I think instead of a plain on/off switch we should use it in combination
with the plugin_repo's and set it to restrict to only those repos' (i.e.
disable uploads entirely if no repo's are listed, or just allow those
repo's when there are).
This patch achieves that, but only if plugins are installed via the
plugin browser method. We disable all direct upload avenues, so install
is blocked for other cases.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
When plugin browser upload is disabled, also prevent plugin browser
uninstall.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If plugin upload is disabled, but there are git repositories listed in
the config for plugin searching, then you can search for a plugin and
attempt to install it. The install leads to an error page.
This patch removes the actions column and install button should the
enable_browser_upload option be disabled
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a enable_plugin_browser_upload flag to koha-conf.xml, which
controls whether or not Koha intranet users can upload Koha plugins via
their browser. Like "enable_plugins", it defaults to 0 for new installs.
This is useful when you want to provide Koha intranet users with plugins
that are pre-installed by administrators (by CLI) or restricting them
to plugins from a Github repo. See the following for more information:
Bug 23975 - Add ability to search and install plugins from GitHub
Bug 23191 - Administrators should be able to install plugins from the command line
To test:
1) Apply the full patchset
2) Confirm <enable_plugins>1</enable_plugins> is present in koha-conf.xml
3) Add <plugins_restricted>1</plugins_restricted> to koha-conf.xml
4) Ensure that the <plugin_repos> block is not commented and contains at
least one trusted organisation in koha-conf.xml
If needed get it from: debian/templates/koha-conf-site.xml.in
5) Run restart_all (in koha-testing-docker)
6) Go to /cgi-bin/koha/plugins/plugins-home.pl and note that you don't see
an option to upload plugins
7) You should however see a search option and upon search you should have
results returned from the chosen trusted organisations listed in the
<plugin_repos> block mentioned above.
8) Clicking install on one of the results should work as expected and install
the plugin.
9) Go directly to /cgi-bin/koha/plugins/plugins-upload.pl and note that it says
"Plugin upload is restricted to only those plugins listed by your server
administrator" and gives instructions on how to enable unrestricted browser
upload.
Signed-off-by: Nicolas Legrand <nicolas.legrand@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Rebased-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates plugin and point of sale templates so
that title tags can be more easily translated.
The patch also makes some minor changes to some templates to improve
consistency between page title, breadcrumb navigation, and page heading.
To test, apply the patch and confirm that the following pages have the
correct title tags:
- Administration ->
- Manage plugins
- Upload plugin
* With 'useplugins' set to 0 in koha-conf.xml you can navigate
directly to /cgi-bin/koha/plugins/plugins-home.pl to confirm that
the "Plugins disabled" page is shown.
With EnablePointOfSale and UseCashRegisters enabled:
- Point of sale
- Make a sale and print a receipt for the transaction
- Transaction history for [register]
- Cash summary for [library]
Signed-off-by: Andrew Auld <andrew.auld@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Update plugins-home accordingly if tool plugins only filter is being
used or not.
Update breadcrumbs for plugins-disabled page
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates icons which are listed as having changed names in
this document:
https://fontawesome.com/docs/web/setup/upgrade/upgrade-from-v4
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
Go go the plugin admin page
upload a plugin
Notice that the "Actions" column is not longuer sortable
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
In plugins table plugins/plugins-home.pl the status enable/disable is with the name, styled as a label.
With new interface ENABLED is yellow, this looks weird.
Also I bet this is bad for accessibility.
I propose to move this info to a dedicated column.
I use bootstrap classes bg-success and bg-warning like in about.pl
Test plan:
1) Install some plugins
2) Go to Administration > Manage plugins
3) Check you see table with column status
4) Disable a plugin
5) Check you see 'Disabled' in status
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates plugin management templates so that they use the new
WRAPPER for displaying breadcrumbs.
To test, apply the patch and test each page and its variations.
Breadcrumbs should look correct, and each link should be correct.
- In koha-conf.xml, look for "enable_plugins"
- If this is set to 0, plugins are disabled:
<enable_plugins>0</enable_plugins>
- Navigate directly to /cgi-bin/koha/plugins/plugins-home.pl, which
should say "Plugins disabled." Check the breadcrumbs on this page.
- Enable plugins by changing the settimg in koha-conf.xml to 1 (a
restart of services is required): <enable_plugins>1</enable_plugins>
- Go to Administration -> Manage plugins
- Test this page and the "Upload plugin" page.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch replaces some incorrect terminology in the plugins-home page.
The current terminology is available at https://wiki.koha-community.org/wiki/Terminology
To test:
0. Make sure you have no enhanced content plugins installed
1. Apply patch
2. Go to Administration > Manage plugins
3. Click 'View plugins by class'
--> Notice that one of the options is 'View bibliographic record enhancement
plugins for the staff interface'
4. Make sure this phrase is gramatically correct, makes sense and has no
typos
5. Click on that option
--> Notice that the message says 'No plugins that can enhance the bibliographic
records in the staff interface are installed'
6. Make sure this phrase is gramatically correct, makes sense and has no
typos
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the page section to div to the following administration pages:
admin/cash_registers.tt
admin/cities.tt
admin/credit_types.tt
admin/debit_types.tt
admin/patron-attr-types.tt
admin/restrictions.tt
plugins/plugins-home.tt
To test go the following pages and make sure everything looks good:
Administration > Cash registers. You must enable the sys pref 'UseCashRegisters'
Administration > Cities and towns.
Administration > Credit types
Administration > Debit types
Administration > Patron restrictions
Adminstration > Patron attribute types
Administration > Manage plugins
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
https://bugs.koha-community.org/show_bug.cgi?id=32082
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
What this patch does:
- change the navigation bar style
- change the breadcrumbs style
- change the "last borrower" link style
- move the search bar inside the navigation bar
- move the help link to the same row as the breadcrumbs
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch converts the table of plugins to a DataTable so that
it will have dynamic sorting, export options, and the quick search
field at the top of the table.
To test you should have more than one plugin installed.
- Apply the patch and go to Administration -> Manage plugins.
- The table should be styled as a DataTable, with the first column
sorted by default.
- At the top of the table you should see the number of entries,
a quick search form, and an export button.
- Confirm that the quick search form works to filter plugins by
name, description, author, etc.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Changed each of the pages in the offline_circ, patroncards, plugins,
pos, reserve, rotating_collections folders to have one <h1> tag showing
that describes the page, rather than the <h1> describing the logo.
The hierarchy of heading tags may be broken in many pages, but this
will be dealt with in an additional bug.
To test:
1) Go to the Staff Client
2) Apply patch
3) Go to each of the pages in the offline_circ, patroncards, plugins,
pos, reserve, rotating_collections folders and check that they have
an obvious and descriptive heading
4) Ensure that the heading in the page is <h1>
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a new column to plugins search results: 'Latest
version'.
It takes the tag_name in both GitHub and GitLab cases and passes it to
the template.
To test:
1. Have this on your koha-conf.xml file:
<plugin_repos>
<repo>
<name>ByWater Solutions</name>
<org_name>bywatersolutions</org_name>
<service>github</service>
</repo>
<repo>
<name>Theke Solutions</name>
<org_name>thekesolutions</org_name>
<service>gitlab</service>
</repo>
<repo>
<name>PTFS Europe</name>
<org_name>ptfs-europe</org_name>
<service>github</service>
</repo>
</plugin_repos>
2. Restart all services:
$ restart_all
3. Search for the term 'barclaycard'
=> SUCCESS: You get results from PTFS Europe (Github)
=> FAIL: They don't include plugin version
4. Search for the term 'innreach'
=> SUCCESS: You get results from Theke (Gitlab)
=> FAIL: They don't include plugin version
5. Apply this patch
6. Repeat 2-4
=> SUCCESS: Results show up
=> SUCCESS: Results include the plugin version
7. Sign off :-D
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When you install a plugin that requires a newer Koha version, it reports
this:
<<
Warning: This report was written for a newer version of Koha. Run at your own risk.
>>
It is wrong in a couple ways:
- It is not a report.
- It feels like it dates back to when plugins were only run i.e.
pre-hooks, etc.
This patch proposes a change to reflect this.
To test:
1. Verify the string changes make sense to you
2. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Swapped the order of the page titles to have the unique information
first, i.e. the name of the specific page displays first, and the name of the website (e.g. Koha) displays at the end.
To test:
1) Apply patch
2) Ensure each of the files in the plugins and pos folders are swapped around to display the most unique information first, and the website name is at the end
3) Ensure the pages displayed on the Staff Client that correspond to
these files also display the changes
Sponsored-by: Catalyst IT
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Henry Bolshaw <bolshawh@parliament.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
I think the "breadcrumbs" ID is worth saving for past and future CSS
customization reasons.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Modified breadcrumbs to be accessible, in particular for a
screen-reader.
Made the block of breadcrumbs be a <nav aria label="Breadcrumb"
class="breadcrumb"> with an ordered list inside. The last breadcrumbs
also has aria-current="page" to specify that it is the current page.
To test:
1) Apply patch
2) Build scss file
3) Ensure each of the files in the offline_circ, patroncards,
patron_lists, plugins and pos folders have breadcrumbs that are in a
<nav aria label="Breadcrumb" class="breadcrumb"> block
4) Ensure that there is an ordered list in the block of breadcrumbs
5) Ensure that the last breadcrumb has aria-current="page"
6) Ensure that the breadcrumbs on each page of the staff client
belonging to these files look the same as before, but the '>' symbol
is replaced with '/' and the last breadcrumb has bold text
7) Ensure that when the last breadcrumb is clicked it takes you to
the page you are currently on
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch add the noExport class to all "Actions" columns in the
codebase.
It's a stupid search and replace, maybe the class is added to table
where there is no export button.
Test plan:
Search tables where the export button is available. Confirm that the
"Actions" columns is not exported.
Example: /admin/branches.pl, /admin/cities.pl
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds handling for the newly introduced 'errors' option in
GetPlugins and reports erroroneos plugins to the user.
To test:
1 - Enable plugins in the koha-conf
2 - Install the kitchen sink plugin
3 - Your staff client should be orange now :-)
4 - The plugin should display as installed in the table at
tools/plugins.
5 - edit the plugin module
/var/lib/koha/kohadev/plugins/Koha/Plugin/Com/ByWaterSolutions/KitchenSink.pm
6 - Add a line to break compilation, like:
this won't compile
7 - Restart all
8 - Your Koha is not broken, but is no longer orange (The plugin is not
loading).
9 - The plugin should display as unable to load in the table at
tools/plugins.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
There is some confusion between the different locations and
libraries appearing in the GUI.
holdingbranch is sometimes labeled as current location
homebranch is sometimes labeled as permanent location
The patch fixes these occurences in various files:
- Item search form, results and export options
- MARC frameworks for en, fr-Fr, nb-NO, and pl-PL
- Holds awaiting pickup report
- Item display on order receive screen (create items on receive)
- OPAC system preference: OPACResultsLibrary
- Staff and OPAC detail pages
- Lost items report
- Rotating collections
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a "installed_plugins" ID to the table
of installed plugins.
The idea is that it will ease styling and DOM mods through Javascript.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
As promised, I am commenting out the configuration for git repositories
to use for searches by default prior to release. To enable the feature,
simply uncomment the relevant github repositories or add your own.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds more corrections missed in the first patch:
- Tools -> Patron clubs (in the Clubs table)
- Circulation -> Article requests (removed a couple of divs made
redundant by the re-used BLOCK)
- Tools -> Plugins home
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the required infrastructure to enable ILL availability
plugins to intercept the request creation process and, using the
supplied metadata, search for and display possible relevant items from
whichever availability plugins are installed.
Currently three availability plugins exist:
z39.50 - Searches any number of the Koha instance's configured Z targets
https://github.com/PTFS-Europe/koha-plugin-ill-avail-z3950
EDS - Searches the EBSCO Discovery Service
https://github.com/PTFS-Europe/koha-plugin-ill-avail-eds
Unpaywall - Searches the Unpaywall API for possible open access versions
of the requested item
https://github.com/PTFS-Europe/koha-plugin-ill-avail-unpaywall
The Unpaywall plugin is intended to serve as a "reference" plugin as the
API it deals with is extremely simple
Signed-off-by: Niamh Walker-Headon <Niamh.Walker-Headon@tudublin.ie>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes the search form button match the other buttons style,
and also adds the submit() action on click.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
It would be nice to be able to search and install plugins directly from GitHub ( and GitLab if possible ). This would make it easier to verify the authenticity of plugins and make discovering new plugins easier as well as making installation of plugins simpler.
Test Plan:
1) Apply this patch
2) Add the new block for plugin_repos to your koha-conf.xml
3) Restart all the things!
4) Browse to the plugins home page
5) Try searching for 'patrons' in the new search box
6) Verify you get results!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
At some point of history, the flag to indicate if a plugin was enabled/disabled was called "enabled", now it's called "is_enabled"
To test:
1) get a fresh master copy
2) Enable plugins
3) Install any plugin
CHECK => plugin appears as disabled
=> If you try to enable it, it just appears as disabled just the same
4) Apply this patch
5) Reload page
SUCCESS => plugin appears as enabled
=> enable / disable action works again
6) Sign off
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes a few minor markup improvements to the plugins home
page and corrects some CSS introduced by Bug 22053 which was having
unintended consequences elsewhere.
To test, apply the patch and rebuild the staff client CSS.
- You should have one or more plugins installed.
- Go to Administration -> Manage plugins.
- The "badges" for disabled and enabled should look correct.
- Go to Tools -> Staged MARC management and click on an batch.
- In the information about the batch, the labels should be bold.
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Test plan:
- apply this patch(es),
- launch an updatedabase,
- go to plugins/plugins-home.pl
and deal with enable/disable method
- install a plugin like KitchenSink
https://github.com/bywatersolutions/koha-plugin-kitchen-sink
- once installed, the plugin change the background color
of the staff client to orange.
- disable the plugin,
- background color should be set back to the original one
Rebased-on: 2019-03-25 Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch makes a number of changes in order to improve the way the
staff client's header menu adjusts at narrower browser widths:
- Updated version of Bootstrap 3.3.7 which includes the "collapse"
JavaScript plugin.
- Modified default Bootstrap CSS using Bootstrap's customization tool.
These changes facilitate the removal of some custom CSS (overriding
Bootstrap) from staff-global.scss.
- Added Bootstrap config file for loading customizations at
https://getbootstrap.com/docs/3.3/customize/
- Revised button classes for buttons in Bootstrap-styled toolbars.
The modified default CSS resets the base font size in Bootstrap to
better match our global CSS. A side-effect of this is that toolbar
buttons ended up looking smaller than they should. Changing the
button class solves this.
- Restructure the header menu in order to allow different rules to
govern the appearance of the navigational part of the menu
(Circulation, Search, etc) and the user menu (Set library, My
account, Log out).
- Modify the cart JS to so that the popup works well at narrow widths.
To test, apply the patch, regenerate the staff client CSS, and clear
your browser cache.
- Log in to the staff client and observe the layout of the header menu
as you adjust the browser to various widths.
- Confirm that sections of the menu "collapse" as the window gets
narrower.
- Confirm that dropdown menus behave correctly and that links work.
- Confirm that the Cart link works as expected when the cart empty
and when it has items.
- Install and enable multiple translations, including at least one
set of sub-languages (e.g. fr-FR and fr-CA).
- Test the appearance of the language menus in the footer at
various browser widths.
- View pages with button toolbars and confirm that they appear unchanged
(e.g. biblio detail page, patron detail page).
NOTE: While this patch is intended to make improvements to staff client
responsiveness, it does so within a limited scope. There are still many
pages which do not work well at narrower browser widths.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
To find this change:
1. Enable use plugins in global system preferences
2. Go to tools then click tool plugins
3. Verify that this string now says plugins
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch modifies several assorted templates to use the
Bootstrap grid instead of YUI.
This patch also removes obsolete "text/javascript" attributes from
<script> tags and "text/css" attributes from <style> tags in the
modified templates.
To test, apply the patch and view the following pages, confirming that
they look correct at various browser widths:
- Administration -> Plugins
- Tools -> Comments
- Acquisitions -> Suggestions
- Lists
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This commit adds hooks into cat-toolbar.inc to allow the display of
arbitrary buttons as supplied by plugins within the
intranet_catalog_biblio_enhancements class that provide the method
get_toolbar_button
To test:
1) Download the plugin from
https://github.com/PTFS-Europe/cla-permissions-check-plugin
2) Follow the installation instructions from:
https://github.com/PTFS-Europe/cla-permissions-check-plugin
3) TEST: Observe that the "CLA Check Permissions" button takes the user
to the Check Permissions page and a modal displays containing the
results of the query
4) Remove the API key from the plugin "Configuration" page
5) TEST: Ensure that the "CLA Check Permissions" button takes the user
to the Check Permissions page and message displays informing the user
that "Did not receive required request parameters"
https://bugs.koha-community.org/show_bug.cgi?id=20968
Signed-off-by: Stephen Graham <s.graham4@herts.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The CSS for <div class="error"> is obsolete and should not be used. This
patch removes the definition from the main CSS file and corrects
instances of its use in the templates to the standard <div class="dialog
alert">.
To test:
- In Acquisitions -> Late orders, locate an order from a vendor which
doesn't have an email address. Selecting that order and clicking
"Claim" should trigger an error dialog, "This vendor has no email." It
should be styled correctly.
- With AcqCreateItem set to "when placing an order," add to an existing
order using the "From a new (empty) record" option. Add two items with
identical barcodes and submit the form. A error should show at
the top of the page.
- With AcqCreateItem set to "when receiving an order," receive an order
and add two items with identical barcodes. Submitting the form should
trigger an error message at the top of the page.
With the remaining cases I don't know how to trigger the errors in
question, so a visual check of the changes may be required:
- Administration -> Funds -> "You are not authorized to modify this
fund"
- Administration -> Search engine configuration
(/admin/searchengine/elasticsearch/mappgings.pl) -> Various
modification errors.
- With the AutoEmailOpacUser preference set to "send," adding a patron
without an email address can trigger an error, "This member has no
email."
- With plugins enabled, and installed, there are error messages
displayed under various circumstances.
Signed-off-by: Andrew Isherwood <andrew.isherwood@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch has been generated with the script provided on bug 21576.
It only affects variable used in the href attribute of a link *when*
href it the first attribute of the node (grep "a href")
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
mechanism, it will be tedious
This patch:
- adds a Template::Toolkit plugin that generates <script> and
<link> tags for JS and CSS files, and inserts automatically the Koha
version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable
Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
checking your browser's dev tools (there should be no 404 for JS and
CSS files, and the Koha version should appear in filenames) and the
server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The plugins handling code expects plugins implementing an 'uninstall' method for
cleanup purposes. It executes this method, and then moves on with removing the
configuration entries in the storage, and the plugin itself.
But the 'plugins-home.tt' template makes the tool display the 'Uninstall'
link in the dropdown ONLY when the plugin has the 'uninstall' method.
This patch fixes the issue.
To reproduce:
- Install the KitchenSink plugin [1]
=> SUCCESS: The 'actions' dropdown for KitchenSink shows an 'Uninstall' option
- Edit the code for the plugin:
$ sudo vim /var/lib/koha/kohadev/plugins/Koha/Plugin/Com/ByWaterSolutions/KitchenSink.pm
- Remove the uninstall sub
- Restart everything:
$ restart_all
- Reload the browser
=> FAIL: There's no 'Uninstall' option in the actions dropdown.
- Apply this patch
- Restart everything
$ restart_all
- Reload the browser
=> SUCCESS: The 'actions' dropdown for KitchenSink shows an 'Uninstall' option
- Sign off :-D
[1] https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the staff client plugins template so that
JavaScript is included in the footer instead of the header.
To test, apply the patch and test the JavaScript-driven features of
the modified template:
- The plugins link should be bold in the sidebar menu.
- Choosing "Uninstall" for an installed plugin should trigger a
confirmation alert.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>