Commit graph

838 commits

Author SHA1 Message Date
3d385d0e11
Bug 29507: Speed up auto renew cronjob via parallel processing
The cron can take a very long time to run on systems with many issues.
For example, a partner with ~250k auto_renew issues is taking about 9 hours to run.

If we run that same number of issues in 5 parallel chunks
( splitting the number of issues as evenly as possible ), it could take under 2 hours.

Test Plan:
1) Generate a number of issues marked for auto_renew
2) Run the automatic_renewals.pl, use the `time` utility to track how much time it took to run
3) Set parallel_loops to 10 in auto_renew_cronjob section of config in koha-conf
4) Repeat step 2, note the improvement in speed
5) Experiment with other values

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-07-05 15:48:11 +02:00
edc5caf976
Bug 37056: Mount a new intranet_svc api to avoid redirects
When an unauthorized call to svc is made, we use the ErrorDocument middleware to respond with an HTML
page. The API doens't do this, it simply returns its status. We should mount the svc as its own app to avoid
the redirect to HTML for unauthorized responses

To test:
1 - Create a report
2 - Add to IntranetUserJs:
    $(document).ready(function() {
      // Your report ID
      var reportId = '492';

      // Fetch the report
      $.get('/cgi-bin/koha/svc/report?id=' + reportId, function(data) {
        console.log('Kaboom');
      });
    });
3 - Log out
4 - Attempt to login
5 - KO
6 - Apply patch
7 - Reset all (or copy the necessary changes to your plack/apache files)
8 - Generate report and update user js again
8 - Logout, login
9 - Success!

Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-07-02 17:20:37 +02:00
fd7130beca
Bug 37038: (QA follow-up) Replace \> by -gt
Note that -gt is the bash integer comparison and > is the
lexical one:
$ if [ '1' \> '09' ]; then echo true; fi
true
$ if [ '1' -gt '09' ]; then echo true; fi

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Added the dev/null redirection to suppress warn in bin/sh.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-06-28 13:49:23 +02:00
Janusz Kaczmarek
bc92152e2f
Bug 37038: koha-elasticsearch creates a file named 0
After execution of koha-elasticsearch command a file named 0 remains in
the current directory.

Inside the single parentheses, the character '>' is treated as a file
redirection, not as a comparison operator.

Test plan:
==========
1. Have a test installation with Elasticsearch.  As root, perform:
   ./debian/scripts/koha-elasticsearch --rebuild kohadev
   When the command finishes, check the contents of the current
   directory (ls -ltr | tail).  You sould notice a fresh file named '0'
2. Apply the patch. Delete the file named 0.
3. Repeat p. 1.  There should be no file named 0 now.

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-06-28 13:49:23 +02:00
6caedbfc00
Bug 14565: Allow koha-run-backups to backup an instance called demo
We all have a `demo` instance somewhere. It is so weird that the default
script for backing up Koha has a hardcoded exclusion for instances
called like that. This patch fixes that.

To test:
1. Add a demo instance:
   $ ktd --shell
  k$ sudo koha-create --create-db demo
2. Run:
  k$ sudo debian/scripts/koha-run-backups
3. Check the backups:
  k$ ls -l /var/spool/koha/demo/
=> FAIL: No backup for the demo instance
3. Apply this patch
4. Repeat 2
=> SUCCESS: Backup made!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-06-28 13:49:22 +02:00
ce90d65603
Bug 33563: Add comments for Elasticsearch security config
This patch adds some commented Elasticsearch security configuration,
which shows how to use username/password with HTTPS.

Test plan:
0. Apply patch
1. cp debian/templates/koha-conf-site.xml.in /etc/koha/koha-conf-site.xml.in
2. koha-create --create-db test
3. vi /etc/koha/sites/test/koha-conf.xml
4. Note that the comments for userinfo and use_https are in the koha-conf.xml

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Works as advertised.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-06-27 11:49:58 +02:00
8e0d18e35a
Bug 36948: (follow-up) Add chomp to sip log4perl config
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-06-11 08:10:05 +01:00
fcd7e884bc
Bug 36948: (follow-up) Allow IPv[46] in port config
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-06-11 08:10:01 +01:00
c0d76f707b
Bug 36948: (follow-up) Remove log_file param, adjust caller_depth
We keep OPEN when people still use log_file or setsid.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-06-11 08:09:55 +01:00
5dc1ec387d
Bug 36948: Resolve SIP issues in D12
My Koha testing docker SIP started dying repeatedly after launch. After investigation, I
found it was a problem with logging and default ports.

In D12 there is no syslog anymore, everythign uses journal. Four our purposes, lets log SIP issues
to sip.log by default

Attaching a patch to clear things up.

To test:
1 - Open KTD/D12
2 - tail -f /var/log/koha/kohadev/*.log
3 - On another terminal 'restart_all'
4 - Wait a bit, notice SIP dying
5 - Apply patch
6 - Update SIPconfig:
    server-params:
    log_file='/var/log/koha/kohadev/sip.log'
    service with port 8023:
    port="127.0.0.1:8023/tcp"
7 - Restart all
8 - Confirm SIP no longer dies

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-06-11 08:09:43 +01:00
df23f6c345
Bug 36149: Unset userenv from middleware
The userenv (logged in user's info) are stored in
$C4::Context->context->{activeuser}, which persists in plack worker's
memory.
It's really bad in theory as we are not cleaning it before or after the
HTTP request, but only when set_userenv is called (what we are doing
commonly in C4::Auth::get_template_and_user).
If C4::Context->userenv is called before set_userenv we should get undef,
not the userenv from the previous request!
In practice this should not be a problem, but well... who really knows?

This patch suggests to have a middleware to deal with removing the
userenv at the beginning of each request (maybe it should be after, right? - FIXME).

To test:
1 - Edit /etc/koha/sites/kohadev/koha-conf.xml to set <plack_workers>1</plack_workers>
2 - Edit about.pl  and add a line after: CGI->new:
    warn Data::Dumper::Dumper( C4::Cointext->userenv() );
3 - tail -f /var/log/koha/kohadev/*.log
4 - View about.pl in staff interface, should get a "somethign's wrong" warning
5 - Reload, you get current user info
6 - Open an incognito tab, sign in as a different user and click some stuff
7 - Reload about.pl in other window
8 - You get the opac user info
9 - Apply patch
10 - Edit /etc/koha/sites/kohadev/plack.psgi and add the middleware after "RealIP":
     enable "+Koha::Middleware::UserEnv";
11 - Restart all
12 - Reload about.pl - you get a "Something's wrong" warning
13 - Click things in opac on incognito window
14 - Reload about.pl  - only "Something's wrong" - you no longer see any user info

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2024-05-14 15:04:36 -03:00
93a5ec9ca4
Bug 36325: Add --exclude-logs option to koha-run-backups
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-05-13 14:00:07 +02:00
c8bc861ec7
Bug 36325: Add option to koha-run-backups/koha-dump, to exclude logs
Written patch to add flag to both koha-dump and koha-run-backups.

Test plan:
1. do a sudo koha-dump and sudo koha-run-backups and check the contents of the .tar.gz backup in /var/spool/koha/instance/ and verify logs are in there
2. apply this patch
3. this time do sudo koha-dump --exclude-logs and sudo koha-run-backups --exclude-logs and check the contents of the .tar.gz backup in /var/spool/koha/instance and verify nothing from /var/log/koha is in there.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-05-13 14:00:06 +02:00
Michał Kula
9628e6a529
Bug 35812: Fix search URL aliases in Plack Apache config
Mimic missing stuff from apache-shared-opac.conf into apache-shared-opac-plack.conf, where /search and /opac-search.pl aliases were missing.

Note that while RewriteRule applies before reverse proxy directives and works, ScriptAlias applies purely to standard cgi perl scripts, meaning it didn't apply there.

Now it's mimicked analogously to how /index.html is configured.

This patch fixes an issue where someone might have just a reverse proxy to Plack configured without native Perl scripting, where this URL would then otherwise be failing.

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-05-10 14:11:55 +02:00
76504fb6b7
Bug 36788: Update debian/control file
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-05-06 15:04:29 +02:00
Magnus Enger
ccd4738e26
Bug 35954: Add --status to koha-plack
This adds a --status switch to the koha-plack command.

To test on ktd:
- Copy the script to /usr/sbin, so you run the modified script,
  and not the one installed by Koha:
  $ sudo cp debian/scripts/koha-plack /usr/sbin/
- Stop and start Plack for kohadev like so:
  $ sudo koha-plack --stop kohadev
  $ sudo koha-plack --start kohadev
  And make sure this reports the correct status, both when Plack
  is running and when it is not running:
  $ sudo koha-plack --status kohadev
- Make sure --status is mentioned here:
  $ sudo koha-plack --help
- See https://wiki.koha-community.org/wiki/Testing_man_pages for
  details on how to check the manual page for the command

Signed-off-by: Tadeusz Sośnierz <tadeusz@sosnierz.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-05-03 19:31:56 +02:00
149a6da9ec
Bug 35919: Add record sources admin page
This patch introduces a Vue.js based record sources managing page. To
test it:

1. Apply this patch
2. Build the Vue.js stuff:
   $ ktd --shell
  k$ yarn js:build
  k$ restart_all
3. On the staff interface, go to Administration > Record sources
4. Play with the interface and the offered actions
=> SUCCESS: Things go well
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-04-26 17:06:04 +02:00
a6c62f5fd1
Bug 30897: (QA follow-up) Enable graceful restart by default
This patch enabled the restart by default.

After a poll at hackfest24 we opted to enable this by default and the RM
requested I add the patch to the bug so we don't forget ;)

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-04-11 16:53:43 +02:00
dfd72b2929
Bug 30897: Add option to disable automated restart
This patch adds the ability to disable the automated plack restart we
introduce with this patchset via configuration.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-04-11 16:53:42 +02:00
Phil Ringnalda
c52af2cef0
Bug 36531: Serve text/javascript compressed, like application/javascript is
Koha serves static .js files as application/javascript (if /etc/mime.types
says to) and serves them compressed, but output_with_http_headers uses the
currently-correct text/javascript mimetype, and Koha doesn't compress that.

Test plan:
1. Set the preference EnableAdvancedCatalogingEditor to Enable.
2. Open the browser Web Developer Tools to the Network tab
3. Load Cataloging - Advanced editor
4. Click on the line for the framework?frameworkcode=&callback=define load
5. Note the content-type text/javascript, no Content-Encoding line, and
   the size of 1.9MB
6. Apply the patches from bug 36463 if they haven't been pushed, then this
   patch, and reset_all
7. Repeat steps 1-4, and note a Content-Encoding: gzip header and a
   Transferred size around 160KB

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-04-08 15:41:12 +02:00
bccf7764c0
Bug 36463: Compress application/json
This patch simply adds application/json to the mod_deflate configuration

To test:
1 - Open the netowrk tab in firefox
2 - Load http://localhost:8081/api/v1/libraries
3 - Not the transferred size, and note no 'Content-Encoding: gzip" header
4 - Apply patch, reset_all (or edit /etc/koha/apache-shared.conf)
5 - Reload
6 - Note smaller size, note gzip header

Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-04-08 15:41:11 +02:00
10d5f6ef37
Bug 27198: Fix syntax in marc21-retrieval-info-auth-dom.xml
This patch fixes the syntax in marc21-retrieval-info-auth-dom.xml,
so that one can use the Zebra special retrieval elements documented
at https://software.indexdata.com/zebra/doc/special-retrieval.html

These are very useful when troubleshooting issues with authority
records in Zebra.

Test plan (using KTD):
1. yaz-client unix:/var/run/koha/kohadev/authoritysocket
2. Enter these commands:
   . base authorities
   . format xml
   . elements zebra::snippet
   . find e
   . show 1
3. Result = diagnostic message:
     Diagnostic message(s) from database:
        [25] Specified element set name not valid for specified database
             -- v2 addinfo 'zebra::snippet'
4. Apply the patch
5. Copy updated file: sudo cp debian/templates/marc21-retrieval-info-auth-dom.xml
   /etc/koha/marc21-retrieval-info-auth-dom.xml
6. Stop and restart zebra (no need to rebuild the Zebra index):
   . sudo koha-zebra --stop kohadev
   . sudo pkill zebrasrv
   . sudo koha-zebra --start kohadev
7. Repeat commands in step 2.
8. Result from show 1 = XML output:
    Sent presentRequest (1+1).
    Records: 1
    Record type: XML
    <record xmlns="http://www.indexdata.com/zebra/">
      <snippet name="Any" type="w">Gontarski, S. <s>E</s></snippet>
    </record>nextResultSetPosition = 2
   Elapsed: 0.013929

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-04-05 11:51:14 +02:00
074ae34913
Bug 36322: Redirect docs dir to 404
http://localhost:8081/cgi-bin/koha/docs/CAS/CASProxy/examples/proxy_cas.pl

Test plan:
Hit the link
=> Erk
Copy the apache config to /etc/koha/apache-shared-intranet-git.conf
restart_all
Hit the link
=> 404

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-04-03 17:05:48 +02:00
6405431b38
Bug 27291: Reformat Zebra output logs
This patch changes the Zebra output log time format from
the default "hh:mm:ss-DD/MM" to the more standard ISO 8601
"%FT%T".

This change makes the logs easier to read for both
humans and machines. One benefit includes easy searching
and sorting.

Test plan:

1. cp debian/scripts/koha-zebra /usr/sbin/koha-zebra
2. koha-zebra --stop kohadev
3. koha-zebra --start kohadev
4. ps -efww | grep "zebrasrv"
5. Note "-m %FT%T" in the grep output
6. tail -f /var/log/koha/kohadev/zebra-output.log
7. Run a few searches like http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=ccl%3Dargawarga%3D1 or http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=e
8. Note that the timestamp in the Zebra log is formatted "2020-12-22T00:13:42" instead of like "00:13:42-22/12"

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-22 10:35:25 +01:00
Magnus Enger
3eff8d02b7
Bug 36009: Document koha-worker --queue elastic_index
To test:
- Copy the koha-worker script to the standard location:
  $ sudo cp debian/scripts/koha-worker /usr/sbin/koha-worker
- Check "sudo koha-worker --help" and verify elastic_index is
  mentioned in the list of "current queues"
- See https://wiki.koha-community.org/wiki/Testing_man_pages for
  how to check the "man" page. There should be a new paragraph
  about "Current queues" under "--queue"

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-07 15:02:48 +01:00
d3687f0b62
Bug 36148: Allow Koha::Middleware::CSRF to use error/exception middlewares
This change allows Koha::Middleware::CSRF to use the ErrorDocument and
HTTPExcetions middlewares to display the correct status codes and HTML
documents.

Leveraging Plack environmental variables, we're also able to pass along
data to the error page handlers to show warnings indicating that there
was a missing CSRF token.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:01:04 +01:00
4bd4b367dd
Bug 36148: Move CSRF check to a Plack middleware
The easiest here is to not empty 'op' but instead redirect to an error
page.

Minor changes: to keep the patch simple it removed the 'dev only' error and
display the error for non-dev installs. It should not be a problem
anyway and will prevent errors to be hidden in the log.
We could make KOHA_ERROR an arrayref, but later (we don't need it now
anyway).

Note that the OPAC still not benefit from a friendly specific error for
invalid token.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:01:03 +01:00
8b1871f5cf
Bug 36084: Do not allow absence of token
Well, this test was silly, I was focussed on propagating an error to the
UI, but we really need to explode in this case.

Note that this requires more work as login is now broken.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:44 +01:00
c6c8b66b74
Bug 36084: C4::Auth+plack.psgi for svc?
Suggestion to move the CSRF check to CGI->new so that we will check it
for every request, and it will cover svc scripts as well (they are not
using get_template_and_user).

The token will be retrieve from the param list *or the csrf_token
header* (do we want to name it x-koha-csrf-token instead?).

This will be done for *every* request that are not GET: CSRF token is now
required everywhere CGI is used (side-effects possible?).

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:39 +01:00
af3ae06245
Bug 34478: Make plack.psgi change more comprehensive
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:59:25 +01:00
918fbc24f7
Bug 34478: Display programming errors in case plack.psgi caught something suspicious
It will help developpers to debug the problematic places.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:16 +01:00
4e1372b77c
Bug 34478: op =~ ^cud-
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:05 +01:00
bf9830d354
Bug 34478: op-cud - Trick CGI directly
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:04 +01:00
Andreas Jonsson
b2e5efbdae
Bug 30627: Verify --days parameter and use find command to select old backups for deletion
Test plan

* Create some old fake backups:

backuproot=/var/spool/koha
instance=kohadev

backupdir="$backuproot"/"$instance"

for i in 1 2 3 4 ; do
   for j in sql tar xxx ; do
      file="$backupdir"/"$instance"-$(date -I -d "- $i day").${j}.gz
      if ! test -e "$file" ; then
         touch -t "$(date +%Y%m%d%H%M -d "- $i day")" "$file"
      fi
   done
done

* Verify that --days parameter is validated

sudo koha-run-backups --days 0
sudo koha-run-backups --days foo

* Run backup

sudo koha-run-backups --days 3

* Verify that backups from 3 days have been preserved and older backups have been deleted
* Verify that filenames that do not match the pattern (the .xxx.gz files) are preserved

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-26 15:13:49 +01:00
Katrin Fischer
328c5dcdfa
Bug 25691: (follow-up) Update control file with wiki link
This is in case it's needed anyway (see comment on previous patch)

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-16 12:06:09 +01:00
Katrin Fischer
0a49f71e8f
Bug 25691: Replace link to non-existing README with wiki link
This doesn't update the occurrence in the control file
as it says in control.in:

To test:
* Verify all occurrences of the README file have been updated. Exceptions:
  * control (see above)
  * changelog

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-16 12:06:08 +01:00
Katrin Fischer
a18e4d0e62
Bug 35713: Remove outdated debian/docs/LEEME.Debian file
This removes the LEEME.Debian README file from the docs
directory. We don't even have an English README here as
we usually refer to the wiki for installation instructions.
It makes sense to remove it from the codebase.

To test:
* Verify that the file is removed
* Verify that all references to the file have been removed as well
  Example: git grep LEEME

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-11 12:10:45 +01:00
f587d0a362 Bug 35174: update control files for koha-l10n dependency package
to test...

 - apply patch
 - build koha-common package
 - install koha-common package, and confirm koha-l10n package is installed

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2023-11-16 11:31:55 +01:00
1fa096e7a0
Bug 35242: Force memcache restart after koha upgrade
to test..

1/ install koha-common
    $ sudo apt install koha-common

2/ start memcached, check PID
    $ sudo service memcached start
    $ sudo systemctl status  memcached | grep PID
        Main PID: 52851 (memcached)

3/ build and install new koha-common package (will trigger a restart)
    $ sudo apt install ./koha-common-git+deadbeef.deb

5/ check that memcache is started, and has new PID (52900)
    $ sudo systemctl status  memcached | grep PID
        Main PID: 52900 (memcached)

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-11-03 12:04:44 -03:00
ea22082649
Bug 25672: Convert to restricting to listed repositories only
I think instead of a plain on/off switch we should use it in combination
with the plugin_repo's and set it to restrict to only those repos' (i.e.
disable uploads entirely if no repo's are listed, or just allow those
repo's when there are).

This patch achieves that, but only if plugins are installed via the
plugin browser method. We disable all direct upload avenues, so install
is blocked for other cases.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-31 11:02:43 -03:00
bfd633c461
Bug 25672: Enable enable_plugin_browser_upload by default
This patch enables enable_plugin_browser_upload by default,
since the current behaviour for Koha is to enable browser upload
when enable_plugins is 1.

Signed-off-by: Nicolas Legrand <nicolas.legrand@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-31 11:02:41 -03:00
e2e61ec6ca
Bug 25672: Use enable_plugin_browser_upload flag to control plugin upload
This patch adds a enable_plugin_browser_upload flag to koha-conf.xml, which
controls whether or not Koha intranet users can upload Koha plugins via
their browser. Like "enable_plugins", it defaults to 0 for new installs.

This is useful when you want to provide Koha intranet users with plugins
that are pre-installed by administrators (by CLI) or restricting them
to plugins from a Github repo. See the following for more information:
Bug 23975 - Add ability to search and install plugins from GitHub
Bug 23191 - Administrators should be able to install plugins from the command line

To test:
1) Apply the full patchset
2) Confirm <enable_plugins>1</enable_plugins> is present in koha-conf.xml
3) Add <plugins_restricted>1</plugins_restricted> to koha-conf.xml
4) Ensure that the <plugin_repos> block is not commented and contains at
   least one trusted organisation in koha-conf.xml
   If needed get it from: debian/templates/koha-conf-site.xml.in
5) Run restart_all (in koha-testing-docker)
6) Go to /cgi-bin/koha/plugins/plugins-home.pl and note that you don't see
   an option to upload plugins
7) You should however see a search option and upon search you should have
   results returned from the chosen trusted organisations listed in the
   <plugin_repos> block mentioned above.
8) Clicking install on one of the results should work as expected and install
   the plugin.
9) Go directly to /cgi-bin/koha/plugins/plugins-upload.pl and note that it says
   "Plugin upload is restricted to only those plugins listed by your server
   administrator" and gives instructions on how to enable unrestricted browser
   upload.

Signed-off-by: Nicolas Legrand <nicolas.legrand@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Rebased-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-31 11:02:41 -03:00
10649d4921
Bug 33547: Add print slip
Sponsored-by: BULAC - http://www.bulac.fr/

Signed-off-by: BULAC - http://www.bulac.fr/
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov>
Signed-off-by: Laurence Rault <laurence.rault@biblibre.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-23 11:33:51 -03:00
cf90b426d1
Bug 30708: Add apache RewriteRule
Sponsored-by: BULAC - http://www.bulac.fr/
Signed-off-by: BULAC - http://www.bulac.fr/
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov>
Signed-off-by: Laurence Rault <laurence.rault@biblibre.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-18 15:41:42 -03:00
1c03352ae5
Bug 34204: Fix koha-shell under debian 12
In Debian 12/Bookworm:
root@kohadevbox:koha$ koha-shell kohadev
This account is currently not available.

This is because /etc/passwd has /usr/sbin/nologin as shell, which is coming from the --disabled-login param we passed to adduser in koha-create.

Looks like a bug has been fixed in adduser, because we didn't have this behavior in bullseye.

Context:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=625758#72

"""
- change and document (adduser(8)) that --disabled-password will behave
  like --disabled-login and additionally set the shell to
  /usr/sbin/nologin.
"""
427ade7d91

Test plan:
Confirm the above and that the change makes sense.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-18 15:41:22 -03:00
Evan Giles
d9849aaa3a
Bug 34653: Make koha-foreach return the correct status code
I think the correct behavior for this script should be that koha-foreach
will return 0 (success) if all the commands it tried to run succeeded, but
1 (failure) if any of the commands failed.

To test:
1. $ koha-create --create-db test
2. $ vi test.sh
if [ $USER = 'kohadev-koha' ]; then
    echo "FAILED";
    exit 1;
else
    echo "SUCCESS";
    exit 0;
fi

3. $ debian/scripts/koha-foreach sh test.sh
FAILED
kohadev: 1 status returned by "sh test.sh"
SUCCESS
4. $ echo $?
5. Note that the exit status is 0 (success)

6. Apply patch

7. $ debian/scripts/koha-foreach sh test.sh
FAILED
kohadev: 1 status returned by "sh test.sh"
SUCCESS
8. $ echo $?
9. Note that the exit status is 1 (failure)

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:56:40 -03:00
6a0955946e
Bug 30843: Add mfa_range configuration option for TOTP
This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"

Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works

14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works

20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:51 -03:00
cc175067b5
Bug 32911: (follow-up) Remove partner_code
from debian and /etc koha-conf.xml files

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-01 11:43:42 -03:00
Andreas Roussos
eb902d7a92
Bug 31964: add a man page for koha-z3950-responder
The koha-z3950-responder command does not have a man page.

This patch fixes that.

Test plan:

1) Apply this patch.

2) Run the following command to generate the new man page:

   xsltproc /usr/share/xml/docbook/stylesheet/docbook-xsl-ns/manpages/docbook.xsl debian/docs/koha-z3950-responder.xml

3) View the generated man page with `man -l koha-z3950-responder.8`

   (KTD users may need to `apt-get install man-db` first as
   that package provides tools for reading manual pages)

4) Make sure this unit test passes:

   prove -v xt/verify-debian-docbook.t

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-01 11:07:28 -03:00
58893f4c0b
Bug 34193: SSLProtocol enable in use versions and disable deprecated versions
This patch changes the default SSLProtocol for the Let's Encrypt
HTTPS template, so that it enables in use versions of TLS while
disabling the deprecated versions of TLS.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-08-18 10:29:21 +03:00