Koha has a number of features that rely on knowing the IP address of the connecting client. If that server is behind a proxy these features do not work.
This patch adds a module to automatically convert the X-Forwarded-For header into the REMOTE_ADDR environment variable for both CGI and Plack processes.
TEST PLAN:
1) Apply this patch set
2) Install Plack::Middleware::RealIP via cpanm or your favorite utility
3) Update your plack.psgi with the changes you find in this patch set ( this process differs based on your testing environment )
4) Restart plack
5) Tail the plack error log for your instance
6) Use curl to access the OPAC, adding an X-Forwarded-For header: curl --header "X-Forwarded-For: 32.32.32.32" http://127.0.0.1:8080
7) Note the logs output this address if you are unproxied
8) If you are proxied, restart plack using a command like below, where the ip you see in the logs ("REAL IP) is what you put in the koha conf:
<koha_trusted_proxies>172.22.0.1 1.1.1.1</koha_trusted_proxies>
9) Restart all the things!
10) Repeat step 6
11) You should now see "REAL IP: 32.32.32.32" in the plack logs as the remote address in your plack-error.log logs!
12) Disable plack so you are running in cgi mode, repeat step 6 again
13) You should see "REAL IP: 32.32.32.32" as the remove address in your opac-error.log logs!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Ed Veal <eveal@mckinneytexas.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch replaces CSS-based background image icons with Font Awesome
icons. This will eliminate the use of sprite.png altogether.
To test, apply the patch and regenerate the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
Because JavaScript events are often triggered by class, the changes made
in this patch require testing of JavaScript-driven behavior as well as
visual confirmation of the changes.
Enable OPAC features to expose them for testing: Login, Holds, Article
requests, Tags, Cart, Search term highlighting.
- Perform a search in the OPAC
- In the header at the top of the search results, check the
'Unhighlight/Highlight' link.
- Select some search results and verify that the multi-item controls
are enabled: Add to cart/Lists; Place hold; Tag. Check that these
controls work correctly.
- Verify that the following links look correct and work correctly:
'Place hold,' 'Request article,' 'Log in to add tags,' 'Add to
cart.'
- Log in to the OPAC and return to the search results page. Check the
'Add tag' and 'Save to lists' links.
- View the lists page
- Test the 'Edit' and 'Delete' controls.
- View the contents of a list. Test the following:
- Controls at the top of the table of results ('New list,'
'Download list,' 'Send list,' 'Print list,' 'Edit list,' and
'Delete list').
- Multi-selection operations: 'Place hold,' 'Tag,' and 'Remove
from list.'
- Controls for each item on the list: 'Place hold,' 'Add tag,'
'Save to another list,' 'Remove from this list,' and 'Add to
cart.'
- View the bibliographic detail page for any search result
- In the right-hand sidebar menu, verify that these controls look
correct and work correctly: 'Place hold,' 'Print,' 'Request
article,' 'Save to your lists,' 'Add to your cart,'
'Unhighlight,' 'Send to device,' 'Save record,' and 'More
searches.'
- Test the shelf browser by clicking 'Browse shelf' under the call
number for any of the holdings.
- Test the 'Next' and 'Previous' controls.
- Check the tabs for switching between 'Normal,' 'MARC,' and 'ISBD'
views and verify that they look correct on each of those pages.
- Add some items to the Cart and open the Cart
- Test the cart controls at the top: 'More details/Brief display,'
'Send,' 'Download,' 'Empty and close,' 'Hide window,' 'Print.'
- Test the multiple-selection controls: 'Remove,' 'Add to list,'
'Place hold,' and 'Tag.'
- Log in to the OPAC as a user who has items checked out which can be
renewed. On the 'Your summary' page, on the 'Checked out' tab, test
the 'Renew selected' and 'Renew all' links.
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The switch to Font Awesome for more icons in the OPAC doesn't require a
Font Awesome upgrade but this is a good chance to do it.
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
marc_records_to_documents is now an arrayref of hashes, not an arrayref of arrays
_sanitise_records has been removed, we don't need those tests anymore
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch reintroduces the FK constraint on issue_id. The tests are
adjusted to reflect the UNIQUE constraint we also added.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch organizes the tests better, and adds some more.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adjusts the return values and HTTP status codes, as well as
removing the use of C4::Context->userenv. It also makes the date
calculation happen on the DB engine in the case of resolving the claim.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch avoids querying the DB for an already existing
Koha::Checkouts::ReturnClaim with the same issue_id, now that there's a
UNIQUE constraint on it.
Also, 409 should be returned instead. Tests added for this changes.
To test:
- Apply this patch
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/return_claims.t
=> SUCCESS: tests pass!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This adds a "Claims returned" feature that extends and enhances the claims returned lost status.
To use this feature, a new LOST status to represent an item claimed as returned needs to be created.
The value of this LOST authorised value should be set in the new syspref ClaimReturnedLostValue.
Setting this system preference turns on the feature.
Once the feature is enabled, you should be able to mark checked out items as return claims from the
checkout and patron details pages, and also modify them from the new claims tab on those pages.
Returning a claimed item will notify the librarian that the item in question has a claim on it.
Setting the ClaimReturnedWarningThreshold will add an alert to make librarians aware that this
patron has many return claims on the patron's record.
Test Plan:
1) Create a "Claims Returned" lost value
2) Create some RETURN_CLAIM_RESOLUTION authorized values
3) Set ClaimReturnedLostValue
4) Set ClaimReturnedChargeFee
5) Set ClaimReturnedWarningThreshold
6) Create some checkouts
7) Claim some returns
8) Verify ClaimReturnedChargeFee works with all 3 options
9) Verify ClaimReturnedWarningThreshold shows a warning once the threshold has been exceeded
10) Edit notes on a claim
11) Resolve a claim
12) Delete a claim
Sponsored-by: North Central Regional Library System
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the /return_claims route to add new return claims, and
then routes to updates notes and the resolution code.
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/return_claims.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Adds the ability to get a list of a patron's return claims directly
from the Patron object.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Adds the ability to generate a return claim from a Checkout object.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This adds the ability to alert a librarian of an item claimed as returned is actually returned.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch introduces the Koha::Object(s)-derived classes for handling
return claims. Tests are added to cover the overloaded ->store method,
and domain-specific exceptions are added as well.
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Checkouts/ReturnClaim.t
=> SUCCESS: Tests pass!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch introduces the new table and related sysprefs.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
prev_open_days can receive either positive or negative numbers and
then does the right thing with them. However, we weren't also doing this
with the number it receives back from get_push_amt
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This was causing the amount to push by to be incorrectly calculated
Sponsored-by: Cheshire West and Chester Council
Sponsored-by: Cheshire East Council
Sponsored-by: Newcastle City Council
Sponsored-by: Sefton Council
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
In a sequence of closed days, we should take into account the nature
of each closed day as we encounter it in order to calculate the amount
to add to reach the next potential closed date. We are now doing this.
Sponsored-by: Cheshire West and Chester Council
Sponsored-by: Cheshire East Council
Sponsored-by: Newcastle City Council
Sponsored-by: Sefton Council
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds unit tests of the CalcDueDate function to ensure that
the useDaysMode "Dayweek" mode works as expected
Sponsored-by: Cheshire West and Chester Council
Sponsored-by: Cheshire East Council
Sponsored-by: Newcastle City Council
Sponsored-by: Sefton Council
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch will, when appropriate, roll due dates forward by full weeks,
rather than single days.
Sponsored-by: Cheshire West and Chester Council
Sponsored-by: Cheshire East Council
Sponsored-by: Newcastle City Council
Sponsored-by: Sefton Council
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
We require next_open_day & prev_open_day to be more flexible. We could
create a separate sub, but that's not very DRY given that they'll do
pretty much the same thing.
So next_open_day becomes next_open_days and prev_open_day becomes
prev_open_days and both functions accept an additional parameter which
determines how many days they add or subtract.
All calls of these two functions have been modified accordingly.
Sponsored-by: Cheshire West and Chester Council
Sponsored-by: Cheshire East Council
Sponsored-by: Newcastle City Council
Sponsored-by: Sefton Council
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Sponsored-by: Cheshire West and Chester Council
Sponsored-by: Cheshire East Council
Sponsored-by: Newcastle City Council
Sponsored-by: Sefton Council
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds a new "Dayweek" option to the useDaysMode syspref, it
has the description: "the calendar to push the due date to the next open
day on the same weekday".
Sponsored-by: Cheshire West and Chester Council
Sponsored-by: Cheshire East Council
Sponsored-by: Newcastle City Council
Sponsored-by: Sefton Council
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The patchset inadvertantly disabled the ability to create disabled user
accounts when any check_password plugin was installed.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Using both Koha::Plugins and Koha::Plugins::Handler inside the same
class causes issues for runtime module loading which in turn caused all
the plugins tests to fail.
This patch converts this patchset to use the direct call style used
elsewhere in Koha removing the need for Koha::Plugins::Handler.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patchset introduces a route to fetch items. It relies on the
already implemented code/mappings to get a single item.
To test:
- Apply this patches
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass!
- Try the endpoint with your favourite API tool (Postman?)
- Sign off :-D
Note: to do exact searching on barcode, you need to build the query like
this:
GET /api/v1/items?external_id=<your_barcode>&_match=exact
Signed-off-by: Jesse Maseto <jesse@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The main point of this patch is to make it possible to integrate Koha
with the Norwegian national patron database (NNPDB). Code for this was
earlier introduced in Bug 11401 and removed again in Bug 21068.
To test this is mainly a question of spotting regressions, it should
still be possible to set and change a password in all possible ways:
- Setting a password for a new user
- Changing a password in the staff client
- Changing a password in the OPAC
If these work as expected, everything should be OK.
A nice side effect of this work is that it will allow for plugins that
validate passwords. I have created a tiny plugin that enforces PIN
codes of 4 digits. (Yeah, I know, those are the worst passwords, but
some libraries do require them.) It is published here:
https://github.com/Libriotech/koha-plugin-pin
To test this way, install the plugin and try to change the password
of an exsisting user to something that is not a 4 digit PIN. You
should get an error that says "The password was rejected by a plugin".
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Updated 2019-10-23:
- Moved the plugin checks to before the call to $self->SUPER::store to
make sure patrons are not saved if the password fails a plugin check
- Made the plugin checks in set_password respect skip_validation while
retaining the functionality for NNPDB
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch corrects the Bsort1 typo in authorised_values.tt and changes the Bsort2 description to match Bsort1's.
To test:
1- Go to Administration > Authorised values
2- Make sure descriptions for Bsort1 and Bsort2 match their category and are the same (except for 1 and 2)
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To test:
1 - Set OpacXSLTResultsDisplay to "" to use non-xslt view
2 - In Administration->Itemtypes define a summary for an itemtype:
This is the summary for [245a]
3 - Perform a search on the opac that will return results with this itemtype
4 - Note "This is the summary" appears in results with the title
5 - Set OPACXSLTResultsDisplay to 'default'
6 - Refresh your search results, note the summary disappears
7 - Try search in other places and note that summary never appears
8 - Apply patch
9 - Repeat 1-7 and note nothing changed
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>