge for the item.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-08-10 15:54:29 -05:00
Joe Atzberger
4227f63313 Corrected wrong number of arguments to getnextacctno.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-05-29 07:04:33 -05:00
078741e657 Adding anchor link to updateitem redirect; Markup corrections for cat_issues_top.tmpl
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-04-10 15:54:07 -05:00
Galen Charlton
9222f7a6ca created old_issues and old_reserves tables
The new tables have the same structure and constraints
as the tables they archive with the following exceptions:

* borrowernumber and biblionumber in old_reserves can be
  NULL
* the FK constraints (e.g., for itemnumber) on old_reserves
  set the child column to NULL if the parent row is deleted
  instead of deleting the child row.
* there is no FK constraint on old_issues.branchcode, allowing
  a branch to be deleted without changing archived requests.

Some miscellaneous cleanup was done as part of this patch:

* GetMemberIssuesAndFines (C4::Members) now uses bind variables
* fixed POD for GetMemberIssuesAndFines

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-15 08:36:31 -05:00
Galen Charlton
46bd98ec44 fixed permissions for updateitem
Per new bug 1783, it would be nice if editcatalogue would
work as well, but a change to the public API of C4::Auth
is needed for that to work.

Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-01-22 22:09:01 -06:00
Joe Atzberger
fa3ac40164 catalogue - exit after redirect in detail.pl and updateitem.pl
Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-01-10 15:36:30 -06:00
Galen Charlton
a4919280d2 quell warning if updating itemnote whose original value is NULL
Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-01-03 16:24:01 -06:00
Galen Charlton
c6c8e80a73 start of BIB change -- introduce C4::Items
Introduced C4::Items module to separate items API
from biblio API.  Details on changes will be
put in later commit messages.

Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-01-03 16:23:12 -06:00
Joshua Ferraro
5c23369af2 Fixing Database Definitions for Statuses *PARTIAL*
Prior to this fix, the status fields had three 'off' values, NULL, "",
and 0. I've reduced it to two in the db, removing the option for NULL, and
setting the default value to 0, however, we need to verify that we don't ever
write out as "" as this needlessly complicates the indexing process,
critical for searching or limiting by status (e.g., availability). Also,
queries that attempt to write a NULL value to one of these fields will fail
(based on my tests).

This patch includes the following changes:

* Updated the database definition for notforloan, damaged, itemlost, and
wthdrawn in kohastructure.sql to forbid NULL and default to 0; MySQL
can't forbid other values (such as empty ""), so this has to be handled
at the application layer and REQUIRES further patching.

* Fixed the 'limit by availability' query node in Search.pm to use a
much less confusing definition of 'available'

* Added code to set values to 0 where they are NULL or empty ( "" ) for
notforloan, damaged, itemlost or wthdrawn in both the MARC and the items
table:

  * Biblio.pm -> AddBiblioAndItems
  * catalogue/updateitem.pl
  * SEE NOTE BELOW, REQUIRES UPDATE TO THE REST OF KOHA'S ITEM MGT!

* Removed code in bulkmarcimport.pl that sets notforloan status depending
  on item-level or bib-level itemtype -- that flag is designed to be set
  only to override the notforloan setting for the item's (or bib's,
  depending on the syspref) assigned itemtype (it doesn't need to override
  to 'for loan', only to 'not for loan').

  added $dbh->do("truncate zebraqueue"); when operation is 'delete'

* I updated some notes in catalogue/updateitem.pl as to why ModItem can't be
used -- we don't have _a_ place where we can change the item and marc :/

  I've tested the following:

  bulkmarcimport.pl..........................MARC/items OK
  Staged Records Import......................NOT OK
  updateitem.pl (via moredetail.pl)..........MARC/items OK
  circulation.pl.............................NOT OK
  returns.pl.................................NOT OK
  addbiblio.pl...............................NOT OK
  additem.pl.................................NOT OK

Basically, there isn't a single place to apply this patch that will
update both item data and MARC data in one place ... a future patch
needs to address this issue.

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-01-03 16:23:04 -06:00
Ryan Higgins
3c63d07909 revert to sql in updateitem.pl
Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2007-12-27 17:22:14 -06:00
Joshua Ferraro
3edaba0cc0 fixes to search results list, ccl.properties tweak
patch updateitem.pl (was failing ... missing 'my')
update OPAC results
fix limit by availability

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2007-12-20 17:35:46 -06:00
Ryan Higgins
f768cd6108 revert to sql in updateitem.pl
Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2007-12-17 08:19:23 -06:00
Ryan Higgins
0734f8fca0 Clean up moredetail.pl and updateitem.pl
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2007-12-12 08:03:10 -06:00
Galen Charlton
8df88ef060 bug 1616: handle NULL in damaged, wthdrawn, or itemlost columns
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2007-11-27 15:52:04 -06:00
Galen Charlton
eb52fe26c3 bug 1616: update bib MARC and zebraqueue on item update
Fixed so that when using updateitem.pl to change an
item's lost, damaged, or withdrawn status, the
bib's MARC XML is updated and an entry is added
to zebraqueue.

As part of the fix, C4::Biblio::ModItemInMarconefield
now works correctly.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2007-11-27 15:51:47 -06:00
Joshua Ferraro
e494fadf0a partial 1481: adding to templates, fixing non-display of data
Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2007-10-06 16:34:56 -05:00
Renamed from cataloguing/updateitem.pl (Browse further)