Commit graph

703 commits

Author SHA1 Message Date
23a4b31631 Bug 17097: [QA Follow-up] Exit after redirect
Adds one exit statement, and some whitespace.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Verified deleting a patron again.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-18 15:55:24 +00:00
fcf38896bd Bug 17097: Fix CSRF in deletemem.pl
If an attacker can get an authenticated Koha user to visit their page
with the url below, they can delete patrons details.

  /members/deletemem.pl?member=42

Test plan:

0/ Do not apply any patches
1/ Adapt and hit the url above
=> The patron will be deleted without confirmation
2/ Apply first patch
3/ Hit the url
=> you will get a confirmation page
4/ Hit /members/deletemem.pl?member=42&delete_confirmed=1
=> The patron will be deleted without confirmation
5/ Apply the second patch (this one)
6/ Hit /members/deletemem.pl?member=42&delete_confirmed=1
=> you will get a crash "Wrong CSRF token" (no need to stylish)
7/ Delete a patron from the detail page and confirm the deletion
=> you will be redirected to the patron module home page and the patron
has been deleted

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-18 15:55:24 +00:00
13a6127952 Bug 17097: Add a confirmation page when deleting a patron
It won't hurt to have a confirmation page when deleting a patron.
Moreover it's the more easy way to protect against CSRF attacks :)

Test plan:
Make sure you get a confirmation page when deleting a patron
Confirm that approving or denying the confirmation work as expected

Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-18 15:55:23 +00:00
c3badb0c57 Bug 17052: Display patron category description in the sidebar of paycollect
The patron category description is not passed to the template in
paycollect.pl

Note: The Categories TT plugin should be used here...

Test plan:
Go on paycollect.pl and confirm that the patron category description is
now displayed in the sidebar.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Brendon Ford <brendon.ford@manhattan.edu>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-10 14:12:22 +00:00
06d1259e56 Bug 16992: FIX CSRF in member-password.pl
If an attacker can get an authenticated Koha user to visit their page with the
url below, they can change patrons' passwords
/members/member-password.pl?member=42&newpassword=hacked&newpassword2=hacked

Test plan:

Trigger
/members/member-password.pl?member=42&newpassword=hacked&newpassword2=hacked

=> Without this patch, the password will be updated
=> With this patch applied you will get a crash "Wrong CSRF token" (no
need to stylish)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-10 13:34:02 +00:00
2785183a6b Bug 16992: [QA Follow-up] Member-password should pass an userid
If we do not fill a new userid, we should keep the old one.
Script member-password should pass that to Koha::Patron.
Otherwise things go wrong.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Without this patch, you could effectively disable a login.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
2016-08-10 13:34:01 +00:00
09d0b1310b Bug 16993: Fix CSRF in memberentry.pl
If an attacker can get an authenticated Koha user to visit their page
with the url below, they can change patrons' passwords or other
patrons'details

members/memberentry.pl?op=save&destination=circ&borrowernumber=3435&password=ZZZ&password2=ZZZ&nodouble=1

Test plan:

Trigger
members/memberentry.pl?op=save&destination=circ&borrowernumber=42&password=ZZZ&password2=ZZZ&nodouble=1

=> Without this patch, the password will be updated
=> With this patch applied you will get a crash "Wrong CSRF token" (no
need to stylish)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: removed the commented use Digest::MD5-line.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-10 13:25:25 +00:00
131002e623 Bug 16847: Remove C4::Members::GetTitles
This subroutine just reads the content of a pref, split it, add an
empty string and returns.
It is not really useful and the code in the script (memberentry.pl) uses
the only occurrence of CGI::popup_menu
Let's remove it and build the dropdown list in the template.

Test plan:
1/ Empty BorrowersTitles, edit a patron and confirm that the "Salutation"
does not appear
2/ Fill BorrowersTitles with "Mr|Mrs|Miss|Ms", edit a patron and confirm
that the "Salutation" dropdown list is correctly filled.
The default option should be selected if you are editing a patron with a
title defined.
This should also be tested at the OPAC.

Followed test pan, works as expected in Staff and OPAC
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-22 17:23:42 +00:00
Marc Véron
d7754b70a2 Bug 16941: Can not add new patron in staff client
To reproduce:
- Go to staff client Home > Patron
- New patron
- Choose a category and fill form, submit
Result: Form reloads, patron data are not saved.

To test:
- Apply patch
- Repeat steps above
- Verify that patron data are saved and the new patron's
  detail page displays
- Try to enter a duplicate patron (e.g. same surname, firstname
  and birthday as above)
- Verify that a duplicate message appears

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-22 17:07:23 +00:00
1c61729e84 Bug 16909: Koha::Patrons - Remove checkuniquemember
C4::Members::checkuniquemember was not really nicely written, was only
used once and was not covered by tests.
I think it does not make sense to keep such complexity and have this
code in the subroutine/method.
Looking at this patch it seems that what this subroutine did can be done
easily in the pl script in few lines.

Test plan:
1/ Create 2 organisations with the same "surname": you should get a
warning.
2/ Create 2 patrons (non-organisation) with the same
surname/firstname/date of birth, you should get a warning

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-15 18:14:57 +00:00
afc008b2fa Bug 16853: Move changepassword to Koha::Patron->update_password
This patch moves the code from C4::Members::changepassword to
Koha::Patron->update_password

Test plan:
Change your password at the OPAC and the staff interface
This should work as before

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
I rebased this on top of 16849 because they were conflicting.
Tests pass, code looks good (as usual) and I checked both OPAC
and staff password change work as expected.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-15 18:09:17 +00:00
e1e38896bb Bug 16849: Move IsDebarred to Koha::Patron->is_debarred
In order to move IsMemberBlocked to Koha::Patron it makes sense to move
the code from Koha::Patron::Debarments::IsDebarred to
Koha::Patron->is_debarred.

Test plan:
1/ Add a restriction to a patron
2/ make sure he is not able to checkout items any more
3/ Make sure he cannot get a discharge
4/ Put a hold and make sure you get "Patron has restrictions"

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-15 18:08:14 +00:00
71d1e1727c Bug 3534 - Patron quick add form
This patch adds a new system preference:
    PatronQuickAddFields

When either this pref or BorrowerMandatoryField is populated this will add a new dropdown to the bew patron toolbar.
When a category is chosen from this dropdown the fields in PatronQuickAddFields and BorrowerMandatoryField will be displayed.
There will be a button allowing a user to switch from the quickadd to the full form and fields will be copied between the forms when toggling.

The Quick add will only be displayed on add of a new patron, future edits should display the full form.

Test plan:
 1 - Apply patch
 2 - run updatedatabase.pl
 3 - Add a new patron and ensure nothing has changed
 4 - Populate either PatronQuickAddFields or BorrowerMandatory fields
 and note the new button for adding a patron
 5 - Click the Quick add and choose a type
 6 - Only required or quick add fields should be displayed
 7 - Verify toggling forms copies information
 8 - Ensure you cannot save patron without filling required fields
 (quick add fields should be optional)
 9 - Ensure you can save patron with fields filled out
10 - Ensure that a duplicate patron brings up the duplicate/add new
buttons with full form displayed
11 - Verify that subsequent edits use only full form
12 - Verify that data on form submitted is the data saved to patron
13 - Test with various values in both MandatoryBorrowerFields and PatronQuickAddFields

Sponsored by: VOKAL (Vermont Organization of Koha Automated Libraries)

Followed test plan, works as expected.
Re-tested together with followup, works as expected (2016-06-02)
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-07 18:35:01 +00:00
Aleisha
573f1ac474 Bug 3669: Moving 'Add a new message' into a pop up box and adding to patron toolbar
This patch moves all the code into an include which can be accessed from the 'Add a new message' link or the patron toolbar.

EDIT: Ensuring modal opens on all pages
EDIT2: Once the form has been submitted the page will redirect to where you submitted the form from.
EDIT3: Fixing indentation of member-add-message.inc
       Ensuring messages save on every page
       Fill branch
       Ensure predefined notes appear
       Form redirects to where it was submitted from, or just the circulation page.
EDIT4: Removing the new include file and moving it all into the modal in the toolbar
EDIT5: Removing swp file and unnecessary code duplication by utilising plugins
EDIT6: Batch checkout fixes
EDIT7: Ensure you do not get JS error from Comment 24 (Batch checkout syspref must be turned on)

To test:
1) Go to a patron circ page (circ/circulation.pl?borrowernumber=X)
2) Click 'Add a new message' under Messages
3) Confirm this brings up the modal to add a message. Confirm clicking Save saves your message. If it is an OPAC message (for the user), confirm it shows as expected on the OPAC.
4) Click Cancel. Confirm this closes the modal.
5) Click 'Add message' button in toolbar. Complete steps 3 and 4.
6) Confirm the modal opens from all other pages with the members toolbar. Confirm predefined notes shows.
	circ/circulation.pl
	members/moremember.pl
	members/routing-lists.pl
	members/statistics.pl
	members/boraccount.pl
	members/pay.pl
	members/maninvoice.pl
	members/mancredit.pl
	members/readingrec.pl
	members/notices.pl
	members/member-flags.pl
	members/member-password.pl
	members/paycollect.pl
	members/files.pl
        turn on BatchCheckouts syspref and put in appropriate patron category
        circ/circulation.pl?borrowernumber=X&batch=1
7) Confirm that the page redirects to where you submitted the form from once you have submitted it.
8) Go to Check Out tab and confirm your message saved (or OPAC, wherever you saved it)

Sponsored-by: Catalyst IT

Followed test plan, works as expected. (Re-tested for comment #24)
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-06-24 13:20:13 +00:00
Blou
63041c19c9 Bug 14605 - Corrects the individual fine's description
When paying a fine, the description is built out of the borrower's type and title, instead of the actual fine's description.

STEPS:
1) in the staff, go to a user with a fine to pay.
   a) if none, go to a user and Fines>>"Create manual invoice" with a distinctive description.
2) In Fines>>Pay fines, click the "Pay" button on the line of the fine.
3) This will take you a "Pay an individual fine" screen, where the description will look like "Staff Mrs", for the category and title of the borrower.

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-06-10 17:34:08 +00:00
Aleisha
853d3cfe4d Bug 15823: Can still access patron discharge slip without having the syspref on
EDIT: Fix for OPAC side
EDIT: Comment 10
EDIT: Merge conflicts

To test:
1) Ensure syspref useDischarge is disabled
2) Go to /cgi-bin/koha/members/discharge.pl?borrowernumber=X&discharge=1
3) Validate that you are still able to generate a discharge slip for this patron
4) Apply patch and refresh page
5) Confirm that you are redirected to the circulation.pl page for the user and that an error message is there.
OPAC SIDE
6) Go to the OPAC
7) Go to /cgi-bin/koha/opac-discharge.pl
8) Confirm you get a message saying discharges are disabled
9) Go to /cgi-bin/koha/opac-discharge.pl?op=request
10) Confirm you see same message

Sponsored-by: Catalyst IT

Followed test plan, works as expected (both staff client and OPAC).
Re-tested, works OK.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-05-06 04:20:48 +00:00
640b9585f8 Bug 16429 - Fix root problem
The root of this issue is old code in circulation.pl that is no longer
needed and leaves the affected scripts open to future regressions.

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Heather Braum <hbraum@nekls.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-05-05 10:20:44 +00:00
cf6bd4d982 Bug 14497 - Add warning to patron details page if patron's fines exceed noissuescharge
Some librarians have requested that the same warning on the check out
page be placed on the patron details page if a patron's fines exceed the
system preference noissuescharge.

Test Plan:
1) Apply this patch
2) Find or create a patron who's fines exceed noissuescharge
3) Browse to that patron's details ( moremember.pl )
4) You should see a warning near the top of the page with links to the
   patron's account page and the pay fines page

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Patch ammended post sign-off

Signed-off-by: Sally Healey <sally.healey@cheshiresharedservices.gov.uk>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-04-29 12:15:01 +00:00
c133bedf54 Bug 16154: Fix some other occurrences
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-04-26 23:16:44 +00:00
f3e4b5bbb6 Bug 16154: CGI->multi_param - Force scalar context
This patch replaces the occurrences of
  $template->param( foo => $cgi->param('foo') );
with
  $template->param( foo => scalar $cgi->param('foo') );

perl -p -i -e 's/(\s*=>\s*)\$(cgi|input|query)\->param\(/$1scalar
\$$2\->param\(/xms' **/*.pl

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-04-26 23:16:43 +00:00
66aacace08 Bug 16154: CGI->multi_param - Declare a list
This patch replaces the occurrences of
  my @foo = $cgi->param('foo');
with
  my @foo = $cgi->multi_param('foo');

perl -p -i -e
's/^(\s*my\s*@\w+\s*=\s*)\$(cgi|input|query)\->param\(/$1\$$2\->multi_param\(/xms'
**/*.pl

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-04-26 23:16:42 +00:00
38094a260e Bug 12267: Remove borrower_attributes.password
When creating a patron attribute type, there is a "Allow password"
checkbox. If checked, the librarian will be able to enter a password for
this patron attribute when editing a patron.
The goal was to allow a patron to log in with a secondary password.
However, this feature has never been implemented.

"""
commit 6fc62bcd32
  CommitDate: Mon May 12 09:03:00 2008 -0500
  extended patron attributes tables & syspref (DB rev 081)

- password_allowed (if set, staff patron editor will
  allow a password to be associated with a value; this
  is mostly a hook for functionality to be implemented
  in the future.
"""

To decrease maintainability, this patch suggest to remove the 2 DB fields
borrower_attributes.password and
borrower_attribute_types.password_allowed
If they have not used by the library.

Test plan:
- Edit a patron attribute type and select "allow password"
- Edit a patron and defined a password for this attribute
- Execute the DB entry
- Note that you get a warning
- Empty the password field
- Execute the DB entry
- You do not get the warning and the 2 DB fields have been removed

Signed-off-by: Marc Veron <veron@veron.ch>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-04-22 23:08:32 +00:00
a8491dc156 Bug 15930: Make patron searches defaulting on 'contain'
The default patron search types has changed from 'contain' to
start_with. Users consider it as a bug.
This patch revert the previous changes to default on 'contain'.

Test plan:
Search for patrons in different places (guarantor, checkout, patron
module, acquisition module, etc.) and confirm that the default is always
'contain'

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>

Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
2016-04-22 00:31:50 +00:00
b64e6be1c4 Bug 16157: Move the selected flag from GetAuthorisedValues to the templates
From C4::Koha::GetAuthorisedValues

    # TODO: the "selected" feature should be replaced by a utility function
    # somewhere else, it doesn't belong in here. For starters it makes
    # caching much more complicated. Or just let the UI logic handle it, it's
    # what it's for.

Indeed, it's not a job for a subroutine, the template should take care of that.
Note that a perf gain could be won with this patch \o/

Test plan:
- Edit an itemtype and check the value of the "Search category" dropdown list
- Edit a patron attribute type and check the value of the "Class" dropdown list
- Detail for a catalogue record, the Status column should be correctly
  populated if items are damaged and/or lost
- Item details for a catalogue record, the lost, damaged and withdrawn
  value should be correctly displayed
- Edit a patron, the "street type" should be correctly selected
- Create a patron attribute type linked to an authorised value list.
- Edit a patron, set a value for this attribute, edit it again. The
  correct value should be selected.
- Search for subscriptions. The 'Location' dropdown list should behave
  correctly (select the entry you have choosen before, etc.)
- Edit a subscription, the location dropdown list should select the
  correct value.
- Edit and view a suggestion with a 'reason for suggestion' set (you
  should have at least 1 OPAC_SUG AV defined)

Followed test plan, works as expected
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-04-07 00:16:09 +00:00
e4d0363bc7 Bug 15928 - Show unlinked guarantor
To test:
1 - Add guarantor data to patron account by typing it in but do not 'Set to patron'
2 - Note it is not displayed on patron details
3 - Apply patch
4 - Note the info is displayed
5 - Test that linked guarantors show as expected

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amended-patch: Correct some indents/spaces

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-04-06 23:50:33 +00:00
4a3404594f Bug 15163: Do not erase patron attributes if limited to another library
The patron attributes displayed on editing a patron are not displayed if
limited to another library.

C4::Members::Attributes::SetBorrowerAttributes will now only delete attributes
the librarian is editing.
SetBorrowerAttributes takes a new $no_branch_limit parameter. If set,
the branch limitations have not effect and all attributes are deleted
(same behavior as before this patch).

Test plan:
1/ Create 2 patron attributes, without branch limitations.
2/ Edit a patron and set a value for these attributes
3/ Limit a patron attributes to a library (one you are not logged in
with).
4/ Edit again the patron.
=> You should not see the limited attributes
5/ Edit the patron attributes and remove the branch limitation
=> Without this patch, it has been removed from the database and is not
displayed anymore.
=> With this patch, you should see it.

Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-03-21 16:56:37 +00:00
da21ad0659 Bug 16054: Fix variable scope error in paycollect.pl
$borrower, $borrowernumber and $template and not visible in the
subroutine.
Using $b_ref and passing $template fixes the issue.

Test plan:
Under plack, use the pay selected button.
On the paycollect page, you should see the image of the patron

It certainly fixes some other bugs.

Signed-off-by: Srdjan <srdjan@catalyst.net.nz>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-03-15 07:12:12 +00:00
aa73c96aed Bug 15656: Move guarantor/guarantees code - GetMemberRelatives
Note:
QA question: Does the Koha::Patron->siblings method should return undef
if there is no guarantor?
It would avoid the weird  != undef, = $borrowernumber conditions.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-03-12 23:40:10 +00:00
bff0ca0b0b Bug 15656: Move guarantor/guarantees code - GetGuarantees
2 subroutines of C4::Members deal with guarantor/guarantees:
GetGuarantees and GetMemberRelatives.
Since we already have a Koha::Patron->guarantor method, it makes sense
to move these 2 subroutines to this module.

This first patch deals with GetGuarantees.

Test plan for the entire patch set:
1/ Create 5 patrons A (adult), B (child), C (child), D (child), E
(child), F (adult)
2/ Add relation between them: A is father of B, C and D.
E does not have a guarantor
F does not have guarantees
3/ Check some items out for all of these patrons
4/ On the "Check out" and "Details" tabs, you should not see any
differences with these patch applied : The "Relatives' checkouts" tabs
should list all of the guarantor/guarantee/siblings checkouts

Note:
$template->param('C' => 1);
I have not found any reference of this 'C' in the template.
It seems it's an old c/p from members/memberentrygen.tt

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-03-12 23:40:10 +00:00
545b64f869 Bug 15635: Koha::Patron::Images - Remove GetPatronImage
To retrieve a patron image, we can call Koha::Patron::Images->find or
Koha::Patrons->find->image
Both will return a Koha::Patron::Image object.

Test plan:
1/ From the patron/member module, open all tabs on the left (Checkouts,
detail, fines, etc.)
The image should be correctly displayed.
2/ At the OPAC, on the patron details page (opac-memberentry.pl) the
image should be displayed as well.
3/ Same on the sco module.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-03-04 12:54:15 +00:00
3691bd8419 Bug 15548: Move new patron related code to Patron*
The 'borrower' should not be used anymore, especially for new code.
This patch move files and rename variables newly pushed (i.e. in the Koha
namespace).

Test plan:
1/
  git grep Koha::Borrower
should not return code in use.

2/
Prove the different modified test files

3/ Do some clicks in the member^Wpatron module to be sure there is not
an obvious error.

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as described. Tested with Circulation, Members/Patrons, Discharge,
Restrictions modules and the must common functionalities

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
2016-03-03 14:38:26 -07:00
Lari Taskula
fbb7097b1d Bug 12426: Allow resend for sent messages
This patch allows to resend both sent and failed messages.

With messages in 'sent' status, we have to be careful not to accidentally send
sent messages again. With the previous patch using GET request, this was likely
to happen because of browser storing the GET parameters.

This patch changes request method from GET to POST. Instead of a simple link,
we now have a form element.

In notices.pl we redirect back to notices.pl, because with POST there is a risk
of resending the message accidentally by form resubmission at refresh.

To test, find/create a Patron that has sent or failed notices in message_queue:
1. Enable EnchancedMessagingPreferences system preference
2. Go to Patrons -> Notices
3. In the Notice column, click the title of the sent or failed message
4. Observe that there is nothing for resending the sent or failed message
5. Apply the patches.
6. Reload Notices page and repeat step 3
7. Observe that there is now a link "Resend" in the Status-column
8. Click Resend
9. Observe that the message gets into 'pending' status

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-03-03 20:16:07 +00:00
0813c72b1f Bug 12426: Simplify the code adding a new subroutine GetMessage
The C4::Letters module does not have a GetMessage subroutine, which
could be quite useful.
This patch adds it and simplifies the code added by the previous patch.
It also adds a few tests and fixes POD typos.

Note that ResendNotice only resends failed messages. This will avoid to
resend already sent messages (using an url from the browser history for
instance).

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-03-03 20:16:07 +00:00
Lari Taskula
05ea6ba1a8 Bug 12426: Allow resending of messages from the notices tab in the patron account
This patch adds a link 'Resend' under a notice in 'failed' status
in the Patron's Notices tab.

By clicking the link, we will request notices.pl with parameter
"resendnotice=XXXXX" where XXXXX is message_id. In notices.pl,
we then check whether the given message is actually in 'failed'
status. If so, we use the C4::Letters::ResendMessage(123) to
change the status of the message into 'pending'. This way it
will be processed again by the cronjob process_message_queue.pl.

To test, find/create a Patron that has failed notices in message_queue:
1. Enable EnchancedMessagingPreferences system preference
2. Go to Patrons -> Notices
3. In the Notice column, click the title of the failed message
4. Observe that there is nothing for resending the failed message
5. Apply patch.
6. Reload Notices page and repeat step 3
7. Observe that there is now a link "Resend" in the Status-column
8. Click Resend
9. Observe that the message gets into 'pending' status

Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-03-03 20:16:06 +00:00
3b8f35de79 Bug 15629 [QA Followup]
* Use ->id instead of ->branchcode when possible to eliminate use of that nomenclature
* Fix bad use of ->branchcode to ->{branchcode} for unblessed hashref  version of Koha::Library

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-02-24 03:55:07 +00:00
4f5217314c Bug 15629: Koha::Libraries - Remove GetBranchDetail
C4::Branch::GetBranchDetail retrieved library infos, it could be easily
replaced with Koha::Libraries->find

When this change needs other big changes, the unblessed method is
called, to manipulate a hashref (as before) instead of a Koha::Library
object (for instance when $library is sent to GetPreparedLetter).

Test plan:
1/ Print a basket group, the library names should be correctly
displayed.
2/ Enable emailLibrarianWhenHoldIsPlaced and place a hold, a HOLDPLACED
notice will be generated (focus on the library name)
3/ Edit a patron and change his/her library
4/ Generate the advanced notices (misc/cronjobs/advance_notices.pl) and
have a look at the generated notices
5/ Same of overdues notices
6/ Set IndependentBranches and use a non superlibrarian user to place a
hold. The "pickup at" should be correctly filled.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-02-24 03:55:06 +00:00
07f85e7f88 Bug 15631: Koha::Cities - remove getidcity and GetCities
C4::Members::getidcity and C4::Members::GetCities simply retrieved
cities info from the cities table.
The job done in members/memberentry.pl looked really weird and complicated.
Either I have missed something, or this patch can simplify it.

The expected behavior is:
1. Create a new patron => No city selected
2. Edit an existing patron => The borrowers.city value is selected
3. Add a guarantee => The borrowers.city of the guarantor is selected
4. Edit a guarantee => The borrowers.city of the guarantee is selected

Test plan:
Confirm that the expected behaviors are the ones before and after this patch.

Signed-off-by: Natasha <tasham_8@hotmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-02-24 03:53:52 +00:00
Natasha
17190de524 bug 12920 - Remove AllowRenewalLimitOverride from pl scripts and tt files, use Koha.Preference instead
Test Plan:
1) Apply this patch
2) Go to circulation.pl
3) Ensure you can still override renewal limits with pref enabled
4) Ensure you can not override renewal limits with pref disabled
5) Go to moremember.pl
6) Repeat steps 3-4

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-02-24 03:10:20 +00:00
Gus
fdd66bc830 15622 - Spelling mistake in printfeercpt.pl writen -> written Search the file for writen, when not found change sucsessful
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-02-24 03:02:24 +00:00
efad45a0e3 Bug 15746: Same fix for "write off"
Same fix as before for the "Write off" button next to the "Pay" button.

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-02-23 21:15:21 +00:00
80a690588c Bug 15746: Do not record individual payments with randomly picked libraries
When a payment is made individualy, the library used to record this
payment is randomly picked from the library list.
This is because C4::Branch::GetBranch looks at 1. the $branch variable
sent by the template, wich does not exist, then 2. the branchname
cookie, which does not exist neither, then 3. get the first branchcode
from a list of keys (non ordered).

To reproduce:
- Create a manual invoice for a patron
(members/maninvoice.pl?borrowernumber=XXXX)
- Pay this fine using the "Pay" button of the corresponding line from
  the members/pay.pl?borrowernumber=XXXX page
Look at the statistics table:
select * from statistics order by datetime desc limit 10;

The branch value of the first line might not correspond to the library
you were using to pay the payment.

Test plan:
Apply this patch, repeat the steps above and confirm that the library
picked is now the one used to pay.

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-02-23 21:15:21 +00:00
4afc8550c6 Bug 9021 [QA Followup] - Switch to Koha::Object(s)
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-02-14 12:40:06 +00:00
00c89d915b Bug 9021 - Add SMS via email as an alternative to SMS services via SMS::Send drivers
Nearly all cellular providers allow a person to send an text message to a cellular
phone by sending an email to phonenumber@provider. We can leverage this capability
to add the ability for Koha to send sms messages to patrons without the need to
subscribe to an sms gateway server.

Basic plan:
1. Add a table sms_providers to the db to tell Koha what service providers are available, and what domain emails should be sent to.
2. Add borrowers.sms_provider_id to tell Koha which mobile service the patron subscribes to for the number given in smsalertnumber
3. Modify Koha to send an email rather than using SMS::Send if the driver is set to 'Email'

Test plan:
0) Get a mobile phone
1) Apply the patch
2) Run updatedatabase.pl
3) Set the value of SMSSendDriver to 'Email'
4) Go to the admin page, the "Additional parameters" area should now have the link "SMS cellular providers"
5) On this page, add some providers. Make sure to add the provider for your own cellular phone service.

Here are some examples:
Sprint   phonenumber@messaging.sprintpcs.com
Verizon  phonenumber@vtext.com
T-Mobile phonenumber@tmomail.net
AT&T     phonenumber@txt.att.net

Only add the domain part in the 'domain' field. So for Verizon, that would be 'vtext.com'

6) Create an account for yourself, add your SMS number, and select your provider from the dropdown box directly below it.

7) Enable SMS messaging for Item check-in and Item checkout
8) Check out an item to yourself
9) Run process_message_queue.pl
10) Wait! You should receive a text message shortly, when I tested it, I received my sms message within the minute.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-02-14 12:40:04 +00:00
bb0c2fce1b Bug 15353: Display the patron image where needed
On the 3 following pages, the patron image was not displayed:
   members/discharge.pl
   members/pay.pl
   members/paycollect.pl

Test plan:
Apply this patch and confirm the image is now displayed

Followed test plan, image displays as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-01-27 17:00:03 +00:00
Aleisha
b124540ee9 Bug 14763: Calculate and display patron age
To test:
1) Go to patron Details page (ie http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51)
2) Confirm that '(x years)' is showing next to the Date of Birth and is correct according to DOB (ie if DOB: 30/11/1996, Age: 19 years)
3) Edit date of birth to be a month later (ie from 30 November to 30 December) so that, as of the date you are testing, the patron has not had their birthday yet
4) Confirm that age changes to be one year younger
5) Edit date of birth to be a different year
6) Confirm that age changes accordingly

Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-01-27 06:10:13 +00:00
Marc Véron
3ea6e78909 Bug 15096: Export today's checked in barcodes: Display warning if reading history is set to "never"
If a patron's privacy settings are set to "Never" for keeping a reading history, "Export today's
checked in barcodes" returns an empty file. This patch does not allow to export in such case.

To test:

- Apply patch
- Check out / check in in some items

-Test toolbar:
- On user's detail page, go to More->Export today's checked in barcodes
- Verify that the menu item does not appear if syspref 'intranetreadinghistory'
  is set to 'Don't allow'
- Verify that the menu item appears if syspref 'intranetreadinghistory'
  is set to allow and
  - that the menu item is grayed out with a tooltip if the user has set privacy
    settings to never keep a reading history
  - that the menu item works as before if user's privacy settings allow reading history.

- Test left tab "Circulation history":
- Verify that the left tab "Circulation history" does not appear if syspref
  'intranetreadinghistory' is set to 'Don't allow'
- Verify that the tab appars if syspref 'intranetreadinghistory' is set to 'Allow' and
  - that a message appears if user's privacy settings do not allow to keep the reading history
  - that the export works as before if user's privacy settings allow to keep the reading history

(Amended and changed test plan for comment #9)

Signed-off-by: Aleisha <aleishaamohia@hotmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-01-27 06:02:43 +00:00
Gus
89978bab10 Bug 15619: Spelling mistake in memberentry.pl
Test - Check file for 'konw', notice no instance

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Typo fixed

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-01-27 05:13:11 +00:00
Gus
12bd1dc601 Bug 15621: Spelling mistake in printinvice.pl
Test- search for writen, if not found patch successful

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Typo fixed

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-01-27 05:11:50 +00:00
Gus
17a2426e0f 15623 - Spelling mistake in boraccount.pl Test - Search for writen, if not found fix is correct
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Gus: You should try git grep writen one more time :)

Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
2016-01-27 05:10:38 +00:00
3aa8d6da14 Bug 15542 [QA Followup] - Tidy member-password.pl
No other patches in process modify member-password.pl, now would be
a great time to tidy it!

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
2016-01-23 19:15:08 +00:00