This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"
Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works
14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works
20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
from debian and /etc koha-conf.xml files
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch changes the default SSLProtocol for the Let's Encrypt
HTTPS template, so that it enables in use versions of TLS while
disabling the deprecated versions of TLS.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Solutions inLibro started formating its repository to be found by Bug
23975. This patch adds it to the default list in the config template.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Finally! No more occurrences of this module, we can happily remove it!
Test plan:
git grep is your friend
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The last occurrence of C4::BackgroundJob is in process_koc.pl that is used to upload a file.
Added by bug 2608 (15 years ago), I think it does not longer make sense as networks are faster, and we should not expect big koc files to be uploaded.
If there are complains we will move it to Koha::BackgroundJob.
Test plan:
Upload a koc file, enqueue the operations and confirm that everything is
working correctly
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Prior to Koha 22.05, the SIP2 item information message had a side affect of updating the datelastseen field for items. This bug has been fixed, but was being utilized by inventory tools that used SIP2. We should bring back this affect and formalize it as an optional SIP2 config account setting.
Test Plan:
1) Apply this patch set
2) prove t/db_dependent/SIP/Message.t
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
We already tested it. Just look at changes in this patch.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the default partner category used by the partner_code config to be in line with sample data in sample_patrons.yml
Preparation:
Apply patch
Enable ILLModule sys pref
Install an ILL backend (e.g. FreeForm)
Add this change to your koha-conf.xml
Flush, restart.
Search for patron of category inter-library loan and assign a primary e-mail address to it
Test plan:
Create an ILL request and click 'place request with partners'
Verify that the 'select partner libraries' has the correct patron of IL category
Run tests and ensure they pass:
prove t/db_dependent/Illrequest/Config.t
prove t/Koha/Config.t
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Right now background_jobs_worker.pl only processes jobs in serial. It would make sense to handle jobs in parallel up to a user definable limit.
Test Plan:
1) Apply this patch
2) Stop background_jobs_worker.pl
3) Generate some background jobs by editing records, placing holds, etc
4) Watch processes in a new terminal: watch -n 0.1 'ps aux | grep background_jobs_worker.pl'
5) Run background_jobs_worker.pl with parameter -m 3 or some other
number of max processes
6) Note the multiple forked processes in the ps output
Test notes - also tested the following on KTD:
1. Stop background_jobs_worker.pl
2. Edit /etc/koha/sites/kohadev/koha-conf.xml - set max_processes to 10
3. Generate some background jobs
4. Watch processes in a new terminal: watch -n 0.1 'ps aux | grep background_jobs_worker.pl'
5. Restart all
6. Confirm multiple forked processes in the ps output
Both methods work as expected and generate multiple forked processes
based on the value set for max processes.
Signed-off-by: emlam <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
On bug 32594 we are adding a new worker, dedicated to Elastic indexing.
We should have a common place for workers, and we agreed on misc/workers
To test:
1 - Apply patch
2 - reset_all in koha testing docker
3 - ps aux | grep background
4 - Confirm the workers are running, and running in the new directory
5 - Perform a batch item modification
6 - Ensure the job is processed by the worker
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This is going to be awesome!
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The PLACKOPAC, PLACKAPI and PLACKINTRANET appenders still need %n
(i.e. a newline). Note that this patch does not add %l since it
is a bit confusing because it adds a lot of Plack internal noise like:
[2022/09/29 08:51:34] [WARN] Test mainpage CGI::Compile::ROOT::usr_share_koha_mainpage_2epl::__ANON__ /usr/share/koha/mainpage.pl (49)
The patch is a result of:
git grep -l "log4perl.appender.PLACK" | xargs sed -i -e"/ConversionPattern/ s/%m$/%m%n/"
Test plan:
First run: sed -i -e"/ConversionPattern/ s/%m$/%m%n/" /etc/koha/sites/[YOUR_CLONE]/log4perl.conf
Edit that file, change PLACKOPAC to debug level like:
log4perl.logger.plack-opac = DEBUG, PLACKOPAC
Restart.
Hit an OPAC page twice.
Check plack-opac logfile and verify that it contains a newline between last two messages like:
[2022/09/29 08:04:30] [DEBUG] kohaversion : 22.0600054
[2022/09/29 08:04:42] [DEBUG] kohaversion : 22.0600054
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds <zebra_connection_timeout>30</zebra_connection_timeout>
to the koha-conf.xml file.
Sometimes, a Zebra search might take longer than 30 seconds. If it does,
Koha will say that 0 records have been found. While slow searching
is not desirable, it's more desirable to get the result set regardless.
Test plan:
0. Apply patch
1. Add <zebra_connection_timeout>.1</zebra_connection_timeout> to
your relevant koha-conf.xml file (e.g. /etc/koha/sites/kohadev/koha-conf.xml)
2. echo 'flush_all' | nc -q 1 memcached 11211
3. koha-plack --restart kohadev
4. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=test
5. Note that no results are returned
6. Change zebra_connection_timeout to 30
7. echo 'flush_all' | nc -q 1 memcached 11211
8. koha-plack --restart kohadev
9a. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=test
9b. Note that 3 results are returned
10. Remove zebra_connection_timeout from koha-conf.xml
11. echo 'flush_all' | nc -q 1 memcached 11211
12. koha-plack --restart kohadev
13a. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=test
13b. Note that 3 results are returned
14. Celebrate
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
As requested by Jonathan, we need more flexibility ;)
Here it comes.
Test plan:
Run t/CookieManager.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
Add this change to your koha-conf.xml.
Flush, restart.
Test if the cookie is kept now in the interface.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
In Koha, any report that uses C4::Reports::Guided will be limited to 999,999 rows. This is causing problems for larger libraries where some reports may have over a million results.
Test Plan:
1) Create a report "SELECT * FROM borrowers" and run it, note the number
of results
2) Apply this patch
3) Add the line `<report_results_limit>3</report_results_limit>`
within the <config> block of your koha-conf.xml
4) Restart all the things!
5) Run the report, download the results as a CSV
6) Note your CSV only has 4 lines, the header and 3 patrons
Signed-off-by: Rachael Laritz <rachael.laritz@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a new option to the SIP config, allowing for hold
capture to be disabled on difference devices. We still notice the hold
and alert the user, but we do not trigger the update in the system to
mark the hold as found (waiting, processing or in transit).
Sponsored-by: Cheshire Libraries Shared Services
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
As requested on comment99. Personally I do not feel that it
should be a requirement for adding a koha-conf entry though.
Note that koha-create does/did not even support adding multiple
line entries to koha-conf like we do here now.
But it might be a start for adding them?
Test plan:
The following tweak might help you to test without running the
complete koha-create, while still convincing you:
[1] cp debian/templates/koha-conf-site.xml.in /etc/koha/test.conf
[2] Add the following line in debian/scripts/koha-create. Append
if after the BCRYPT_SETTINGS= line on L652:
generate_config_file test.conf test.xml; exit
[3] Run debian/scripts/koha-create --keep-cookie A
[4] Check if you see <do_not_remove_cookie>A<..> in test.xml.
[5] Run debian/scripts/koha-create --keep-cookie A --keep-cookie B
[6] Check for two lines in test.xml
[7] Run debian/scripts/koha-create clone_name
[8] Check that the __KEEP_COOKIE__ line is gone in test.xml.
[9] Undo the tweak by removing test.xml and /etc/koha/test.conf,
and removing the added line from koha-create.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Just comments. Nothing to test.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: using new name for deny list.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 15253 originally had the ability to specify the incoming IP address used for
a given log statement via SIP, as well as the SIP2 account that was in use at the time.
This data is very helpful for debugging purposes, and should be brought back.
Test Plan:
1) Apply this patch
2) Update you SIP ConversionPattern to "[%d] [%p] %X{accountid}@%X{peeraddr}: %m %l %n"
3) Restart SIP
4) Use the SIP cli tester to make some SIP requests
5) View the SIP2 log, note the account id and client ip address show in the log!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Trivial change.
Do sed -i -r -e'/log4perl/ s/\s%n$/%n/' on the log4perl configs.
Test plan:
Update your own config.
Trigger some logging and check that logfile.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the User directive to the koha-worker systemd unit file
Test plan:
0a. DO NOT APPLY PATCH YET
0b. Start a Koha testing environment running systemd
1. koha-worker --stop kohadev
2. cp debian/templates/koha-worker@.service /etc/systemd/system/.
3. systemctl start koha-worker@kohadev.service
4. ps -efww | grep "background_jobs_worker"
5. Note koha-worker is running as root
6. APPLY THE PATCH
7. cp debian/templates/koha-worker@.service /etc/systemd/system/.
8. systemctl daemon-reload
9. systemctl restart koha-worker@kohadev.service
10. ps -efww | grep "background_jobs_worker"
11. Note that koha-worker is now running as kohadev-koha
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds `%P` to the SIP log4perl configuration so that PID is
recorded against log lines.
This allows transactions to be more easily tied together under one
SIPServer, thus making it easier to pick out a whole transaction from
start to finish.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The connection details for the message broker should be configurable.
This patch adds configuration options to koha-conf.xml. If they
are not specified, then default connection details will be used.
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It seems that we don't really need all this overhead.
YesNo must be a boolean and contain 1 or 0.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch changes the SyslogIdentifier so that it matches
the style used by koha-worker.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
While the packages already have a koha-zebra script that creates a service
using the 'daemon' utility, this unit file template provides an alternative.
Note that currently you'd have to start the service using the following:
```systemctl start koha-worker@NAME.service```
Where NAME is the name of your Koha instance.
The systemctl enable/start commands could be automated more with helper
scripts in debian/scripts, but this is a first step.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This feature is not used as far as we know and it's not known to work.
It's preferable to remove it.
Test plan:
Make sure the OpacGroupResults pref code is removed, as well as the
PazPar2 files and code.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch uses the ErrorDocument middleware to use Koha's
custom error pages instead of generic Plack error responses
Test plan:
0. Apply patch
1. vi /usr/sbin/koha-plack (and change "development" to "deployment")
2. vi ./opac/opac-main.pl
3. Add "die" to line 2
4. vi ./mainpage.pl
5. Add "die" to line 2
6. cp ./debian/templates/plack.psgi /etc/koha/sites/kohadev/plack.psgi
7. koha-plack --restart kohadev
8. Go to http://localhost:8080/cgi-bin/koha/opac-main.pl
9. See a beautiful OPAC 500 error instead of "Internal Server Error"
10. Go to http://localhost:8080/cgi-bin/koha/blah.pl
11. See a beautiful OPAC 404 error instead of "not found"
12. Go to http://localhost:8081/cgi-bin/koha/mainpage.pl
13. See a beautiful Staff interface 500 error instead of "Internal Server Error"
14. Go to http://localhost:8081/cgi-bin/koha/blah.pl
15. See a beautiful Staff interface 404 error instead of "not found"
For bonus points:
16. koha-plack --disable kohadev
17. koha-plack --stop kohadev
18. service apache restart
19. Repeat the above test plan to show CGI still works for 404 (although 500
will show "Software Error" due to C4::Context needing some improvements)
20. Using the "Network" tab on your developer tools, make sure 404 and 500
are returned by the appropriate error pages
Signed-off-by: Eden Bacani <eden.bacani@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Historically, we have used Apache rewrite directives to strip
query parameters with no arguments from the query
string (e.g. PARAM=&), and then redirect to the new URL.
However, this slows down user activity, and depending on your
HTTPS and proxy setup can cause suboptimal HTTP downgrades and
upgrades.
Test Plan:
0) Apply patch
1) Build Debian package
2) Install Debian package and reload Apache
3) Open developer tools on your favourite browser
4) Go to Network tab in developer tools
5) Go to /cgi-bin/koha/opac-main.pl
6) Search for "test"
7) Note a 200 status for "opac-search.pl?idx=&q=test"
If you got a 302 status for "opac-search.pl?idx=&q=test"
followed by a 200 status for "opac-search.pl?q=test", you
will know that your Apache configuration wasn't updated.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This follow-up updates the config flag to be consistent with bug 24449
and updates the debian template file to match too.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Sponsored-by: Theke Solutions
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When attempting to download large files from Koha plack can timeout
Excluding the script from plack is a simple fix until we have a more permanent fix for this
issue.
To test:
1 - Try to export your entire DB from Tools->Export
2 - If big enough, it fails
3 - Apply patch, copy changes to /etc/koha/apache-shared-intranet-plack.conf
4 - Restart all the things
5 - Repeat export, it succeeds
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Added by bug 22705, but only in etc/koha-conf.xml
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds an entry to koha-conf.xml for setting a default SMTP
server config. 'koha-create' gets option switches for all options.
To test:
1. Use the tweaked script to crete a new instance
2. Notice it contains entries for smtp_server and they respect your
options.
3. If you don't choose any option, it sets the current default.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>