This patch adjust:
Intranet login
Opac-main
Opac-main - 'log in to your account modal'
To test:
Login at the three places above
Confirm html shows autocomplete off on the fields
Confirm logins work
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
In most authentication forms we see :
Fields "Login:" and "Password:" with a submit button "Log in".
In some places submit button contains "Login", which is confusing for translation.
It is not correct according to terminology https://wiki.koha-community.org/wiki/Terminology#L
Also in opac-user.pl ":" is missing, it generates new translation entries.
Test plan:
1) Log out if you are logged in
2) Go to staff interface
3) Check you see button "Log in"
4) Go to OPAC page /cgi-bin/koha/opac-user.pl
5) Check you see fields "Login:" and "Password:"
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Swapped the order of the page titles to have the unique information
first, i.e. the name of the specific page displays first, and the name
of the website (e.g. Koha) displays at the end.
To test:
1) Apply patch
2) Esnure each othe files auth.tt, admin/transfer_limits.tt and
circ/transfers_to_send.tt have page titles that are swapped around to
display the most unique information first, and the wensite name is at
the end
3) Esnure the pages displayed on the Staff Client that correspond to
these files also display the changes
Sponsored-by: Catalyst IT
JD amended patch: remove dup "IP address change"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Indentation fixes for readability
Cleaned up a few places where the ability to login otherwise was leakign through
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
JD amended patch: Remove trailing spaces
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch replaces remaining instances of <script type="javascript"> in
templates with "<script>."
To test, apply the patch and check the changes to the template. Verify
that the changes look correct.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix "submit is not a function error"
A submit button should not be named "submit", in this case, it's id.
https://stackoverflow.com/questions/833032/submit-is-not-a-function-error-in-javascript
Fix some uses of get_attribute()
Fix a fail by setting a global implicit_wait_timeout, default value is 0
in our lib. Other libs set it higher which helps to not have to manually
deal with part of the timing issues.
Fix: remove usage of click_when_visible() because it doesn't work with
elements not in the top of the page. Because they are off screen.
Fix: use $driver->quit() in error_handler to not forget an open Firefox.
With the current version, it fills /dev/shm and fails with around 5
Firefox opened.
Also use quit() it at the end of every script.
Fix: filling item fields, to fill only the displayed one (not those
with display:none)
== Test plan ==
1. Update selenium/standalone-firefox to the latest version [1]
2. prove t/db_dependent/selenium/authentication.t
3. It fails with: arguments[0].form.submit is not a function
4. Apply patch
5. Retest
6. Success
[1] In koha-testing-docker you can do it with
docker-compose.yml:
selenium:
- image: selenium/standalone-firefox:2.53.1-americium
+ image: selenium/standalone-firefox
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the html_helper for the cash register selection block
to remove the 'empty option' such that it can be correclty set for each
select case and updates all existing cases where we used the process
block previously to include the relevant blank option '-- Select an
option --', '-- None --', 'Library default' and finally the new '-- All
--' options introduced with this bug.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The hidden attribute for loading an element hidden is known to have
issues and inconsistencies accross browsers.
This patch instead updates the relevent input options to use an inline
style of 'display: none' to hide the elements on page load and then
.show, .hide for subsquent changes linked to the library branch picker
change.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch hides the register selection option from the login page if no
registers have yet been defined on the system.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The trailing space after branch in the class attribute for the register
select options cause issues in the 'hasClass' javascript selector
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates 'Branch default' to 'Library default' on the login
page to match the coding terminology guidelines.
We also update the table heading on the cash registers management page
to match the terminology above for clarity.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If no branch is selected (i.e. 'My library') then we should default to
'branch default' if one is defined for the users library at login.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the saved reports page so that it remembers, for the
duration of the browser session, the last active tab.
To test you should have multiple reports in multiple report groups.
Apply the patch and go to Reports -> Saved reports.
- Select a tab to filter the table of saved reports to a particular
report group.
- Navigate away from the page
- Return to the save reports page. The tab you previously selected
should be selected again.
- Restart your browser and return to the saved reports page. The tab
should no longer be preselected.
Update: The tabs filtering JavaScript has been moved to a separate
function so that the function can be triggered by both the "create"
event (when the tabs are initialized) and the "activate" event (when a
tab is selected).
Update II: Persistence is now enable through localStorage instead of
Cookies. The localStorage item is now cleared during the logOut
function.
Update III: The logOut() function in staff-global.js is now called by
auth.tt to ensure that tabs are not remembered across sessions.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
I missed a case on the authentication page with the prior patch of the
same name.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
You should be able to add desk choice when you are logging in or
changing library.
Test plan:
1. apply patch
2. have at least three libraries, one without desk, one with one and
one with a few.
3. At login, when choosing a library, it should enable all desks it
has. Pick one.
4. the desk id and name should be set in your session and appear in
the top right, next to the library name.
5. change library and desks from intranet (at the set-library.pl page)
6. you should have the same behaviours
7. if you have a library without a desk, it should prompt you a '---'
option and no desks will be attached to the session.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch removes the use of jquery.cookie to store "last patron"
information, using localStorage instead. jquery.cookie.js is obsolete.
See Bug 24624.
localStorage has been chosen as an alternative in this situation because
it does not require transmission between the client and the server. See
Bug 12410.
Because there is no "session only" option with localStorage, additional
handling of the showLastPatron data is added to the login page. That
takes care of "stale" last patron information if user didn't log out but
the session expired for some reason.
To test apply the patch and enable the showLastPatron system preference.
1. Load a patron's account for checkout
2. Navigate away from patron-related pages: Perform a catalog search
from the search header form and open the detail page from the search
results. Confirm that the correct last patron information still
shows.
3. Load another patron's account for checkout
- There should now be a "Last patron" link in the breadcrumbs bar
which links to the patron in step 1. Hovering your mouse over the
link should display a tooltip containing the patron's name and
card number.
- Click the "X" to clear the last patron information. The last
patron link should go away.
4. Log out and log back in. The last patron information should be gone.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The return URL that is part of the link to CAS login is double-escaped on the staff login page.
It appears that this is the same issue as bug 21973 but in the staff intranet template. I have attached an identical patch for the intranet auth.tt file.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes the templates relying on the OpacResetPassword syspref
use the introduced TT plugin method instead by changing:
[% IF Koha.Preference('OpacResetPassword') %]
=>
[% IF Categories.can_any_reset_password %]
To test:
- Verify that all the places in which the 'forgot password' link is
displayed in OPAC keep working, provided there's at least one category
that has the flag set
- Attempt to recover the password for a patron that belong to a valid
category (i.e. that has the flag set)
=> SUCCESS: You can go through the normal process
- Attempt to recover the password for a patron that belongs to a
category with the flag unset.
=> SUCCESS: Once Koha identifies your category, you are told you are not
allowed to do it
- Sign off :-D
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch has been generated with the script provided on bug 21576.
It only affects variable used in the href attribute of a link *when*
href it the first attribute of the node (grep "a href")
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
- This patch adds shibboleth authentication to the staff client.
- Depending upon how your url structure works, you may or may not need a
second native shibboleth service provider profile configured for this
to work.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
To test:
1 - Apply patches
2 - Upgrade database
3 - Check the staff client login page, should be no change
4 - Add something to the preferene
5 - It should appear on the login page
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates various unrelated templates to use the Bootstrap
grid.
- about.tt - The about page
- auth.tt - The login page
These pages should look correct.
- reports/reports-home.tt - The reports home page
- admin/admin-home.tt - The administration home page
These pages should look correct, with a single centered column
with wide margins on either side. At lower browser widths the margins
should disappear.
- serials/subscription-add.tt - Serials -> Add subscription. The entry
form should look correct during each step of the add/edit process.
- suggestion/suggestion.tt - Acquisitions -> Suggestions -> New
suggestion. The page with the new suggestion form should look correct.
Signed-off-by: Roch D'Amour <roch.damour@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The login template must have a class attribute on the body tag in order
for the template to pass tests.
To test, apply the patch and confirm that the staff client login form
still looks the same. For further confirmation you could update the
IntranetUserCSS system preference with something like this:
.main_main-auth {
background-color: #CCF;
}
The login form should now have a different background color.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes template and CSS changes so that the staff client main
page doesn't get an unwanted top margin from the Bootstrap-grid
conversion.
- The unused "main" class is removed from the login page
- The "main" class on the staff client home page is changed to
"intranet-main."
- The CSS for the staff client home page has been modified accordingly.
To test, apply the patch and clear your browser cache if necessary.
- Open the staff client login page. It should look as it always does.
- Log in and check the style of the main page. There should be no white
margin at the top of the page.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To prevent brute force attacks on Koha accounts, staff and opac, we need to
implement an account lockout process to Koha.
After a number of failed login attempts a users account would become locked.
The user would then need to use the reset password functionality to send a reset
token to their email account. After a successful password reset the lockout flag
would be removed.
The number of failed login attempts before lockout is configurable using a new
system preference 'FailedLoginAttempts'.
How does it work?
When a patron enter an invalid password, the borrowers.login_attempts value
for this patron is incremented. When this value reach the value of the
pref FailedLoginAttempts, the password comparison is not done and the
authentication is rejected.
This login_attempts field is reset when a patron correctly logs in. When
the account is locked the patron has to reset his/her password using
the OpacResetPassword feature or ask a staff member to generate a new
password.
If the pref is not set (0, or '') the feature is considered as disabled,
but the failed login attempts are stored anyway.
Test plan:
0/ Apply patch and execute the update DB entry
1/ Switch on the feature by setting FailedLoginAttempts to 3
2/ Use an invalid password to login at the staff or OPAC interface
3/ After the third consecutive failures, you will be asked to reset your
password if OpacResetPassword is set, or contact a staff member
4/ Switch on OpacResetPassword and reset your password
5/ Confirm that you are able to login
6/ Play with the different combinations
QA details: The trick happens in C4::Auth::checkpw, to make things clear
I had to create a return value (note the awesome name: @return) and
replace the 3 successives if statements with elsif. Indeed if one of
the condition is reached, it will return inside the given block.
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Those 2 prefs can be independent and it does not make sense to consider
AutoLocation only if IndependentBranches is set.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch modifies the about page and the login page templates so that
JavaScript is included in the footer instead of the header.
To test, apply the patch and test each page to confirm that
JavaScript-based interactions are unaffected:
- On the About page tabs and header menu dropdowns should work correctly
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch fixes a translatability problem (syntax in different languages) with a tag-isolated word "please"
in koha-tmpl/intranet-tmpl/prog/en/modules/auth.tt
To test:
- Verify in code that there is no sentence spliting by a-tags (lines 80/84).
Signed-off-by: Srdjan <srdjan@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This uses a hacky but simple method to get the correct script name under
proxied packaged Plack.
Test plan:
1) Log out of both the OPAC and staff side.
2) Try to access a page that requires login (opac-reserve.pl is a
good one for the OPAC), then log in.
3) You will be redirected back to mainpage.pl or opac-user.pl.
4) Repeat above for both staff side and OPAC.
5) Apply patch.
6) Repeat steps 1-4; you should be redirected back to the original
page you were on.
7) Repeat the above for both a traditional CGI and kohadevbox/package
Plack installation.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Revert "DBRev to make notes of the XSS patches and the new important dependency."
This reverts commit e140603a59.
Revert "Bug 13618: Specific for branches.opac_info"
This reverts commit 06e4a50f00.
Revert "Bug 13618: (follow-up) Specific for other prefs"
This reverts commit d6475a111f.
Revert "Bug 13618: Fix for debarredcomment and patron messages"
This reverts commit dd98c9df92.
Revert "Bug 13618: Do not display html tags in patron's notices"
This reverts commit a065b243fe.
Revert "Bug 13618: Do not display and html tags in item fields content"
This reverts commit baeeaffbf8.
Revert "Bug 13618: Fix for system preference description"
This reverts commit a967a09261.
Revert "Bug 13618: Remove html filters for newly pushed code"
This reverts commit 0e98662b10.
Revert "Bug 13618: (follow-up) add missing lines for opac-shelves"
This reverts commit fc2fb605e5.
Revert "Bug 13618: (follow-up) Specific for ColumnsSettings"
This reverts commit bc308fdd9c.
Revert "Bug 13618: Fix for edit biblios and items"
This reverts commit 811c4e8402.
Revert "Bug 13618: followup to remove tabs"
This reverts commit ca8e8c397c.
Revert "Bug 13618: Fix last occurrences recently introduced to master"
This reverts commit bb417b256b.
Revert "Bug 13618: Fix for news"
This reverts commit ae5b98020a.
Revert "Bug 13618: Fix escape on sending baskets or shelves by email"
This reverts commit a7731ffe25.
Revert "Bug 13618: Specific for XSLTBloc"
This reverts commit 11fa38dc29.
Revert "Bug 13618: Specific for Salutation on editing a patron"
This reverts commit 36c07ad6d3.
Revert "Bug 13618: Specific for other prefs"
This reverts commit e6ea281a3b.
Revert "Bug 13618 - memberentrygen.tt errors Not a GLOB reference"
This reverts commit 7824874557.
Revert "Bug 13618: Specific for ColumnsSettings"
This reverts commit 1834da3da3.
Revert "Bug 13618: Specific for IntranetUser* and OPACUser* prefs"
This reverts commit 21ae62b253.
Revert "Bug 13618: Fix error 'Not a GLOB reference'"
This reverts commit 602bdbab4c.
Revert "Bug 13618: Specific for the ISBD view"
This reverts commit d254362435.
Revert "Bug 13618: Specific for pagination_bar"
This reverts commit 8837a8ae68.
Revert "Bug 13618: Specific places where we don't need to escape variables - intra"
This reverts commit 00eff140b3.
Revert "Bug 13618: Remove html filters at the intranet"
This reverts commit 7db851ff03.
Revert "Bug 13618: Specific places where we don't need to escape variables"
This reverts commit 49a3738b8d.
Revert "Bug 13618: Remove html filters at the OPAC"
This reverts commit cedaa0e23e.
Revert "Bug 13618: Use Template::Stash::AutoEscaping to use the html filter"
This reverts commit 01b38d3b13.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
* Extends login screen to pass along #hash
* Adds JSONP support to C4::Service
* Extends humanmsg to allow per-message classes
* Adds proper charset to results of svc/bib
Test plan:
1. C4/Auth.pm and .../intranet/.../auth.tt: verify that login/usage
works as expected, despite the change to pass on the fragment (...#blah)
from the URL.
2. C4/Service.pm and humanmsg.js: verify that editing system
preferences (the main user of these modules) works correctly despite
updates.
3. svc/bib: verify that records can be correctly downloaded with the
change of character set. This can be done in a Firebug/Chrome Devtools
console by running `$.get('/cgi-bin/koha/svc/bib/1')` and inspecting the
results (possibly replacing 1 with a different valid biblionumber).
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
CGI->url does not return the correct url on install using packages.
Test plan:
1/ Try to reproduce the bug from the description of bug 15005.
You should be able to login to the intranet and the OPAC
2/ Send a basket and a list from the intranet and the OPAC.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
In authentication pages with CAS, the use of acronym or abbr tags does not allow a correct translation of the text.
See http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=5983#c7
It does not help a lot end users to know that CAS is Central Authentication Service, I think. Now one can custom the login page with NoLoginInstructions syspref to describe how to use the authentication.
This patch removes the use of acronym and abbr is authentication pages.
Test plan (example with fr-FR locale) :
- Without patch
- Update translation files : cd misc/translator ; perl translate update fr-FR
- You see in fr-FR-opac-bootstrap.po : msgid "If you have a "
- Is is translated in : msgstr "Si vous avez un compte "
- Apply patch
- Update translation files : cd misc/translator ; perl translate update fr-FR
- You see in fr-FR-opac-bootstrap.po : msgid "If you have a CAS account, %s please "
- You can now translate it : msgstr "Si vous avez un compte CAS, %s veuillez "
- Same test for intranet authentication page
- Install the translation : cd misc/translator ; perl translate install fr-FR
- Look at the result
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised. Tranlated OK, tested in spanish es-ES
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch allows to use CAS authentication for intranet login.
It works exactly the same as the OPAC login, except that the
staffClientBaseURL syspref must be set for intranet login
(like OPACBaseURL must be set for OPAC login).
Signed-off-by: Koha Team AMU <koha.aixmarseille@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch tries to get the Bug out of "In discussion" by changing the design a little bit.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Bug 11146 introduced a way to go back, and have a logout link for the
"Not enough permissions" message page. I belive the logout button is redundant. And
also "Log in as a different user" tells the user more about its options on the scenario.
Simple and disputable usability/string change.
Regards
To+
Sponsored-by: Universidad Nacional de Cordoba
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
When a user does not have permissions for a page or module, the
authentication page is displayed with message
"Error: You do not have permission to access this page.".
Most librarians uses the "previous page" button of their browser to
come back on the page they were before trying to get to the
non-permitted page.
This patch adds a button to help coming back to previous page.
It also changes the "Click to log out" link as a button.
Test plan :
- Define a user with staff permissions but no permission on tools module
- Login with this user
=> You get to intranet home page
- Edit URL to go to tools module : cgi-bin/koha/tools/tools-home.pl
=> You get a page with a red error message and 2 buttons "Previous page"
and "Log out"
- Click on "Previous page"
=> Go get to intranet home page
- Edit URL to go to tools module : cgi-bin/koha/tools/tools-home.pl
- Click on "Log out" button
=> You are logged-out and get to authentication page : cgi-bin/koha/mainpage.pl?logout.x=1
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Works as intended.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Test Plan:
1) Enable IndependantBranches
2) Apply this patch
3) Run updatedatabase.pl
4) Verify that the system preference still functions correctly
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>