This patch makes sure that the added granular permissions work as
advertised.
Note: The field owner was not included in the Koha::Upload->get response.
The code to verify if a user is allowed to delete an upload, is concentrated
in the template now. When get returns a Koha::Object, this check could be
relocated.
Test plan:
[1] Verify that the current user has permission for tools, or has
at least upload_general_files.
[2] Do you see Upload in the Tools menu? Follow the link.
[3] Upload a permanent file (with a category).
[4] Do you see the Delete button in the results form?
[5] Make sure that another user has no permission to upload.
[6] Login as that user and check the Tools menu.
Try the URL [yourserver]/cgi-bin/koha/tools/upload.pl
You should have no access to the upload form.
[7] Enable upload_general_files for this user. Go to upload and search for
the upload from step 3. You should not see a Delete button.
[8] Enable upload_manage for this user. Search for the upload again.
Delete the upload.
[9] Go to upload via the Cataloguing editor (856$u plugin) or add
parameter "plugin=1" to the URL. You should not see the Tools menu.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
This patch makes the following changes to achieve that:
[1] Use Upload.pm in stage-marc-import.pl, upload-cover-image.pl,
offline_circ/process_koc.pl and enqueue_koc.pl.
[2] A new file-upload.js replaces file-upload.inc in the associated template.
We now use ajax to get progress figures instead of launching perl script
upload-file-progress.
The js changes now also allow for aborting a file upload.
[3] Adds a tools/upload script and template. It allows to upload multiple
files at once.
[4] Makes upload-file return error messages in JSON. For a multiple upload,
we could have some files with errors and others without errors.
The upload is now marked as Failed only if there was no upload at all.
[5] The upload plugin is converted to use tools/upload with plugin param.
Deleting an upload is now presented via the search results form.
NOTE: In editing the process_koc.tt I noticed that the form enqueuefile was
hidden and no longer used (with associated code in process_koc.pl). When a
file has been uploaded, I display the form again (with the Apply directly
button). The code still works.
NOTE: We fix an error in upload-file from one of the patches of bug 6874.
The userid of the Koha admin user is passed to haspermission, but we
should pick the userid from the session.
NOTE: Bug 14686 will add a specific permission for tools/upload.pl, and
will add the tools/upload script to the Tools menu.
For now, you need edit_catalogue to start upload.pl and you will
additionally need a permission like upload_local_cover_images
to successfully upload a new file.
Test plan:
[1] Upload a marc file in stage-marc-import. (This is temp storage.)
[2] Check new entry in table uploaded_files. Look for the file in your
temporary directory (/tmp ?), subfolder koha_upload.
Bonus: Remove permissions on this subfolder. Retry, check error and
restore permissions again.
[3] Upload another (larger) file and abort the upload. Check table and
directory again. You should have a partial file, but no record.
[4] Verify that Stage for import still works as expected.
[5] Test Upload local cover image. (Enable OPACLocalCoverImages.) You can
test an individual image or a zip file including images and a file
called datalink.txt (with lines biblionumber,filename).
[6] Test uploading a offline circulation file:
Enable AllowOfflineCirculation, and create a koc file (plain text):
Line1: Version=1.0\tA=1\tB=2
Line2: 2015-08-06 08:00:00 345\treturn\t[barcode]
Note: Replace tabs and barcode. The number of tabs is essential!
Checkout the item with your barcode.
Go to Offline circulation file upload. Upload and click Apply directly.
Checkout again. Upload again, click Add to offline circulation queue.
[7] Upload three files via tools/upload.pl with a category and marked as
public. Check the results in the table.
Verify that you can download the file in OPAC without being logged in.
[8] Pick one new file and one of the files of step 7. Upload them in the
same category. One upload should succeed. Check for reported error.
[9] Connect upload.pl to field 856$u.
Goto Cataloguing editor.
In an empty 856$u, click the tag editor. Upload a file and click Choose.
Save the record. Open the record in the OPAC and click the link.
Copy this link to your clipboard for next step.
[A] Go back to editor. Click the tag editor on the same 856 field.
Choose for Delete.
Open the link in your clipboard again. Error message?
[B] Check the process of upload, search, download and delete of an upload
with some diacritical characters in the filename. (Bonus points for
adding special chars in the category code.)
Note: You can add categories via authorized values, UPLOAD key.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Bug 14321: [QA Follow-up] Perltidy upload.pl
Run perltidy -pro=xt/perltidyrc on tools/upload.pl.
No other changes.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>