Those 2 filters should return safe output as well
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch adds a new method mock_userenv from t::lib::Mocks in order to
simplify the mock of the userenv.
Test plan:
prove all the test files modified by this patch
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
We certainly should not expect this filter to be used much for href, but
we have one occurrence that needs it.
Test plan:
t/template_filters.t and xt/find-missing-filters.t must return green
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Stephen Graham <s.graham4@herts.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Stephen Graham <s.graham4@herts.ac.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
With strict SQL modes we now have TestBuilder tests that fail randomly with:
Out of range value for column 'tax_rate_on_receiving'
Out of range value for column 'discount'
We are trying to insert a value that is too high for the type defined at DB level.
It happens for discount when a value > 100 is generated. The datatype is float(6,4).
From the MySQL Doc:
"""
MySQL permits a nonstandard syntax: FLOAT(M,D) or REAL(M,D) or DOUBLE PRECISION(M,D).
Here, (M,D) means than values can be stored with up to M digits in total, of which D digits may be after the decimal point.
"""
So float(6,4) does not allow 100.
To recreate easily the issue:
use t::lib::TestBuilder;
my $builder = t::lib::TestBuilder->new;
$builder->build( { source => 'Aqorder', value => { discount => 100 } } )->{discount};
To make sure this patch fixes the issue you can use this script:
use Modern::Perl;
use t::lib::TestBuilder;
my $builder = t::lib::TestBuilder->new;
my ( $real, $i ) = ( 0, 0 );
while ( $real < 100 ) {
$real = $builder->_gen_real( { info => { size => [ 6, 4 ] } } );
warn $i++;
}
warn "$i - $real";
Test plan:
0/ Does not apply this patch
1/ Run the snippet above
2/ Confirm that it fails quite quickly (constantly before 500 for me)
3/ Apply this patch
4/ Run again the script
5/ Confirm that it is stuck in an infinite loop
6/ CTRL-C :D
QA Note:
Other _gen_* subroutine may need a fix, but we will wait for them to fail
TODO:
1. Add JS check to the interface to prevent the use to enter a value > 100
2. Allow '100' as a valid value for discount (?)
Followed test plan, patch worked as described
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
See bug 21526 comments 5-7
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Only the first TT params in a href was taken into account.
This also takes care to replace into href attributes only (for instance not
title, etc.)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The QA script call 'missing_filters', it sounds better to keep it in
order to avoid fixing it and have a weird condition (if
module->can('subroutine_name')) to maintain
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
See bug 13618 and bug 21526.
We need a script to add missing filters, or replace wrong ones.
Test plan:
- Add unescaped variables to .tt files
- prove xt/find-missing-filters.t
will warn about them
- perl misc/devel/add_missing_filters.pl
will add the missing/wrong filters
- prove xt/find-missing-filters.t
will now be happy
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
We should have plugin hooks for the staff interface just like we have for the OPAC as detailed on bug 20181.
Test Plan:
1) Apply this patch
2) Download and install the Kitchen Sink plugin ( v2.1.19 or later )
https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases/download/v2.1.19/koha-plugin-kitchen-sink-v2.1.19.kpz
3) Install the plugin
4) Restart all the things if you can ( restart_all if you are using kohadevbox )
This will ensure the plugin takes effect right away, it should be
necessary but it won't hurt anything!
5) Load the staff intranet, notice you get an console error log message and the background
for your staff intranet is now orange ( assuming you've not customized the
staff intranet in any way )
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Test plan:
- Apply first patch
- Confirm that tests is failing (t/template_filters.t)
- Apply second patch
- Confirm that tests return green
- Apply last patch
- Confirm that prices are displayed correctly
QA step:
Edit a template and add the following 2 lines:
[% SET p = '<script>alert("foo");</script>' %]
[% x | $Price %]
=> Display '0.00'
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
To make it reusable easily from QA test tools
https://gitlab.com/koha-community/qa-test-tools/issues/3
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
It would be nice if plugins had an upgrade method to handle altering tables and such when a new version of a plugin is installed. Right now it must be done in a completely bespoke manner.
Test Plan:
1) Apply this patch
2) Download the 2 most recent releases of the Kitchen Sink plugin
https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases
3) Install the earlier release
4) Look at the configuration page, at the bottom it should say the
plugin has never been upgraded
5) Install the newer release
6) Reload the configuration page, it should now say that the plugin
was upgraded and give you the date and time of the upgrade
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This path implements unit tests for the route-from-plugin development.
It adds the required methods to the Koha::Plugin::Test plugin
distributed along with the tests. A second plugin implementing invalid
OpenAPI specs is added (Koha::Plugin::BadAPIRoute).
Edit: I made terminology changes to make it less rude.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
It is a real pain to debug selenium errors, especially when it is
not reproducible locally.
This patch capture a screenshot when an error occurred and upload it
using the excellent lut.im service provided by framasoft
(We could host our own later).
Test plan:
Modify a selenium script to make it fails (search for find_element)
You will see a stack trace followed by a link to framapic.org
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch reuses the method newly added to Selenium.pm and improve
existing tests.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If items.restricted == 1, CanBookBeIssued will not returned what we are
testing.
The easiest and global fix is to define a default value at TestBuilder
package level
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Element id=doc does not longer exist on the admin home page
The "main block" need to be localized using the new class 'main
container-fluid'
We will certainly need to improve this later.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The tricky part here was to find an alternative for ends-with in Xpath
version 1
Indeed there are 2 button with
"/admin/authorised_values.pl?op=add_form", and the first one was picked
(/admin/authorised_values.pl?op=add_form&category=Asort1)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To make it reusable easily.
Test plan:
The basic_workflow.t tests should still pass after this change.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix for:
Out of range value for column 'amount'
t/db_dependent/Circulation/Chargelostitem.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix for:
Data too long for column 'proccode'
t/db_dependent/Accounts.t
FIXME LATER - It's a varchar(4), must be integer!
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix for:
Field 'marcxml' doesn't have a default value
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix for:
Out of range value for column 'tax_rate'
t/db_dependent/Koha/Acquisition/Basket.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix error:
Out of range value for column 'amount'
DBD::mysql::st execute failed: Out of range value for column 'amount' at
row 1 [for Statement "INSERT INTO `account_offsets` ( `amount`,
`debit_id`, `type`) VALUES ( ?, ?, ? )" with ParamValues:
0=7925469795795194609664.000000, 1='10', 2='Manual Debit'] at
/usr/share/perl5/DBIx/Class/Storage/DBI.pm line 1832.
7925469795795194609664.000000
=> Should be lower anyway
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
For instance items.replacementprice is decimal(8,2) but more than 2 decimals are generated.
It leads to issues when we compare expected objects:
# got: '135623.866142537'
# expected: '135623.87'
Test plan:
prove t/db_dependent/TestBuilder.t
must return green
Signed-off-by: Dominic Pichette <dominic@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Somehow I have the feeling that we should allow more decimals sometimes
and perhaps have a number of decimals parameter or so. Think of fields
like currency or discount.
But the current issues justify this change.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
# Failed test 'borrowers.updated_on should have been set to now on creating'
# at t/db_dependent/Patrons.t line 74.
# got: '2017-08-10T20:53:03'
# expected: '2017-08-10T20:53:04'
# Looks like you failed 1 test of 17.
[20:53:15] t/db_dependent/Patrons.t .....................................
The plan here is to compare the number of seconds between two dates.
If < 60 the dates are consired as identicals.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
String::Random version 0.26 (on Jessie) does not yet support the rand_gen
parameter (0.27 does, newest is 0.29 on CPAN now).
So alt_rand is only used in determining the size on Jessie.
That might be enough though.
Adding a documention line in this regard.
Removing the obsolete max parameter.
Note: I timed alt_rand for the creation of a new Bytes::Random::Secure
object each time. But each call is about 0.1 milliseconds. So that
should be fine.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Use Bytes::Random::Secure instead of perl rand.
Return a string from 50 to 100% of $size.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When an id is generated by TestBuilder (branchcode for instance) and the
size of the generated string is 1, we have too many chances to get
"Violation of unique constraint in Branch".
This patch increases the number of retries to 5.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended to make room for follow-up.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When you do not supply a source and add a few wrong parameters, you
would not be warned. Because build simply returns undef.
Adding a carp and a test for that situation too.
Note: In the earlier subtest 'trivial tests' build was called without
source. This now generates a warning. We just catch if there is a warning
and test the actual warning itself later on.
Test plan:
Run t/db_dependent/TestBuilder.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Only value and source are allowed
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Makes TestBuilder::build() alert the user when unreognized
parameters are passed, which happens when the user supplies
the column values directly, forgetting the 'value' hash.
This patch holds the code changes. Examples of the kind of
errors that it catches are in the tests (separate patch).
Sponsored-By: Halland County Library
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 18314 causes t/db/SIP/Message.t to fail (quite often) since
TestBuilder fills login_attempts with a random number. (Note: Only
when FailedLoginAttempts is non-zero.)
Trivial fix: TestBuilder should have a zero default for login_attempts.
Test plan:
Do not yet apply this patch.
Set pref FailedLoginAttempts to say 3.
Run t/db_dependent/SIP/Message.t. Might fail on the password test (CQ).
Apply this patch.
Run t/db_dependent/SIP/Message.t again. Does not fail anymore.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
