When one tries to create an account with patron guarantor and
error occurs (already used username, wrong age etc.), guarantor
information is lost. This patch always saves added patron
guarantor information to the template param new_guarantors.
To test:
1. Create a new account but cause an error that will keep the
account from saving (enter the wrong age for a category or
give the patron a username that's already being used).
2. Search for and select a guarantor.
3. Try to save the account and wait for the "The following
fields are wrong. Please fix them." message.
=> Note that the guarantor information is gone and you need
to search for and select the guarantor again.
4. Apply this patch.
5. Repeat steps 1.-3.
=> Note that guarantor information hasn't been lost.
This patch also removes code block from duplicate patron
check because we now save param new_guarantors even if
error doesn't occur.
To test:
1. Create a new account but cause a duplicate patron error.
2. Search for and select a guarantor.
3. Try to save the account.
=> Guarantor information should persist.
Sponsored-by: Koha-Suomi Oy
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This enhancement adds an 'Alert subscriptions' page to a patron account to easily view or cancel email alerts the patron has subscribed to.
To test:
1. Go to Cataloging. Create a biblio.
2. Go to Tools -> Notices & slips. Create a notice under the "Serials (new issue)" module, if you don't already have one.
3. Go to Serials. Create a subscription. Link the biblio you just created. Add info like the callnumber, location, library. Choose your notice under Patron notification. Fill out the remaining details and save your subscription.
4. Open this record in the OPAC. Under the Subscriptions tab, click the button to "Subscribe to email notification on new issues"
5. Go back to the staff interface. Go to your patron account.
6. Notice there is a new "Alert subscriptions" tab in the left sidebar menu. The number in brackets should say 1, for the subscription you just enabled email alerts.
7. Click into the page. Confirm your subscription shows in the table.
8. Click the button to unsubscribe. A confirmation should pop up. Confirm you can cancel the unsubscribe action. Then confirm you can unsubscribe using this button.
9. Confirm tests pass t/db_dependent/Koha/Patron.t
Sponsored-by: Bibliotheksservice-Zentrum Baden-Wuerttemberg
Signed-off-by: Christian Stelzenmüller <christian.stelzenmueller@bsz-bw.de>
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Display special characters correctly when writing off an invoice.
The issue arises because pay.pl does not perform UTF-8 encoding on the “notes” parameter before redirecting the page. By using uri_escape_utf8, characters with a code above 255 are also UTF-8 encoded. Then, paycollect.pl can collect the information without any trouble.
This patch work with “;” and “:” characters.
TEST PLAN
1) Go to any patron profile > Accounting
2) Click “Create manual invoice”
3) Fill the fields and click the “Save” button
4) Repeat steps 2 and 3
5) Click “Make a payment”
6) Add a note with special characters for each one (e.g., éçö)
7) Select the created invoices and click the “Write off selected” button
8) In the note field, you should see “�” symbols where the special characters are supposed to be
9) Click the “Cancel” button
10) Now add a note with “:;” for one of the invoices
11) Select the invoices and click the “Write off selected” button
12) You should see a page with an error 500
13) Go back to the “Make a payment” page
14) Apply the patch
15) Add a note with special characters for each one (e.g., éçö)
16) Add “:;” to one of the note fields
17) Select the invoices and click the “Write off selected” button
18) Now the special characters are displayed correctly
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch replace GetAllIssues in readingrec.pl which is the only
occurrence in the staff code.
To test this patch you will need several items in your checkout history
in order to confirm that the display is the same before and after the
patch.
However there is one change! And it's a bug fix (or an enhancement, it
depends on how you see things). It includes checkouts with deleted items, which is
a long standing bug (see bug 8483).
Performance will be compared as well.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
The idea here is to confirm this patch does not introduce regression.
For that you will play with the CardnumberLength syspref and create a
new user, modify an existing one, and check that the UI does not let you
modify an invalid cardnumber.
The onboarding process and the patron import tool will also have to be tested
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 33940: Fix selfreg
please squash with first patch
Bug 33940: Fix messages we sent to templates
please squash with the first patch
Bug 33940: Fix what we send to memberentry
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Test plan would have been nioe.
Tested by changing MAX_AGE with suggestions.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1. Turn on NoIssuesChargeGuarantorsWithGuarantees and set the amount to 5.
2. Create a guarantor/guarantee relationship.
3. Add a manual invoice to the guarantor that is larger than 5.00.
4. Notice the message on that circulation ( check out tab ) page. " Charges: Patron's guarantors and their other guarantees collectively owe X. Checkouts are BLOCKED because fine balance is OVER THE LIMIT. "
5. Look at the moremember ( details ) page. The same message does not appear.
6. Apply patch, restart_all
7. Try step 5 again, the message should now appear.
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the patron search bar and pages to default search
method to that defined by DefaultPatronSearchMethod system preference.
Test plan
1) Prior to this patch confirm that regardless of what you set
DefaultPatronSearchMethod to, the search in /members/member.pl,
members/members-home.pl and the search from the patrons search top bar
all default to 'contains'.
2) Apply the patch
3) Confirm that the system preference now affects the default option for
match type upon page load.
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If one tries to print checkin slip for checkins that
have been checked out from different branch, list
of checkins is empty. One has to change their branch
as checkout library to be able to print checkins.
This happens because we filter (or rather search) patrons
old checkouts with logged in patrons branch. This patch
removes this search so that checkout are filtered using
just filter_by_todays_checkins.
To test:
1. Checkout items for patron from branch A.
2. Switch to branch B and checkin items.
3. Print checkin slip.
=> Checkins list is empty.
4. Switch back to branch A.
5. Print checkin slip again.
=> Checkins are printed.
6. Apply this patch, restart services if needed.
7. Switch back to branch B and print checkin slip.
=> Checkins should now print.
Sponsored-by: Koha-Suomi Oy
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch replaces the 'Print' button with a 'Receipt' menu dropdown
exposing 'Print' and 'Email' options when `UseEmailReceipts` is enabled
Test plan
1. Enable `UseEmailReceipts`
2. Navigate to a patron with paid charges
3. Note the new dropdown 'Receipt' menu
4. Confirm 'Print' works as expected
5. Confirm 'Email' works as expected
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
A new tab is added to the details page of a patron to show, in a table, the fines of the patron's guarantees. A warning appears in the "Guarantees" section of the patron to make it obvious that fines exists.
+ resolve a git merge conflict
To test:
1) Apply patch
2) Choose a patron that has guarantees and navigate to the patron's details page
3) If the guarantees don't have any fines, the display should be unchanged
4) Add fines to the guarantee
5) Go back to the guarantor's details page
=> A warning should appear in the "Guarantees" section with the total due
6) Clicking on the link accompanying the warning focuses on the new
"Guarantees' fines" tab containing a table of all guarantee's and their
fines.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Hammat Wele <hammat.wele@inlibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This is a rebased submission following bug 31095 which removed the use of GetDebarments. This patch now uses $patron->restrictions to find the date and pass it to the template
Test plan:
1) Create a restriction on a patron and navigate to that patron in Checkouts or the patron details page
2) There should be a message with details about the restriction but the creation date of the restriction won't be included in the message
3) Apply patch
4) The message should now say "Restricted since DATE" as in the screenshot attached.
5) Change the 'dateformat' syspref and refresh, the date should change to reflect the syspref
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
Note: We will address this again when installing a plugin, but
first we test with the legacy userid code.
Add a new user with members/memberentry in staff.
Edit this user, change userid in staff. Try full form and partial
one.
If you remove userid or replace by a space (when mandatory), Koha
should regenerate a legacy userid.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes the use of GetDebarments from members/memberentry.pl
and replaces the references in the templates with patron.restrictions.
Test plan
1. Add a new user and confirm that the patron restrictions section does
not appear on the form
2. Edit the user and confirm the patron restrictions section now appears
3. Add a manual restriction using the patron edit form
4. Confirm the restriction appears on the patron edit form
5. Confirm you can remove the restriction usine the patron edit form
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes the use of GetDebarments from members/moremember.pl
and replaces template references with patrons.restrictions and the new
includes introduced in the prior patch
Test plan
1. Confirm that the 'Restrictions (x)' tab still appears on the patron
details page.
2. Confirm that the 'Restrictions (x)' tab count is correct
3. Confirm that the 'Restrictions (x)' tab table functions
4. Confirm that the 'Restrictions (x)' tab 'Add manual restriction' form
works as expected
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates four scripts to use checkauth instead of get_template_and_user
reserve/modrequest.pl
reserve/modrequest_suspendall.pl
course_reserves/mod_course.pl
members/members-update-do.pl
No behvaiour change is expected
To test:
0 - Apply patch
1 - Place some holds for a patron
2 - From patron page, confirm you can suspend all
3 - confirm you can delete marked holds
4 - Edit a course in course-reserves
5 - Make a chaneg to personal details via OPAC
6 - Confirm change can be approved on staff side
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To test:
1 - go to a patron detail view, click "add guarantee"
2 - Confirm form loads
3 - Confirm categories lsited are eligible to have a guarantor
4 - Fill out required fields and confirm patron saved correctly
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
SendPasswordRecoveryEmail relies on the calling script to tell if there is an
existing valid recovery already. If there's an expired recovery-entry the
members/notices.pl script will try to create a new entry resulting in a duplicate
key error.
This patch fixes the bug by removing the need for the calling script to do the check as
since SendPasswordRecoveryEmail does the same thing anyway.
SendPasswordRecoveryEmail will now use DBIx ->update_or_create instead of looking at
the $update param to determine if it should update an existing entry or create a new.
The update param is removed from all calling scripts and test are updated.
To test:
1. Generate a password recovery mail for a patron
2. Let it expire.
3. Generate a new password recovery from staff to the same patron - Fail!
4: Apply patch
5. Generate a new password recovery from staff to the same patron - Success!
6. Opac password recovery flow should also work.
7. Tests pass.
Sponsored-by: Lund University Library
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Anyone with staff access (catalogue) should be able to go
to account and enable 2FA.
Test plan:
Have a staff user with minimum staff permission.
Access account, manage 2FA.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 28786 added the ability to turn on a two-factor authentication,
using a One Time Password (OTP).
Once enabled on the system, librarian had the choice to enable or
disable it for themselves.
For security reason an administrator could decide to force the
librarians to use this second authentication step.
This patch adds a third option to the existing syspref, 'Enforced', for
that purpose.
QA notes: the code we had in the members/two_factor_auth.pl controller
has been moved to REST API controller methods (with their tests and
swagger specs), for reusability reason. Code from template has been
moved to an include file for the same reason.
Test plan:
A. Regression tests
As we modified the code we need first to confirm the existing features
are still working as expected.
1. Turn off TwoFactorAuthentication (disabled) and confirm that you are not able to
enable and access the second authentication step
2. Turn it on (enabled) and confirm that you are able to enable it in your account
3. Logout and confirm then that you are able to login into Koha
B. The new option
1. Set the pref to "enforced"
2. You are not logged out, logged in users stay logged in
3. Pick a user that does not have 2FA setup, login
4. Notice the new screen (UI is a bit ugly, suggestions welcomed)
5. Try to access Koha without enabling 2FA, you shouldn't be able to
access any pages
6. Setup 2FA and confirm that you are redirected to the login screen
7. Login, send the correct pin code
=> You are fully logged in!
Note that at 6 we could redirect to the mainpage, without the need to
login again, but I think it's preferable to reduce the change to
C4::Auth. If it's considered mandatory by QA I could have a look on
another bug report.
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
We need to replace 0 with 'disabled', and 1 with 'enabled'
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The payment type include has changed since the patch was first written,
we now require a 'type' is passed to properly set the field name.
This should fix the 'bankable' issue raised.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the register and transaction type selection options to
the manual credit page.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a very simple controller and template to allow patron
slip printing without all the boilerplate.
See bug 31713 for an example use.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Rather than generate a custom hash for these fields, we should treat them as other borrower data fields
To test:
1 - Edit a patron, note the 'Lost card' and 'Gone no address' fields
2 - Edit syspref BorrowerunwantedField
3 - Set gonenoaddress and lost as unwanted
4 - Edit patron, the fields remain
5 - Apply patch
6 - Edit a patron, fields are hidden
7 - Unhide one of the fields
8 - Edit a patron and confirm it shows and saves correctly
9 - Unhide the other field
10 - Confirm it can be edited and saved
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
1. Go to Admin » Additional fields
There are two new categories: "Account lines (credit)" and
"Account lines (debit)"
2. Create fields for both categories, with and without an authorized
value category
3. Go to a user's accounting page
4. Create a manual invoice. Verify that all "debit" fields are there,
put a value in them and save
5. Create a manual credit. Verify that all "credit" fields are there,
put a value in them and save
6. Make a payment. Verify that all "credit" fields are there, put a
value in them and save
7. Go to the transactions tab, click on the "Details" button for the
lines you just created and verify that the additional fields are
there
Signed-off-by: Emmanuel Bétemps <e.betemps@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch binds the new permissions added in the previous patch to the
tab display on the borrower account page.
Test plan
1) Apply the previous patch and run the database update
2) Configure a user without the new permissions
3) Confirm the 'Create manual invoice' and 'Create manual credit' tabs
no longer appear under the 'Accounting' area when logged in as the
above user.
4) Confirm that you cannot manually navigate to /members/mancredit.pl or
/members/maninvoice.pl when logged in as the above user.
5) Confirm that users with the above permissions are still able to see
the tabs and take actions on them.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch moves the new classes under ::Patron::Restriction:: and
enhances the Unit tests for those classes.
NOTE: We should drop keyed_on_code as part of bug 31095
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch displays a restriction type select box (when appropriate)
when adding manual patron restrictions
Sponsored-by: Loughborough University
Signed-off-by: Benjamin Veasey <B.T.Veasey@lboro.ac.uk>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The structure of debarments has changes slightly in that the displayed
text is now a product of a call to Koha::RestrictionTypes rather than
just the debarment's code. This patch allows for that
Sponsored-by: Loughborough University
Signed-off-by: Benjamin Veasey <B.T.Veasey@lboro.ac.uk>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The idea rely on the KohaDates TT plugin for the date formatting. We
should not have any output_pref calls in pl or pm (there are some
exceptions, for ILSDI for instance).
Also flatpickr will deal with the places where dates are inputed. We
will pass the raw SQL value (what we call 'iso' in Koha::DateUtils), and
the controller will receive the same value, no need to additional
conversion.
Note that DBIC has the capability to auto-deflate DateTime objects,
which makes things way easier. We can either pass the value we receive
from the controller, or pass a DT object to our methods.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
In which case do we pass category_type to this script? Am I missing
something?
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
== Test plan ==
1. Apply all patches
2. Create a new patron in a given category
=> Form show the dropdown with the selected category
3. Edit again
=> Value is kept
4. Edit a category to give it specific values for: messaging prefs,
password strength/length, can be guarantee
5. Edit the patron, change the category, and confirm that the different
limitation are correctly applied.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch prepends the credit_type_code and debit_type_code with
CREDIT_ and DEBIT_ respectively when doing a lookup on the notice letter
code.
Test plan
1) As previous patches, however instead of just naming your notice to
match the credit_type_code or debit_type_code use
CREDIT_credit_type_code and DEBIT_debit_type_code respectively.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a check for a more specific ACCOUNT_DEBIT template
(named to match the debit_type_code of the credit line) prior to
falling back to the ACCOUNT_DEBIT template.
Test plan
1/ On a patrons account page use the print option on a series of debit
lines with differing credit types (Overdue, Payout)
2/ Note that the same template 'ACCOUNT_DEBIT' is used for all types
3/ Apply the patch
4/ Run step 1 again and note all still print using ACCOUNT_DEBIT
5/ Add a new notice template under the 'circulation' module with a code
that matches one of your account debit types (OVERDUE, PAYOUT)
6/ Run step 1 again and note that where you have added a specific notice
for that debit type it has been used.
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a check for a more specific ACCOUNT_CREDIT template
(named to match the credit_type_code of the credit line) prior to
falling back to the ACCOUNT_CREDIT template.
Test plan
1/ On a patrons account page use the print option on a series of credit
lines with differing credit types (Payment, Lost Item Return, Writeoff)
2/ Note that the same template 'ACCOUNT_CREDIT' is used for all types
3/ Apply the patch
4/ Run step 1 again and note all still print using ACCOUNT_CREDIT
5/ Add a new notice template under the 'circulation' module with a code
that matches one of your account credit types (PAYMENT, WRITEOFF,
LOST_FOUND)
6/ Run step 1 again and note that where you have added a specific notice
for that credit type it has been used.
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the display of the renewals modal when appropriate. A
"View" link is displayed next to renewals count where appropriate.
Clicking the link opens the modal that displays the logged renewals.
Sponsored-by: Loughborough University
Signed-off-by: Myka Kennedy Stephens <mkstephens@lancasterseminary.edu>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>
Signed-off-by: Ben Veasey <B.T.Veasey@lboro.ac.uk>
Rescued-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
I rescued this patchset by squashing previous work and updating it to
utilise the new renewals API routes introduced in bug 30275.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The code that populates the patron messaging preferences on initial form load
expects to have a category selected. Currently we only have one if one was
passed to the form. When creating an account from a parent, we don't have a
category explicitly selected - so we can just select the first of the possible
categories
To test:
1 - In KTD set 'Juvenile' category to have some messaging preferences
2 - Find a patron, say Edna Acosta, and 'Add guarantee'
3 - In new form preferences are blank, cancel
4 - Apply patch, restart all
5 - Go to Edna, click 'Add guarantee'
6 - Preferences are populated!
7 - Cancel
8 - Go to 'Patrons' module
9 - Click "+ New patron"
10 - Confirm messaging preferences load correctly when not adding child
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This enhancement shows recalls ready for pick-up on the patron's account
so they can't be missed.
To test:
1) Enable the UseRecalls system preference and set up your
recalls-related circulation rules.
2) Check out an item to Patron B.
3) Log into the OPAC as Patron A and search for the item.
4) Place a recall on that item. Note the pickup library.
5) Go back to the staff client. At the top right of the page, confirm
your logged in library matches the recall pickup library. Set the
library to the recall pickup library if needed.
6) Check in the recalled item and confirm the recall as waiting for
Patron A.
7) Go to Patron A's account (members/moremember.pl). Confirm the recall
shows under 'Recalls waiting here' and all the information is correct.
8) Go to Patron A's checkouts (circ/circulation.pl). Confirm the recall
shows under 'Recalls waiting here' and all the information is correct.
9) Click on the menu at the top right of the page and choose 'Set
library'. Change the library to some other library.
10) Repeat steps 7 and 8, however this time the recall should show under
'Recalls waiting at other libraries'.
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1/ Add 'Email' to the 'SMSSendDriver' system preference.
2/ Make sure 'EnhancedMessagingPreferencesOPAC' and 'EnhancedMessagingPreferences' are turned on.
3/ Add some SMS providers (/cgi-bin/koha/admin/sms_providers.pl) with different names.
4/ Notice on memberentry.pl and opac-messaging.pl the SMS providers sort by when they were added, not alphabetically.
5/ Apply patch and restart services.
6/ Look at memberentry.pl and opac-messaging.pl and notice that they SMS providers now sort alphabetically.
Signed-off-by: George Williams <george@nekls.org
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The C4::Suggestions::SearchSuggestion subroutine is badly written and
can be replaced by calls to Koha::Suggestions->search.
The hard part in this patch is suggestion.pl, the other occurrences have
been replaced easily.
Test plan:
The idea is to test the whole suggestion workflow.
1. Create a suggestion on OPAC
2. Create a suggestion on the staff interface
3. Edit suggestions
4. Filter suggestions (use the different filters and "organize by"
values)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: Remove SearchSuggestion tests
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: (QA follow-up) Save some DB queries
This patch makes the suggestion-related pages rely on array size instead
of querying the DB each time they need to. In the case of
suggestion/suggestion.pl it goes from 4 COUNT(*) to 1.
To test, with KTD:
1. Run on the host machine:
$ docker exec -ti koha_db_1 bash
$ mysql -ppassword
> SET GLOBAL general_log_file='/var/log/mysql/mycustom.log';
> SET GLOBAL log_output = 'FILE';
> SET GLOBAL general_log = 'ON';
> \q
$ tail -f /var/log/mysql/mycustom.log | grep suggestions
2. Visit the different pages changed on this bug
=> SUCCESS: Some queries
3. Apply this patch
4. Repeat 2
=> SUCCESS: Less queries!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: Fix branchcode and budgetid filtering
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: Fix conflict with bug 28941
Well, this patchset fixed the security bug...
Redoing on top of bug 28941
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: (follow-up) Missing semicolon
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: Fix 'all' libraries
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: (follow-up) Add value to filter_archived
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
JD Amended patch: squashed and edited commit message
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
1) Have some patron categories that can and cannot be guarantee
2) Visit a patron's account and click the "Add guarantee" button
3) In the "category" dropdown, note that all categories are available
4) Apply this patch
5) Repeat step 2 and 3; the dropdown now only contains the categories
for which "can be guarantee" is set to "Yes".
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This adds a new field "Can be guarantee" to patron categories so it
becomes possible for any category type to have a guarantor.
To test:
1) Have a patron category of type 'Adult' and one of type 'Child'
2) Confirm, by searching for the "Patron guarantor" fieldset in the
edit/create form, that:
=> a patron of the first category can't have a guarantor
=> a patron from the second category can
3) Apply patch and run updatedatabase.pl
4) Edit the categories and note the new "Can be guarantee" field
5) It should have been set to "yes" for the "Child" and to "no" for
the "Adult"
5) Repeat step 2. It should behave in the same way.
6) Edit the "Can be guarantee" for any of the category and check
that the fieldset only appears when "Can be guarantee" is set to "yes"
7) prove t/db_dependent/Patrons.t
=> tests should still pass
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the member-flags template to use the patron-title.inc
include wherever patron names are referenced.
Test plan
1) Navigate to a patron and click through to their accounts tab
2) Note how the patron name displays in the title, breadcrumb and
headings
3) Click through to make a payment
4) Note how the patron name displays in the title, breadcrumb and
headings
5) Apply the patch and reload the page
6) Confirm the patron name still appears in each location and is
consistently formatted and linked as you would expect
Note: This patch also removes a superflous hidden title form element
that was simply passed to and from the controller but not actually used
in any way.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the ability for staff with the edit_borrowers permission
to send password reset emails to users.
The staff initiated password reset has it's own notice,
STAFF_PASSWORD_RESET, and the reset link produced has an extended
timeout of 5 days, as apposed to the usual 2 day limit.
Test plan
1) Apply patch and run the database update
2) Login to the staff client with a user who has the 'edit_borrowers'
permission.
3) Note that a new, 'Send password reset' option appears under the
'More' menu on the patron details page.
4) Clicking the button will queue the STAFF_PASSWORD_RESET notice and
redirect the user to the Notices tab.
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1 - Sign in as a superlibrarian
2 - Find a patron account with no password expiration set
3 - View member detials
4 - note expiration says 'Never'
5 - Edit patron
6 - Set patron expiration
7- Save
8 - View details, confirm password expiration shows correctly
9 - Sign in as non-superlibrarian
10 - Confirm you don't see expirationdate on details page
11 - Edit patron and confirm password expiration does not show
12 - Edit HTML and confirm you epxiration date not saved
<input type="text" name="password_expiration_date" value="2052-05-02">
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the output_and_exit call to instead pass an error
parameter in the template and use it to display the warning instead of
the rest of the page content in the 'Manage two-factor authentication'
page.
This allows for translation and makes the page adhere to normal
practices.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Script prints a warning.
Module raises an exception.
Unit test added.
Test plan:
Run t/db_dependent/Koha/Encryption.t
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t
Remove entry and check script.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chose here to fall back to $patron->queue_notice. Which is tested
already, so removing the additional test code.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When registering or deregistering, send a confirmation.
Test plan:
Register or deregister with patron having email address.
Verify that you got a confirmation mail.
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Deregister 2FA for patron.
Check if secret is empty in borrowers.secret.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test updated accordingly.
Adding utf8 flag to CGI in staff script.
Test plan:
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Instead of using deprecated Google Charts API, and exposing our
secret in a GET parameter, we generate QR data ourselves.
Test plan:
[1] Enable two factor authentication in the prefs.
[2] Login in staff. Go to account. Select Manage 2FA.
[3] Verify that QR code is displayed.
[4] Register the QR in your authenticator app and test 2FA
by logging in again.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested with Google Authenticator and FreeOTP.
Bug 29873: (follow-up) Rename qr_dataurl
As requested by a QA team member.
We're moving to qr_code as method name. This is the same name as
the method in the underlying base class.
Apart from one sed statement, changing to self->SUPER on one line.
Test plan:
Can you still register, logout and login?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 29873: (follow-up) Switch to GD
We do not need a new module, we could use GD instead.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We're doing this in the registering stage and at disabling.
Test plan:
Ënable two-factor auth but logout/login on another tab. You should
get the Wrong CSRF token when submitting.
Do similar thing while disabling.
Verify that you can register / disable when in the same session.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
FAIL members/two_factor_auth.pl
FAIL file permissions
File must have the exec flag
FAIL koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt
FAIL filters
missing_filter at line 42 ( <p>Account: [% issuer %]</p>)
missing_filter at line 43 ( <p>Key: [% key_id %]</p>)
missing_filter at line 54 ( <input type="hidden" name="secret32" value="[% secret32 %]" />)
missing_filter at line 58 ( <img id="qr_code" src="[% qr_code_url %]" />)
FAIL Koha/Auth/TwoFactorAuth.pm
FAIL pod coverage
POD is missing for 'new'
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a new 'Send welcome email' option to the 'More' dropdown
menu in the patrons toolbar.
Clicking the button will queue the welcome email again for the patron and
redirect the user to the Notices tab to view it's contents.
Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com>
Signed-off-by: Jessie Zairo <jzairo@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch replaces the AutoEmailOpacUser system preference with a new
AutoEmailNewUser preference. This makes the functionof the preference
clearer.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates all references to the former ACCTDETAILS notice to
use the new WELCOME email notice instead.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Regression from bug 30063. If you are searching all patrons (not search term passed) from the header, the patron search result is not displayed.
Test plan:
Go to the Koha homepage, search patrons, don't enter a search term and
click "submit"
All patrons must be returned.
Regression test: on the other patron search forms, confirm that there is
no regression, ie. no patron displayed until you search for something
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
* Length menu (PatronsPerPage)
* Query description
* Highlight of the current library
* sticky header - Does not work (?)
If the table does not show when you submit the filter form, make sure
you regenerated the compiled CSS.
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
In this patch we want to reuse what has been done in the previous bug
report to search patrons using the REST API route.
The code is mainly in members/search.tt, for all the patron searches
that "add" or "select" a patron (popup windows).
The patron search for holds is a bit different, we don't want to open a
popup window.
We are moving to code to an include file (patron-search.tt) to make it
reusable easily.
Note that we are improving how the patron's addresses are displayed, and
provide a JS equivalent to the TT includes files.
Test plan:
Search for patrons from the "Place a hold on" view.
You should see the same view as behaviour, with more filters.
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Last patches remove the ability to search on extended attributes.
C4::Utils::DataTables::Members::search is searching on all the
attributes that are flagged as "searchable", we want to keep this
behaviour.
I have tried several things and this is the simplest I have found.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Select a manager for a suggestion
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch will rewrite some of our patron searches to make them use the
REST API routes (and so the powerful the DataTables wrapper which will
bring all the nice DT feature to filter, sort, etc.)
The patron searches we will take into account here are those that we use
to select a patron in a pop-up:
* Guarantor
* Suggestion's manager
* Patron's card
* Serial routing list
* Users to notify when order is received
* Manager of an acquisition basket
* Owner and users of a fund
Regarding permissions there are two main problematics:
* Filter a patron set by patrons having a
specific subpermissions (in case of adding a manager to a suggestion or
when we deal with acquisition and funds). We added a new
Koha::Patrons->filter_by_have_subpermission method that will take in
parameter a subpermission. To make thing transparent for the callers we
are adding new routes, like /suggestions/managers to list the possible
managers of suggestions.
* Restrict/allow access to the default patron searches /patrons
We need to access it when a logged in patron does not have borrowers
permission.
Ideally we need a separate "search_borrowers" subpermissions but it's
considered outside the scope of this change.
For each patch you will take care of testing the different permissions
that are into effect (either for the logged in patron or the patrons
returned by the search).
The tables should contain the same columns as prior to this patch,
except for "categories" and "library". We have the filter on top of the
page and so we need to add them to the table as new columns if they
weren't there before.
Test plan (for this patch):
Search for guarantor and select
Test plan (for all patches):
Add/Select patrons from the correct place where you can search for
patrons, play extensively with the filters/pagination/etc
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine Queune <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
moremember-patronimage.pl|tt were not needed.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch builds on a patch by Mark Tompsett, adding the option to take
a patron's picture using the computer's webcam. The photo can then be
saved to the patron's account.
To test, apply the patch and rebuild the staff interface CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- Go to Administration -> System preferences and enable the
'patronimages' preference.
- View a patron record. In the sidebar, hover your mouse over the blank
patron image. Click the "Edit" button which appears.
- A modal window should appear with two sections, "Upload patron photo"
and "Take patron photo."
- If your computer has a webcam, your browser should ask permission to
access it. Grant access.
- You should see the view of your webcam shown under the "Take photo"
button.
- Click the "Take photo" button. The captured photo should be shown in
place of the live video from the webcam.
- You should now see three buttons: "Retake photo," "Download photo,"
and "Upload photo."
- Clicking "Retake photo" should hide those buttons and return you
to a live video view.
- Clicking "Download" should make your browser download the image.
- Clicking "Upload" should cause the page to redirect back to the
patron detail page where you should see the new patron image
displayed in the sidebar.
- Trigger the modal again and click the "cancel" button. The
modal should disappear and camera access should stop.
- If your computer has no webcam the modal should appear correctly but
there should be a banner at the bottom indicating that a camera is not
available.
- Try the test again but this time deny your browser access to the
webcam. You may need to reset the camera permissions in your browser's
settings. When the modal appears you should see a message saying
access to the camera is denied.
- The patron image edit modal should be available on all pages which
show the patron image in the sidebar: Check out, Batch check out,
Details, Accounting, Routing lists, Circulation history, Holds
history, Modification log, Notices, Statistics, Files, Purchase
suggestions, Discharges, Housebound, and ILL requests history.
- Test adding an image to a patron record using the "Upload photo"
option. It should still work correctly.
- If the patron has an image attached, the "Upload photo" section should
have a "Delete" button. Test that it works correctly.
Signed-off-by: Nicolas Legrand <nicolas.legrand@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The original notice was sent using SendAlerts, which triggers
immediately on submission and doesn't wait for the cron task.
This patch restores that immediacy and also fixes a bug in the imports
on the original patch.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We actually have a Koha::Patron method to do all the work of finding the
right patron primary email address for notices.. we can use that here
instead of doing it long hand.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The ACCTDETAILS notice apparently bypasses message_queue; notices are sent directly to the linux mail queue.
Test Plan:
1) Apply this patch
2) Create a new patron with an email address
3) Note the patron's ACCTDETAILS notice shows in the patron's messages
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We should not give libraries the ability to compromise patron accounts,
it is considered a huge security issue and nobody in network security
would never recommend allowing passwords to be transmitted in clear text
over email.
It should simply not be possible to send a patron's password in plain text
via email. As such, we should remove this ability from Koha.
Test Plan:
1) Apply this patch
2) Create a patron to generate the ACCTDETAILS email
3) Note you can no longer transmit the patron's password in the email
Signed-off-by: Amit Gupta <amitddng135@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To reproduce (paycollect.pl):
1) Prepare or use some existing patron with outstanding fines, go to
the accounting section and open page where you make payment towards all
fines.
2) The error message should have appeared in your log file about
"File not found : default/js/locale_data.js".
3) Apply the patch.
4) Open the edit page again, ensure that the new error massage like
that didn't appear.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To reproduce (memberentry.pl):
1) Head over to the patron details page, press edit button to open the
memberentry.pl page.
2) The error message should have appeared in your log file about
"File not found : default/js/locale_data.js".
3) Apply the patch.
4) Open the edit page again, ensure that the new error massage like
that didn't appear.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When system preference is off, call no code related to Koha::Recalls.
Also add some missing module import.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes the different ->recalls accessors implemented on this
bug be more standard. This means:
- They don't do special things like default sorting or stripping out
special parameters. That's all left to the caller and the methods are
clean: they just return the related objects
- Useful filtering methods for Koha::Recalls resultsets are added. The
only used one (in the end) was ->filter_by_current. It seems like a
better approach, because it gives devs more control on how they want
to chain things, and there's a single place in which to maintain the
criteria of what is 'current' or 'finished'. This clearly makes the
'old' column obsolete IMHO, at least in the use cases I found. This is
covered by tests as well.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
- removing authnotrequired flag from scripts
- fixing opac buttons
- chmod +x for recalls test files
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
See recalls on Intranet
- old recalls (all inactive recalls)
- recalls queue (all active recalls) - cancel, expire, revert waiting status, multiple cancel, mark overdue
- recalls to pull (available but not yet waiting) - cancel
- recalls awaiting pickup (awaiting pickup, awaiting pickup more than RecallMaxPickUpDelay days) - expire, revert waiting status
- overdue recalls (overdue to be returned) - cancel, multiple cancel
- biblio recalls tab (all active recalls relevant to this bib) - cancel, expire, revert waiting status, mark overdue
- patron recalls tab (all active recalls relevant to this patron) - cancel, expire, revert waiting status, mark overdue
- patron recalls history tab (all recalls relevant to this patron) - cancel, expire, revert waiting status, mark overdue
- log viewer
and the general circulation of recalls
== TEST PLAN FOR RECALLS ==
ADMINISTRATION
1. Apply all patches
2. Run database updates, update schema files and confirm everything applies cleanly
3. Run tests and confirm everything passes:
t/db_dependent/Koha/Recall.t
t/db_dependent/Koha/Recalls.t
t/db_dependent/Stats.t
t/db_dependent/Circulation/CalcFine.t
t/db_dependent/Koha/Item.t
t/db_dependent/Koha/Biblio.t
t/db_dependent/Koha/Patron.t
t/db_dependent/XSLT.t
t/db_dependent/Search.t
t/db_dependent/Holds.t
t/db_dependent/Circulation/transferbook.t
t/db_dependent/Circulation.t
4. Go to Administration -> system preferences. Find the UseRecalls system preference. It should be DISABLED. Confirm RecallsMaxPickUpDelay is set to 7 by default.
5. Go to Administration -> circulation rules. Confirm there are no recalls circulation rules showing.
6. Test a few circulation flows: checking out, placing a reserve, checking in, fulfilling a reserve, etc. Confirm everything works as normal.
7. Go to Administration -> system preferences. Enable the UseRecalls system preference.
8. Go to Administration -> circulation rules. Set the following rules:
Recalls allowed (count) = 0
Recalls per record (count) = 0
On shelf recalls allowed ( If any unavailable / If all unavailable ) = If any unavailable
Recall due date interval (days) = 3
Recall overdue fine amount = (something different to your normal fine amount)
Recall pickup period (days) = 1
Throughout your testing, try with different combinations of these rules and itemtype / branchcode / categorycode. Also try with null values. Keep the circulation rules open in another tab so you can refer to and update these easily. You should also have at least one other tab open for the staff client, and a third tab open for the OPAC, for ease of testing.
9. Go to your account -> More -> Set permissions. Confirm the recalls permission is checked.
10. Set up a test user with OPAC login details (Borrower A). This could also be your own user, as long as you have OPAC login access.
11. Set up a test record (Biblio A) with at least two items (Item A and Item B) of the same item type (or an item type with the same recall circ rules).
PLACING A RECALL
12. Log in to the OPAC as Borrower A. Do a catalogue search with a term that will return multiple results, including Biblio A.
13. Click on Biblio A.
14. Notice there is a 'Place recall' button on the sidebar menu. Click this button. There will be a message saying that there are no items to recall - this is because all items are available.
15. Check out Item A to another borrower (Borrower B).
16. Refresh the 'Place recall' page. You will still NOT be able to place a recall - this is because Recalls allowed = 0 and Recalls per record = 0.
17. Edit the circulation rules to have the following values:
Recalls allowed (count) = 1
Recalls per record (count) = 1
18. Refresh the 'Place recall' page. You will now see the form to place a recall.
BIBLIO-LEVEL RECALL, NO TRANSFER
19. Place a biblio-level recall.
Pickup location: Branch A, the set branch when you are logged into the staff client
Recall not needed after (expiration date): whatever you want
Select 'recall next available item'
Click confirm
20. Confirm the recall is placed successfully. Confirm that the new due date displayed is correctly calculated to be today's date, plus 3 days (taken from the 'recall due date interval' circ rule)
21. In the staff client, look at Borrower B's account, and go to their Notices tab. Confirm they have received a 'Notification to return recalled item' notice.
22. Look at Borrower B's checkouts table. Notice the due date for their checkout has been adjusted, and there is now a note to say that the item was recalled and the due date adjusted.
23. Log in to the OPAC as Borrower B and go to your summary tab. Notice there is a note under their checkout to say the item had been recalled.
24. Log out of the OPAC and log back in as Borrower A.
25. Go to your summary tab. Confirm there is a Recalls tab with a count of 1.
26. Cancel the recall using the button. Confirm it cancels and the Recalls tab disappears.
27. Do a catalogue search with a term that will return multiple results, including Biblio A.
28. When the results load, notice there is a 'Place recall' button next to the 'Place hold' button. Click this 'Place recall' button.
29. Notice you are redirected straight to the form to place a recall.
30. Place a biblio-level recall again, following the steps in Step 19.
31. Go to your recalls history tab. Notice your first cancelled recall shows here.
32. Cancel the recall you just created, using the button. Confirm it cancels and you are redirected to your summary tab.
33. In the staff client, enable the UseCourseReserves system preference.
34. Go to the main menu, click Course Reserves.
35. Add a new course. (You may also have to define an authorised value for DEPARTMENT.)
36. Add Item A as a reserve to this course.
37. View Course Reserves in the OPAC. Click the course you just created.
38. Notice the reserve has a Recall button underneath it's 'Checked out' status. Click this button.
39. Place a biblio-level recall again, following the steps in Step 19.
40. Click the 'Place recall' link in the breadcrumbs.
41. Notice there is a message saying that you have reached the max number of recalls on this record. This is because Recalls allowed = 1 and Recalls per record = 1.
42. Edit the circulation rules to have the following values:
Recalls allowed (count) = 10
Recalls per record (count) = 5
43. Refresh the 'Place recall' page. You will now see the form to place a recall.
44. Create another test record (Biblio B) with at least one item (Item C).
45. Find this record on the OPAC and place a biblio-level recall again, following the steps in Step 19.
46. In the staff client, go to Circulation -> Old recalls. You should be able to see your two cancelled recalls.
47. Go to Circulation -> Recalls queue. Your current recalls should show here.
48. Use the 'Select all' checkbox to select all recalls.
49. Cancel the recalls using the 'Cancel selected recalls' button.
50. Go to the OPAC and place a biblio-level recall on Biblio A again, following the steps in Step 19.
51. In the staff client, check in Item A, which should still be checked out to Borrower B.
52. A box should pop-up asking you to confirm Borrower A's recall. Click ignore.
53. Click the link to go view Biblio A's details in the catalogue.
54. Click the recalls tab. Notice Borrower A's recall is displayed, and shows it is still Requested (has not been confirmed waiting).
55. Check in Item A again. This time, confirm the recall as waiting using the "Confirm recall" button.
56. Go to Borrower A's Notices tab. Confirm there is a notice "Recalled item awaiting pickup".
57. Go to Borrower A's checkouts. Notice there is a recalls tab. Confirm the recall is showing as "Ready for pickup".
58. Click the 'Actions' dropdown. Click the "Revert waiting" button. The page should show a message that the waiting status has been reverted, without reloading.
59. This time, check in Item B. The recall confirmation box should show again, because this a biblio-level recall that any recallable item under Biblio A can fill. Click the "Print slip and confirm" button.
60. Check the slip that is generated. Confirm it contains Borrower A's correct details, and the details of the recall are correct.
61. Go to Circulation -> Recalls awaiting pickup. Confirm the recall is now waiting and shows in this list.
(You could also try this with Item B having a different item type to Item A, and circ rules not allowing Item B's item type to have recalls. When checking in Item A, it should not trigger the recall box).
62. Go to Borrower A's checkouts. Check out Item B.
63. Confirm the checkout is successful and the recall is removed from the Recalls tab.
64. Go to Circulation -> Old recalls. The fulfilled recall should show.
65. Check in Item B.
BIBLIO-LEVEL RECALL, TRANSFER REQUIRED
66. Check out Item A to Borrower B.
67. Log in to the OPAC as Borrower A.
68. Find Biblio A and place a biblio-level recall.
Pickup location: Branch B, a different branch from your logged in branch. This recall will require a transfer.
Recall not needed after (expiration date): whatever you want
Select 'recall next available item'
Click confirm
69. In the staff client, check in Item A at Branch A. Notice the box that pops up shows that a transfer is required.
70. Click "confirm recall and transfer" and confirm the transfer.
71. Go to your account and click the Recalls tab.
72. Confirm the recall status now shows the item is in transit to Branch B.
73. In the drop-down top-right of your window, select 'Set library'.
74. Set your library to Branch B.
75. Go to Circulation -> Transfers to receive. Notice that the recall is showing here.
76. Click 'Cancel transfer'.
77. Go to Circulation -> Recalls queue
78. Confirm the recall status has been reverted to Requested.
79. Set your library back to Branch A.
80. Check in Item A and trigger the transfer.
81. Set your library back to Branch B.
82. Check in Item A at Branch B.
83. When the 'Recall found' box pops up, click Ignore.
84. Go to Circulation -> Recalls to pull. The recall should show here, with a button to "Cancel recall and return to: Branch A"
85. Click the button to cancel the recall.
86. Repeat Steps 66-70.
87. Check in Item A at Branch B. Confirm the recall as waiting.
88. Check out Item A to Borrower A to fulfill the recall.
89. Set your library back to Branch A and check in Item A.
ITEM-LEVEL RECALL, NO TRANSFER
90. Go to Administration -> circulation rules. Set the following rules:
On shelf recalls allowed ( If any unavailable / If all unavailable ) = If all unavailable
91. Check out Item A to Borrower B.
92. Log in to the OPAC as Borrower A and go to Biblio A.
93. Click the 'Place recall' button. Confirm there is a message that there are no items to recall. This is because On shelf recalls allowed = If all unavailable, and there is still one item (Item B) available.
94. In the staff client, edit Item B to have a withdrawn, item lost or not for loan status.
95. Refresh the 'Place recall' page. Confirm you can now see the form to place a recall.
96. Place an item-level recall.
Pickup location: Branch A.
Recall not needed after (expiration date): whatever you want
Select 'recall a specific item'
Item B will not be selectable, and Item A should be selected by default.
Click confirm
97. In the staff client, edit Item B and remove the lost or missing status.
98. Check in Item B. Confirm the recall box does not pop up, because it cannot fill the item-level recall.
99. Check in Item A. Confirm the recall as waiting.
100. Go to Circulation -> Recalls awaiting pickup
101. Expire the recall. Confirm it expires as expected.
ITEM-LEVEL RECALL, TRANSFER REQUIRED
102. Repeat steps 91 to 95.
103. Place an item-level recall.
Pickup location: Branch B, we will require a transfer.
Recall not needed after (expiration date): whatever you want
Select 'recall a specific item'
Item B will not be selectable, and Item A should be selected by default.
Click confirm
104. In the staff client, check in Item A. Confirm the recall and trigger the transfer.
105. Set your library to Branch B and check in Item A.
106. Confirm the recall as waiting.
107. Check out Item A to Borrower A and fulfill the recall.
108. Set your library back to Branch A and check in Item A.
CRONJOBS: EXPIRING RECALL
109. Check out Item A to Borrower B.
110. Log in to the OPAC as Borrower A. Place a recall (any level) on Biblio A.
111. In your terminal, enter mysql and edit the expiration date of your recall to be before today
UPDATE recalls SET expirationdate = NOW()-2 WHERE recall_id = X;
112. Run the expiry cronjob from within your shell
perl misc/cronjobs/recalls/expire_recalls.pl
113. Go to Borrower A's account and go to the Recalls history tab
114. Confirm the recall has been expired because the current date surpassed the specified expiration date
115. Check out Item A to Borrower B.
116. Log in to the OPAC as Borrower A. Place a recall (any level) on Biblio A.
117. In the staff client, check in Item A and confirm the recall as waiting.
118. In your terminal, enter mysql and edit the waiting date of your recall to be before today
UPDATE recalls SET waitingdate = NOW() - interval 5 day WHERE recall_id = X;
119. Run the expiry cronjob from within your shell
perl misc/cronjobs/recalls/expire_recalls.pl
120. Go to Borrower A's account and go to the Recalls history tab
121. Confirm the recall has been expired because the recall had been waiting for more days than the Recall pickup period
122. Go to Administration -> circulation rules. Set the following rules:
Recall pickup period (days) = 0
123. Set the RecallsMaxPickUpDelay system preference = 1.
124. Check out Item A to Borrower B.
125. Log in to the OPAC as Borrower A. Place a recall (any level) on Biblio A.
126. In the staff client, check in Item A and confirm the recall as waiting.
127. In your terminal, enter mysql and edit the waiting date of your recall to be before today
UPDATE recalls SET waitingdate = NOW()-2 WHERE recall_id = X;
128. Run the expiry cronjob from within your shell
perl misc/cronjobs/recalls/expire_recalls.pl
129. Go to Borrower A's account and go to the Recalls history tab
130. Confirm the recall has been expired because the recall had been waiting for more days than the RecallsMaxPickUpDelay syspref
CRONJOBS: OVERDUE RECALL
131. Check out Item A to Borrower B
132. Log in to the OPAC as Borrower A. Place a recall (any level) on Biblio A.
133. In your terminal, enter mysql and edit the due date of the checkout to Borrower B to be before today
UPDATE issues SET date_due = NOW()-2 WHERE issue_id = X;
134. Run the overdue cronjob from within your shell
perl misc/cronjobs/recall/overdue_recalls.pl
135. Go to Circulation -> Overdue recalls
136. Confirm your recall is showing here now as the recall has been marked Overdue
CIRCULATION
137. Check in Item A.
138. When the recall box pops up, click Ignore.
139. Check out Item A to Borrower B. You should see a yellow confirmation box, saying that another borrower has recalled the item you are trying to check out.
140. Click "No don't check out" and confirm the item isn't checked out and the recall remains.
141. Repeat Step 139.
142. Click "Yes check out" and confirm the item is checked out and the recall remains.
143. When Borrower B's checkout table loads, confirm that you cannot renew or check in the item from the Checkouts table because there is a 'Recalled' link which takes you to the recalls tab for that biblio.
144. Repeat Steps 137-139.
145. Select "Cancel recall" and click "Yes check out" and confirm the item is checked out and the recall has been cancelled.
146. Log in to the OPAC as Borrower A. Place a recall (any level) on Biblio A.
147. Check in Item A. Confirm the recall as waiting.
148. Check out Item A to Borrower B. You should see a yellow confirmation box, saying that that another borrower has recalled the item that you are trying to check out.
149. Select "Revert waiting status" and click "Yes check out" and confirm the item is checked out and the recall status has reverted to requested.
OTHER
150. In your terminal, enter mysql and edit the due date of the checkout to Borrower B to be before today
UPDATE issues SET date_due = NOW()-2 WHERE issue_id = X;
151. Go to Borrower A's recalls and click the Actions dropdown.
152. Click "Mark as overdue" and confirm the recall is marked as overdue manually.
153. Go to Tools -> Log Viewer. Check only the Recalls module, and leave all other parameters, and click Submit.
154. Confirm all of the recalls actions that have been made are correctly logged.
Note: recalls messaging preferences are introduced in Bug 23781.
The recall feature is fully documented at: https://wiki.koha-community.org/wiki/Catalyst_IT_Recalls
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
On bug 29844 we decided to remove wantarray from Koha::Objects->search.
Reviewing the difference occurrences I found some unnecessary uses of ->as_list,
where iterators should be used instead.
This patch only removes the obvious places, not the tricky ones.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
and some more...
There are lot of inconsistencies in our ->search calls. We could
simplify some of them, but not in this patch. Here we want to prevent
regressions as much as possible and so don't add unecessary changes.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We should respect group restrictions here.
Test plan:
Create a patron from another group of libraries and don't let them
access info from patrons outside of this group.
Access the following link and confirm that you can see the image only
for patrons from their group
/cgi-bin/koha/members/patronimage.pl?borrowernumber=XX
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The patron images is displayed on the 'circulation' and 'members'
modules.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch removes a noisy warning found in production logs.
To test:
1. Run:
$ tail -f /var/log/koha/kohadev/plack-intranet-error.log
2. Open the 'Accounting' tab for a patron, then click on 'Transactions'
=> FAIL: You see this kind of warning in the logs:
[WARN] CGI::param called in list context from...
3. Apply this patch
4. Repeat 2 (change tab and go back)
=> SUCCESS: No more warning!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the call to cancel such that we pass the currently
logged in users borrowernumber instead of their userid.
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>