To test:
1) Go to Tools -> Upload local cover image
2) Select an image and click Upload file
3) Notice Process images button looks different to Upload file button
4) Apply patch and refresh page
5) Follow steps 1-3 again and notice the changed styling of the buttons
Sponsored-by: Catalyst IT
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds datatables to the upload results table.
Tools -> Upload
To test:
1) Go to Tools -> Upload
2) Put any search term in search box, click Search
3) Confirm table shows as datatable and sorting works on all columns
EXCEPT Actions
Sponsored-by: Catalyst IT
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If no item is modified, the result page of Batch item modification says:
"item(s) modified (with fields modified)."
The message should be: "No items modified"
To reproduce:
- Go to Tools -> Batch item modification
- Put a barcode in and click Continue
- Do not make any changes and/or deselect all item(s)
- Click "Save"
=> Result message reads: "item(s) modified (with fields modified)."
To test:
- Apply patch
- Repeat steps above
- Verify that message makes sense.
NOTE: Also tested positive case with actual field change.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The field opac_news.new is very confusing and should be renamed.
If you want to access it via Koha::NewsItem you will have trouble:
use Koha::News;
my $news_item = Koha::News->next;
say $news_item->new;
=> Attempt to bless into a reference at /home/vagrant/kohaclone/Koha/Object.pm line 78.
This patchset is going to rename this DB field to opac_news_content instead.
Since the opac_news.new can be used in notice templates, we need to warn the
user during the update DB process that some templates must be updated.
Test plan:
0/ Apply the first patch "Add a test to highlight the issue" and confirm that
the test fail
1/ Apply this second patch
2/ Execute the DB entry
3/ Confirm that you get a warning if at least one of your notice templates is
using opac_news.new
4/ Confirm that the test new pass
5/ Add/update and delete a news
6/ Confirm that the RSS new feed still works as expected
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The get routine actually returns records from uploaded_files. It should be
possible to replace its calls by direct calls of Koha::UploadedFiles.
This patch is the crux of this patch set. It deals with all scripts that
use Koha::Upload.
In the process we do:
[1] Add a file_handle method to Koha::UploadedFile. This was previously
arranged via the fh parameter of get.
[2] Add a full_path method to UploadedFile. Previously returned in the
path hash key of get. (Name is replaced by filename.)
[3] Add a search_term method too (implementing get({ term => .. }).
This logic came from _lookup.
[4] Add a keep_file parameter to delete method. Only used in test now.
Test plan:
[1] Run t/db_dependent/Upload.t
[2] Go to Tools/Upload. Add an upload, download and delete.
[3] Add another public upload , search for it.
Use the hashvalue to download via opac with URL:
cgi-bin/koha/opac-retrieve-file.pl?id=[hashvalue]
[4] Go to Tools/Stage MARC for import. Import a marc file.
[5] Go to Tools/Upload local cover image. Import an image file.
Enable OPACLocalCoverImages to see result.
[6] Test uploading a offline circulation file:
Enable AllowOfflineCirculation, and create a koc file (plain text):
Line1: Version=1.0\tA=1\tB=2
Line2: 2016-11-23 16:00:00 345\treturn\t[barcode]
Note: Replace tabs and barcode. The number of tabs is essential!
Checkout the item with your barcode.
Go to Circulation/Offline circulation file upload.
Upload and click Apply directly.
Checkout again. Repeat Offline circulation file upload.
Now click Add to offline circulation queue.
[7] Connect the upload plugin to field 856$u.
Enable HTML5MediaEnabled.
Upload a webm file via the plugin. Click Choose to save the URL,
and put 'video/webm' into 856$q. Save the biblio record.
Check if you see the media tab with player on staff detail.
(See also: Bug 17673 about empty OPACBaseURL.)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Since delete is not part of the upload process, we will move it now
to Koha::UploadedFile[s].
Deleting the file will be done in UploadedFile.
The (multiple) delete method in UploadedFiles refers to the single delete.
Test plan:
[1] Run t/db_dependent/Upload.t
The warning ("but file was missing") in the last subtest is fine;
the file did not exist. Will be addressed in a follow-up.
[2] Search for uploads on Tools/Upload. Clone this tab (repeat search on
a new tab in your browser).
[3] Delete an existing upload on the first tab.
[4] Try to delete it again on the second tab. Error message?
[5] Bonus points:
Add an upload. Mark the file immutable with chattr +i. Try to delete
the file. You should see a "Could not be deleted"-message.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This followup tweaks some CSS and markup in order to correct conflicts
between default Bootstrap styles and the expected (previous) style of
the staff client. Included:
- Corrections to the widths of some modals.
- Corrections to the style of the <pre> tag, seen often in MARC preview
modals.
- Corrections to the default active and hover states for dropdown menus.
To test, apply the patch and view various pages which use Bootstrap
modals, confirming that they look correct.
- Add order from staged file MARC preview
- Add order from external source MARC preview
- Cataloging record merge MARC preview
- Batch record modification MARC preview
- Authorities Z39.50 search MARC preview
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Confirm that I have not missed any places where there is 'loading-small.gif'
Have amended patch to not include OPAC changes from previous patch.
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 14610 revised staff-global.css so that the "holdcount" class was
renamed "number_box." That's good. It's good to have something more
generic since the class is used in multiple places.
The problem is that there are still several instances of the "holdcount"
class in the templates which should have been updated at the same time
to say "number_box." Those instances are now unstyled.
Test Plan:
1) Apply this patch
2) Check that the holds count on catalogue/detail.pl is styled
3) Check that the patron modifications count on members/member.pl is styled
4) Check that the pending comments count on tools/tools-home.pl is styled
5) Check that the pending tags count on tools/tools-home.pl is styled
Signed-off-by: Chris Kirby <christopherlawrencekirby@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
C4::Koha::getframeworks returned a hashref of biblio frameworks.
It was mainly used to generate the dropdown list of frameworks.
The scripts modified in this patch did not necessary order the element
by description (frameworktext), the displays were not consistent from
one screen to another.
Using the same search method everywhere:
Koha::BiblioFrameworks->search({}, { order_by => ['frameworktext'] });
We will know always get the framework in the same order.
Test plan:
Following the different pages modified by this patch, and make sure the
frameworks are displayed correctly in the dropdown list:
1/ acqui/z3950_search.pl - Create an order from an external source.
2/ admin/fieldmapping.pl - Define some mappings keyword / MARC field
3/ admin/marctagstructure.pl - On the MARC frameworks admin page, select
another framework than the default one and click on the 'Search' button
4/ catalogue/MARCdetail.pl - On the MARC defail page, change the
framework you want to use to display the record
5/ cataloguing/addbiblio.pl - Add or edit a biblio record, change its
framework. When editing, the framework of the record should be selected
by default
6/ cataloguing/addbooks.pl - Go on the cataloguing home page and click
on the "New record" button. You should see all the frameworks
7/ cataloguing/merge.pl - Select 2 biblio records to merge. On the first
step (select the merge reference), you should be allowed to select the
framework to use.
8/ tools/inventory.pl - On the inventory page, the "Item statuses" part
should be populated as before this patch
9/ tools/manage-marc-import.pl - Stage records for import. Before
importing them into the catalog, you should see the framework dropdown
list.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Works Ok.
No errors
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
With this patch it will be possible to send order information
to the vendor by e-mail. For now this feature can be triggered
manually with a button before closing the basket.
The order e-mail is based on the acquisition claim feature, but
uses a new notice template.
Test plan:
1) Vendors
A new checkbox "Contact when ordering?" was added to the vendor
page.
- Add a vendor and/or edit an existing vendor
- Verify the new option is saved correctly
- Verify the new option displays on the vendor summary page
after saving
2) Notices
The feature works with a new notice template: ACQORDER
It works with the same formatting/fields etc. as the acq claim
notice.
- Add a new notice template ACQORDER in module
'Claim/order aquisition'
- Make sure to use fields from the various offered tables
in your notice
- Verify it is saved correctly
3) Basket
- Turn on LetterLog system preference
- Create multiple order lines
- Click the 'Send order' button in the toolbar
- Verify error or success message
- Verify you received the e-mail
- Verify there is a new entry with about the sent
notice in your action_logs table
4) Regression testing...
- Verify order claims still work
- Verify serial claims still work
- Verify new serial issue notices still work
...
(I can provide additional test plans if needed)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch removes event attributes from several tool-related templates.
Events are defined instead in the JavaScript.
To test, apply the patch and:
- Go to Tools -> Label creator -> Manage -> Layouts and edit any layout.
- In the "Font" setting, choose any font which includes the word
"italic" or "oblique" in the name. Doing so should disable the
"Oblique title" checkbox.
- Go to Tools -> Batch patron deletion/anonymization.
- Submit the form without making any changes. You should be prompted
to select an action.
- Go to Tools -> Inventory.
- Select a batch of barcodes to upload.
- Submit the form without selecting any filters. This should trigger a
warning.
- Also changed: Added Font Awesome icons to the "Select all" and
"Clear all" links on the inventory results view.
- Go to Tools -> Notices and Slips.
- Click "New notice"
- Change the selection under "Koha module." The page should reload
with the correct available message body fields. For instance,
selecting "Holds" should make available reserves.* columns.
- Go to Tools -> Upload.
- In the search form, enter a search term and click the 'Search'
button. The form should submit.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised. Event attributes removed
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If an attacker can get an authenticated Koha user to visit their page
with the
url below, they can change or delete patrons' images
/tools/picture-upload.pl?op=Delete&borrowernumber=42
Test plan:
1/ Hit /tools/picture-upload.pl?op=Delete&borrowernumber=42
And confirm that you get a "Wrong CSRF token" error
2/ Go on the patron detail page with a patron's image
3/ Click on the Delete link (note the csrf_token param)
4/ The image will be deleted and you are redirected to the patron detail
page.
Regression tests:
Upload an image from the patron detail page and from the "upload patron
images" tool.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To reproduce:
1/ cp your_image.jpg 'test<svg onload=alert(1)>.jpg'
2/ Use the upload picture tool to upload this file
=> Without this patch, the alert is show
=> With this patch, the filename is correctly displayed and no alert
Note that the cardnumber var was not escaped neither, it's now.
Signed-off-by: Colin Campbell <colin.campbell@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds the same change as the previous one to the batch patron
deletion tool.
If the pref TrackLastPatronActivity is enabled, the librarians will be
able to delete patrons who do not have been connected since a given
time.
Test plan:
Define a date for the "who have not been connected since" options and
confirm that it works as expected.
Sponsored-by: BULAC - http://www.bulac.fr/
Signed-off-by: Nicolas Legrand <nicolas.legrand@bulac.fr>
https://bugs.koha-community.org/show_bug.cgi?id=12276
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch changes the display of informational messages during and
after the batch record modification process. Instead of showing a
separate dialog for each record modified, messages are now grouped into
one dialog.
To test, apply the patch and clear your browser cache if necessary. You
must have at least one MARC modification template defined.
- Go to Tools -> Batch record modification.
- Submit a list of biblionumbers which contains at least one number
which doesn't exist in your database.
- Confirm that warning and success messages are grouped instead of
showing in separate dialogs.
- Submit a list of biblionumbers using a MARC modification template
which contains no actions. Confirm that the resulting error message is
correctly formatted.
Revision formats the error messages without the unordered list, which
was giving them padding which didn't look correct inside a dialog.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Edit for QA: Removed obsolete changes to CSS.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
It's easier to use jQuery selector to know if checkboxes are checked.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The reason this happens is because the page will say success when the
total number of records given equals the total number of successful
deletions. If you pass in no records, there are no successful deletions
--> 0 = 0 --> it thinks it has been successful. This patch adds a check
that validates if any checkboxes were selected before submitting the
final form.
I have removed the check for if any records were selected AFTER the form
has been submitted because it seemed unnecessary if the form can't be
submitted without selection of records anyway.
To test:
1) Go to Tools -> Batch record deletion
2) Put in a record number and click Continue
3) Deselect the record so that it doesn't actually delete and click
Delete selected records
4) Page says 'All records have been deleted successfully!'
5) Apply patch. Go back and repeat step 3
6) Form should not submit and you should receive an alert saying that no
records have been selected.
7) If you try selecting and deleting a record after this alert, it
should still work
Note: Have also changed the wording of error in Step 1 when you are
entering record numbers to delete.
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To test:
1) Go to Tools -> Koha News
2) Click 'Delete selected' button without selecting anything
3) Notice you are asked to confirm if you would like to delete ... but
you didn't choose anything to delete
4) Apply patch and refresh page
5) Click 'Delete selected' button without selecting anything
6) Should see alert.
7) Select one or more news items to delete and click 'Delete selected'
button
8) Should be asked to confirm
9) Confirm that the delete works as expected
Sponsored-by: Catalyst IT
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch removes the column heading and makes all links show as font
awesome buttons. I have also changed the wording from Preview MARC to
Show MARC to shorten the button and be consistent with other places in
Koha
To test:
1) Go to Tools -> Batch record modification
2) Put in some record numbers and click Continue
3) Ensure column heading 'Preview' no longer shows, and buttons are
showing with an appropriate icon. Confirm button still works as
expected.
4) Confirm button does not wrap on narrower browser
Sponsored-by: Catalyst IT
Works as described
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch revises the batch patrons modification template, removing
"onclick" attributes from the markup and defining those events in the
script.
To test you should have at least one extended patron attribute
configured.
- Apply the patch and go to Tools -> Batch patron modification.
- Submit a batch of patrons for modification.
- Confirm that the checkbox next to any required field is disabled.
- Select a date in the registration date and expiry date fields. Confirm
that the "Clear" link next to each empties the correct field.
- Click "New" next to a patron attibute. A copy of the patron attribute
line should be created.
- Click "Delete" next to a cloned patron attribute. The correct line
should be removed.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch revises the manage staged MARC records template, removing
"onclick" attributes from the markup and defining those events in the
script.
To test, apply the patch and go to Tools -> Manage staged MARC records.
- If necessary, stage a MARC file for import.
- Click the name of the staged file and then the "Import this batch into
the catalog" button. The batch should be correctly imported.
- Return to the list of staged MARC files.
- Click the name of an imported file and then the "Undo import into
catalog" button. The import should be reverted.
- Return to the list of staged MARC files.
- Click the "Clean" button for any record. Confirm that the batch is
cleaned.
- For any cleaned record, click the "Delete" button. The batch should be
deleted.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
QA revision: Corrected class name so that "delete" button triggers the
correct warning.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Hard to miss that one:
Template process failed: plugin error - Bareword "C4::Branch::onlymine" not allowed while "strict subs" in use at Koha/Template/Plugin/Branches.pm line 59.
Compilation failed in require at /usr/lib/perl5/Template/Plugins.pm line 206.
Removed OnlyMine from Plugin/Branches. Replaced by a template var in
cleanborrowers; it was used only once.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This is the fourth and last patch set to remove C4::Branch.
The real purpose of this patch is to standardise and refactor some code
which is related to the libraries selection/display.
Its unconfessed purpose is to remove the C4::Branch package.
Before this patch set, only 6 subroutines still existed in the C4::Branch
package:
- GetBranchName
- GetBranchesLoop
- mybranch
- onlymine
- GetBranches
- GetBranch
GetBranchName basically returns the branchname for a given branchcode.
The branchname is only used for a display purpose and we don't need to
retrieve it in package or pl scripts (unless for a few exceptions).
We have a `Branches` template plugin with a `GetName` method which does
exactly this job.
To achieve this removal, we will use this template plugin and delete the
GetBranchName from pl and pm files.
The `Branches.all()` will now select the library of the logged in user
if no `selected` parameter has been passed.
This new behavior could cause regressions, for instance there are some
places where we do not want an option preselected (batch item
modification for instance), keep that in mind when testing.
GetBranchesLoop took 3 parameters: $branch and $onlymine.
The first one was used to set a "selected" flag, for a display purpose:
select an option in the libraries dropdown lists.
The second one was useless: If not passed or set to 0, the
`C4::Branch::onlymine` subroutine was called.
This onlymine flag was use to know if the logged in user was able to see
other libraries infos.
A patron can see the infos from other libraries if IndependentBranches
is not set OR if he has the superlibrarian permission.
Prior to this patch set, the "onlymine test" was done on different
places (neworderempty.pl, additem.pl, holidays.pl, etc.), including the
Branches TT plugin. In this patch set, this test is only done on one
place (C4::Context::only_my_library, code moved from
C4::Branch::onlymine).
To accomplish the same job as this subroutine, we just need to call the
`Branches.all()` method from the `Branches` TT plugin. It already
accepts a `selected` parameter to set a flag on the option to select.
To avoid the repetitive
[% IF selected %]<option selected="selected">[% ELSE %]<option>[% END %]
pattern, a new `html_helpers` TT include file has been created, it
defines an `options_for_libraries` block, which takes a `selected`
parameter. We could imagine to use this include file for other
selects.
The 'mybranch` and `onlymine` subroutines of the C4::Branch package have
been moved to C4::Context. onlymine has been renamed with
only_my_library. There are only 4 occurrences of it, against 11 before
this patch set.
There 2 subroutines are Context-centric and it makes sense to put them
in `C4::Context` (at least it's the least worst place!)
GetBranches is the tricky part of this patch set: It retrieves all the
libraries, independently of the value of IndependentBranches.
To keep the same way as the existing calls of `Branches.all()`, I have
added a `unfiltered` parameter. If set, the `Branches.all()` will call
a usual Koha::Libraries->search method, otherwise
Koha::Libraries->search_filtered will be called. This new method will
check if the logged in user is allowed to see other libraries or only
its library.
Note that this `GetBranches` subroutine also created a `category` key:
it allowed to get the list of groups (of libraries) where this library
existed. Thanks to a previous patch set (bug 15295), this value was
not used anymore (I may have missed something!).
Note that the only use of `GetBranch` was buggy (see bug 15746).
Test plan (for the whole patch set):
The best way to test this whole patch set is to test with 2 instances: 1
with the patch set applied, 1 using master, to be sure there is no
regression.
It would be good to test the same with `IndependentBranches` and the
without `IndependentBranches`.
No difference should be found.
The tester must focus on the library dropdowns on as many forms as
possible.
You will notice changes in the order of the options: the libraries will
now be ordered by branchname (instead of branchcode in some places).
A special attention will be given to the following page:
- acqui/neworderempty.pl
- catalogue/search.pl
- members/members-home.pl (header?)
- opac/opac-topissues.pl
- tools/holidays.pl
- admin/branch_transfer_limits.pl
- admin/item_circulation_alerts.pl
- rotating_collections/transferCollection.pl
- suggestion/suggestion.pl
- tools/export.pl
Notes for QA:
- There are 2 FIXMEs in the patch set, I have kept the existing behavior,
but I am not sure it's the good one. Feel free to open a bug report and
I will fill a patch if you think it's not correct. Otherwise, remove the
FIXME lines in a follow-up patch.
- The whole patch set is huge and makes a lot of changes.
But it finally will tremendously reduce the number of lines:
716 insertions for 1910 deletions
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In order to remove accessibility issues due to the readonly attributes
on date inputs, this patch will remove them and introduce a javascript
validation on them.
This patch is not perfect for some reason:
I didn't manage to force the user to select a valid date. One solution
would be to reopen the datepicker plugin until a valid date is inserted.
But it could be annoying for users (and for me: I did not manage to
implement this solution).
You will note that input is emptied if the date is not valid. This is a
quick and efficient solution to prevent submitting invalid date and make
Koha explodes. A proper solution would be to implement the check server
side send a friendly message to the user.
Test plan:
For all inputs, try an invalid and a valid date.
1/ Debar a patron
2/ On the checkout tables (circulation and moremember), add a renewal
due date (at the bottom of the tables)
3/ On the checkout page, specify a due date
4/ On the return page, specify a return date
5/ On the invoice page (acquisition module), enter a shipment and
billing date
6/ On the invoice search page (invoices.pl) use filters shipment and
billing dates
7/ On the offline circ page, specify a due date
8/ On the edit patron page (memberentry), add a debarment
9/ On the reserve page (reserve/request.pl), use the date inputs to
suspend until a defined date
10/ Edit patrons in a batch (tools/modborrowers.pl) and use the
registration and expiry date inputs
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
use it on cataloguing and batch items edit pages
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch makes the following changes:
[1] Based on the groundwork of the former patch, add call to
RecordsFromMARCXMLFile in stage-marc-import. Use format param.
[2] Add format to the template. Use file extension to determine.
If you use .xml or .marcxml as extension, MARCXML is selected.
[3] In stage-marc-import.tt mark UTF-8 encoding as UTF-8 not as utf8.
[4] BatchStageMarcRecords: do not call plugin if you have no records.
[5] RecordsFromISO2709File: also return errors in an array.
[6] In misc/stage_file.pl also use UTF-8. Handling of errors from [5].
Test plan:
[1] Import an empty file as MARC or MARCXML (with Tools/Stage..import).
[2] Import an non-empty file with invalid contents as MARC or MARCXML.
[3] Export a few records with Tools/Export as MARC and MARCXML.
[4] Import these two files. Check selected format versus file extension.
[5] Import a MARCXML file with misc/stage_file.pl.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds the Branches template plugin to the overdue notice
triggers template so that the library name can be shown instead of the
branchcode.
Also changed: Updated page title to match the name used in tools menus.
To test, apply the patch and go to Tools -> Overdue notice/status
triggers.
- Select a library.
- When the page reloads, the 'Defining overdue actions for...' and
'Rules for overdue actions: ' headings should show the library name
instead of the branchcode.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If an attacker can get an authenticated Koha user to visit their page
with the url below, they can change patrons' information
The exploit can be simulated triggering
/tools/import_borrowers.pl?uploadborrowers=42
In that case it won't do anything wrong, but it you POST a valid file,
it could.
Test plan:
Trigger the url above
=> Without this patch, you will the result page
=> With this patch, you will get the "Wrong CSRF token" error.
Regression test:
Import a valid file from the import patron form, everything should go
fine.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch makes the bulk patron delete/anonymize functionality be limited
by branch. It does so by adding a branch selection dropdown and using the
already defined APIs for filtering by branch.
It makes use of C4::Branches::onlymine for the IndependentBranches use case
and it adds a way to call it from the Branches template plugin.
To test:
- Apply the patch
1) Have a superlibrarian user
- Go to Tools > Batch patron deletion/anonymization
=> SUCCESS: Verify you can pick a branch (or all of them)
- Try doing some operations
=> SUCCESS: Verify the selection is respected, and carried around all steps
2) Have a user with tools/delete_anonymize_patrons permissions
- Set IndependentBranches on
- Go to Tools > Batch patron deletion/anonymization
=> SUCCESS: It picks the librarian's branch and doesn't let us choose another one
- Try doing some operations
=> SUCCESS: Verify the user's branch is respected, and carried around all steps
- Sign off :-D
Sponsored-by: VOKAL
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds logging for several holds actions. Specifically for:
- CREATE
- CANCEL
- DELETE
- RESUME
- SUSPEND
- MODIFY
To test:
- Enable the HoldsLog syspref
- Add a hold on a record/item
=> SUCCESS: The log view shows the CREATE action
- Click on the <Suspend> button
=> SUCCESS: The log view shows the SUSPEND action
- Click on the <Unsuspend> button
=> SUCCESS: The log view shows the RESUME action
- Click on the red cross, to delete the hold
=> SUCCESS: The log view shows the CANCEL action
Note: The DELETE action is logged when DelMember is called, with bug 16819 patches applied.
Sponsored-by: NEKLS
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
I also wonder about this going in defaulted on, but since the other logs are as well it seems ok to me.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch introduces the 'interface' filter to the log viewer.
To test:
- Apply the patch
- Open the log viewer
=> SUCCESS: As default, 'All' interfaces are chosen. OPAC, Intranet and SIP are presented
- Do a lot of log searches, verify that the interface column shows what is expected.
=> SUCCESS: The chosen 'interfaces' are kept when rendering results.
Sponsored-by: NEKLS
Signed-off-by: Nicole C Engard <nengard@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch clarifies the note on the upload tool
that states that no categories are defined.
To test:
* Log in to Koha
* Confirm that you have no values set for the UPLOAD
authorized value category
* Visit Tools > Upload
* Check the warning note for typos
* Add a authorized value category for UPLOAD
* Visit Tools > Upload
* Confirm that note is replaced
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Test plan:
Hit /tools/viewlog.pl?do_it=1&modules=CATALOGUING&action=MODIFY&object=<script>alert("XSS")</script>
=> Without this patch you will see the alert
=> With this patch, no more alert
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
1/ If a librarian edit (add_validate) a non-existing csv profile, we
explicitely die
2/ If you try to delete a non-existing csv profile, you will now get a
nice alert box
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This page was inconsistent with the other admin and tool pages.
The 2 tabs 'New profile' and 'Edit existing profile' were useless, the
ergonomic needs to be revisited.
This patch applies the same script/page structure as others: by default
a table containing all csv profiles is displayed with 2 action links:
edit and delete.
Test plan:
1/ Create 1+ CSV profiles, with different types (marc and sql)
2/ Update some values using the Edit link
3/ Delete a CSV profile
Note: When deleting a CSV profile, it would be great to warn the user if it is
used.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
No problems on create, update and delete.
No errors
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To test:
1 - Select a batch of patrons (via list, saved file, and cardnumber
entry)
2 - Verify you cannot edit 'opacnotes' field, nor can you see
'borrowernotes' field in table, though you can edit it
3 - Verify editing works as expected
4 - Apply patch
5 - Select a batch via each method as above
6 - Note both note columns display in table
7 - Note that you can edit or clear the opacnotes field as expected
8 - Verify other feautres work as previously
Sponsored by:
Lancaster Theological Seminary (https://lancasterseminary.edu/)
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch updates the style of progress bars to make them a little
nicer. Progress bars in the staff client are not built in a consisten
way. Some have been updated to use the <progress> element and some have
not. This patch improves some styling common to both kinds.
Other changes:
- Redundant in-page CSS has been removed from many pages.
- An invalid "min" attribute has been removed from several instances of
<progress>.
- Corrected capitalization.
- Fixed incorrectly quoted attributes.
- Added missing form "action" attributes.
To test, clear your browser cache if necessary. Apply the patch and
test uploads on the following pages:
- Circulation -> Offline circulation file upload
- Tools -> Batch item modification
- Tools -> Batch record modification
- Tools -> Stage MARC records for import
- Tools -> Manage staged MARC records
- Tools -> Upload local cover image
- Tools -> Upload
In all cases, progress bars should look improved and work correctly.
Test Tools -> Batch item deletion. Unused background job handling markup
has been removed. Deletion processing should work correctly.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Format message as proposed in comment #8
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To reproduce:
- Go to Tools->Batch patron modification
- Submit without filling any of "Use a file", "Or use a patron list",
"Or list card numbers..." or use a patron lists with zero members
Result: Screen without any information
To test:
- Apply patch
- Repeat steps above
- Verify that you get a nice message
- Verify that the tool works as before
- with invalid card numbers only
- with valid and invalid card numbers
- with valid card numbers only
Signed-off-by: Srdjan <srdjan@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To test:
1) Go to Tools -> Staged MARC Management and clean a file. If you have no files to clean, go to 'Stage MARC for import' and upload one to clean following the necessary steps.
2) Confirm that once the file has been cleaned, the Action column now shows a Delete button. Confirm this button only shows for cleaned files.
3) Click the Delete button.
4) Confirm that clicking Cancel exits the pop-up message and does not delete the file.
5) Confirm that clicking OK refreshes the list of staged records and the one you just deleted is no longer on it (has been deleted). You can confirm this by checking for the file in mysql (SELECT * FROM import_batches WHERE import_batch_id = X;)
6) Run prove -v t/db_dependent/ImportBatch.t (have written unit tests for CleanBatch and DeleteBatch)
Sponsored-by: Catalyst IT
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Catalyst sign off, so needs another one but YAY this is great.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Add Font Awesome Icons to "Select/Clear all" links to:
modborrows.tt (Batch patron modification) and result.tt (Search results)
To test:
-Apply on top bugs 16469 and 16494
-Goto Batch patron modification
-Create a new batch patron or select one patron list
-See the new icons for "Select all" and "Clear all"
-Do a search and see the new icons in Search results page
Followed test plan, icons display as expected
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch removes the use of "onclick" from several templates, instead
defining click events in JavaScript.
Also changed: Some markup corrections.
To test, apply the patch and:
- Go to Circulation -> Upload offline circulation file
- Browse for an offline circulation file.
- Clicking the 'Upload file' button should work correctly.
- After uploading a file, both the 'Add to offline circulation
queue' and 'Apply directly' buttons should work to trigger their
corresponding processes (keeping Bug 16603 in mind).
- Go to Patrons -> Patron lists.
- For any patron list containing patrons, click the 'Print patron
cards' menu item. This should trigger a modal window which exports
the correct list.
- Go to Tools -> Batch item modification.
- Submit a batch of items for modification.
- Clicking the 'Save' button should trigger the background job and the
items should be successfully modified.
- Go to Tools -> Batch item deletion.
- Submit a batch of items for deletion.
- Clicking the 'Delete' button should trigger the background job and
the items should be successfully deleted.
- Go to Tools -> Calendar.
- Trigger the 'Add new holiday' panel by clicking a day on the
calendar which has no holiday defined.
- Clicking the 'Cancel' link should hide the panel.
- Trigger the 'Edit this holiday' panel by clicking a day which has a
holiday defined.
- Clicking the 'Cancel' link should hide the panel.
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Everything works as previously.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
