We can now call metadata_record directly on the Koha::Biblio object.
This aptch updates all modules and controllers to use
Koha::Biblio->metadata_record directly where appropriate. The
exceptions are where we don't require any filtering or the filtering
makes sense to do after the initial fetch.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
We replace the 'opac' boolean with an 'interface' param here to allow
for ViewPolicy filtering depending on 'opac', 'intranet' or 'nothing'
being passed.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Update marcrecord2csv to user RecordProcessor directly for embedding
listed items.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch introduces a higher-level method for retrieving a 'prepared'
record for using in specific contexts. In particular, I only focused on
embedding item information and OPAC view filtering. But we could add a
way to get the record through the ViewPolicy also for staff.
The virtue of this patch is that it explains better than my words why I
think having the *embed_items* and *opac* parameters in
Koha::Biblio::Metadata->record is not ideal. And makes the other
implementation feel like is done at the wrong level.
I know it's been done like that to act as a drop-in replacement fro GetMarcBiblio,
which was a good first step. But we need to revisit how it is used, in general, to come
up with a more refined and useful design. So we do not port the same
design problems from C4::* into Koha::*.
Try to think how it would be used in contexts like opac-MARCdetail.pl or
any other OPAC controller script.
Thanks!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
We don't want that, and it's not consistent with the other outputs.
If we don't have anything useful to say, don't say anything.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
On bug 37895 we have failed to propose a solution to encapsulate exceptions and rethrow them.
Until this is ready we should not try/catch and so use say_failure from our DB revs.
We want to stop the DB update process when something is wrong. In those
try/catch we are actually continuing even if something bad happens.
As RaiseError is set on the dbh, say_failure statements will never be
reached.
Test plan:
checkout origin/24.05.0
reset_all
checkout main + this patch
updatedatabase
Everything should run fine.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This change adds a "safe_url" filter which takes a text input and
returns a Perl URL object which stringifies to a safe URL.
This change is only needed in the OPAC as the staff interface
handles the item URL display using Javascript not Template Toolkit.
0. Apply patch and koha-plack --restart kohadev
1. Create an item for a record using the following URL
https://koha-community.org?url=https%3A%2F%2Fkoha-community.org
2. Go to the OPAC for that record and verify that the URL is
not double-escaped
3. Create a malicious payload (talk to QA/security team for this if necessary)
4. Note that the malicious payload is escaped
5. prove t/Koha/Plugins/SafeURL.t
6. Celebrate!
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This is to prevent the scenario of tests failing if they take long to run, e.g.:
# Failed test 'updated_on correctly saved on newly created user'
# at t/db_dependent/Auth_with_shibboleth.t line 317.
# Structures begin differing at:
# ->[0] = '2024-11-04 11:20:13'
# ->[0] = '2024-11-04 11:20:14
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
1) Apply only LDAP rearrangement patch
2) Run that test file (to prove the rearrangement does not break tests):
$ prove t/db_dependent/Auth_with_ldap.t
3) Verify tests pass
4) Apply LDAP test patch on top
5) Run the test file. Notice it fails.
6) Apply this patch. Run LDAP tests again. Verify tests pass.
Co-authored-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Without this rearrangement, C4::Context->config('useldapserver') is always 0.
It seems that because its inside a BEGIN block, the mock coming from .t file does not get picked up
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
1) Apply only Shibboleth tests patch
2) Run that test file:
$ prove t/db_dependent/Auth_with_shibboleth.t
3) Verify tests fail with the updated_on error message.
4) Apply this patch. Repeat 2) Verify tests now pass.
Co-authored-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch builds on top of Andreas patch checking for Koha::Plugins->new() instead as the enable_plugins is already done there.
It also adds a check in reply to Joubu's observation, which is indeed an additional bug.
Test plan:
1) Apply tests patch. Run the tests. Notice it fails
2) Apply the remaining patches. Run the tests. Notice they pass.
Additional (and better) tests can be written, but for now I think this is good enough.
Additional tests should be written on top of bug 36197 (which adds a dummy ILL backend plugin for testing), at:
https://bugs.koha-community.org/bugzilla3/page.cgi?id=splinter.html&bug=36197&attachment=171371
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
There are ILL-backends that are not implemented as
Koha plugins and does not require plugins to be enabled.
The 'new' method in Koha::Plugins returns undefined if
plugins are disabled. Therefore, calls to this method
must be guarded by a check that plugins actually are enabled.
Testplan for koha-testing-docker:
- Edit /etc/koha/sites/kohadev/koha-conf.xml and disable plugins by
setting <enable_plugins>0</enable_plugins>
- sudo koha-mysql kohadev -e "UPDATE systempreferences SET value='1' WHERE variable='ILLModule';"
- Run restart_all.
- In staff interface, go to About koha -> System information. The page
should load normally (as opposed to returning 500 internal server
error).
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch corrects JS on the suggestions page so that the delete,
archive, and unarchive controls work.
The patch also modifies the markup of the "Delete" button so that it is
consisten with other pages.
To test, apply the patch and go to the suggestions page in the staff
interface.
- Log in to the staff interface as a user with "suggestions_manage"
permission.
- If necessary, create a few suggestions to test with.
- From the table of suggestions, click the secondary menu on the "Edit"
button for one of the suggestions.
- Choose "Delete." You should get a confirmation dialog. Both the "OK"
and "Cancel" options should work as expected.
- Choose "Archive." There won't be a confirmation, and the title
should disappear from the list.
- To test whether the suggestion was archived, search for it using
the sidebar form, checking the "Include archived" checkbox. The
suggestion should show up in the list with an "Archived" label.
- Clicking the "Edit" secondary menu on the archived suggestion
should trigger a menu with an "Unarchive" option. Click that
and confirm that the suggestion is no longer archived.
- Now log in as a user with only "suggestions_delete" permission but not
"suggestions_manage"
- In the list of suggestions each title should have a "delete" button.
- Clicking the delete button should trigger a confirmation dialog.
Both the "OK" and "Cancel" options should work as expected.
Signed-off-by: Laura_Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch acknowledges the fact this patchset changed the called method
`libraries_where_can_see_patrons` for `libraries_where_can_see_things`.
And as such the mock was not working.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The previous patches took into account all the groups for a patron, but missed the case where a patron
didn't have permission to see outside their library, and their library is not in a group.
Code updated and a test added.
Other tests adjusted to ensure the feature to limit patrons was set in those groups.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Olivier V <olivier.vezina@inLibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Laura_Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Olivier V <olivier.vezina@inLibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
prove t/db_dependent/Koha/Patron/Category.t
prove t/db_dependent/Koha/Patron.t
Signed-off-by: Laura_Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Olivier V <olivier.vezina@inLibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch attempts to force a password change for new staff created patrons.
This is done by setting the password_expiration_date to an expired date when
adding a new patron. This patch adds a new system preference
'ForcePasswordResetWhenSetByStaff' and a new column to the categories table
'force_password_reset_when_set_by_staff.
To test:
1) Apply patch, restart_all, updatedatabase, and also be sure to update schema.
2) Visit Administration->Sytem Preferences and search for 'EnableExpiredPasswordReset'.
Make sure this is set to enable. Now search for 'ForcePasswordResetWhenSetByStaff'.
This should be defaulted to 'Don't force'.
3) Keep that tab open and visit Administration->Patron categories. Click on edit
on the Board category. Noitce that there is a now a 'Force new patron password reset'
section. Notice that the by default, this is set to follow the
ForcePasswordResetWhenSetByStaff system preference (currently set to don't force).
Click on the dropdown and change it to 'Force'. Save changes
4) Click on the Patrons tab to visit members-home.pl and then click 'New Patron'.
Select on Patron. Fill in the required information and also enter a password.
5) Submit this form and notice that the patron's password expiration date is set
to never. This should be the case because the default for 'Force new patron
password reset' follows the sys. pref. which is still set to 'Don't force' (You
could have some expiry date in this step, but it should at least be set to a
date that is not expired. this depends on whether or not you have a defalut
password expiration date set in patron categories )
6) Log into the OPAC with this patron and notice it works as expected and log in
was successful.
7) Go back to the patron home page and click to add a new patron. This time select
'Board'. Once again fill out the required info, enter a password, and then save
the form.
8) Notice that for this patron, the password expiration date is set for today's
date. This is because we changed the setting for the 'Board' patron category to
force.
9) Log into the OPAC with this patron. You should be redirected to a page with an
error that says: "It's your first login! You need to reset your password." Click
on the reset password link below this message.
10) You should be sent to a page where you can reset your password. Fill in the
form and click 'Update password'. Attempt to sign into the OPAC with this new
password. Everything works as expected.
11) Go back to the staff interface and view this patron's detail page. Notice the
password expiration date is now set to what the default is in the patron
category.
12) Edit this patrons information and set their password expiration date to
yesterday. Go back to the OPAC and try to sign in with this patron again. Note
that this time, you are also redirected but the message says "Error: Your
password has expired!"
13) Go back to the staff interface and visit the sys. pref tab we left open. Set
it to the 'Force' option and save changes.
14) Visit the patron home page and click add patron, now select the patron
category again. Fill in required info and enter password. Submit form and note
that the patron's password expiration date is set to today. Try to login to
the OPAC with this patron, you should be redirected to the page with the error
that says "Error: It's your first login! You need to reset your password."
15) Sign-off :)
Signed-off-by: Laura_Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Olivier V <olivier.vezina@inLibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Laura_Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Olivier V <olivier.vezina@inLibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Laura_Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Olivier V <olivier.vezina@inLibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
FAIL Koha/ILL/Backend/Standard.pm
FAIL critic
"$marc_isbn" is declared but not used at line 1179, column 5. Unused variables clutter code and make it harder to read.
"$marc_author" is declared but not used at line 1180, column 5. Unused variables clutter code and make it harder to read.
"$marc_title" is declared but not used at line 1181, column 5. Unused variables clutter code and make it harder to read.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Apply patch, restart_all
2. Add some holds and run the holds queue builder.
3. Go to the holds queue.
4. You should see less information in the 'Title' field.
5. You should see an 'Author' column, make sure it is sortable and the data is correct.
6. You should see a 'Publication details' column, that should also be sortable. Make sure the data is correct.
7. Each column, and all other in the holds queue table, should be column configurable via Table Settings.
8. Make sure you hide/show columns via Table settings.
9. Make sure the data can be exported correctly via tha Export button.
Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
A regular openURL works fine:
http://localhost:8080/cgi-bin/koha/opac-illrequests.pl?backend=Standard&title=Koha%20is%20cool&method=create&genre=article&openurl=1
Problem is existing third-party systems may be linking to Koha using FreeForm, not Standard
Test plan:
1) Access the OPAC URL from above.
2) Notice it works.
3) Replace the word 'Standard' with 'FreeForm'. It no longer works.
4) Apply patch. Repeat.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
1) Enable ILLModule
2) Login on OPAC (if you haven't already)
3) Access the following openURL link:
localhost:8080/cgi-bin/koha/opac-illrequests.pl?atitle=Music%20in%20an%20Emergent%20History%20of%20Psychology.&aulast=Klempe%20SH&backend=Standard&cardnumber=kohaadmin&custom_field=example1&date=2024&doi=10.1007%2Fs12124-023-09778-9&genre=article&issn=19363567&issue=1&custom_field2=example2&method=create&opac=1&openurl=1&pages=1-11&spage=1&title=Integrative%20psychological%20%26%20behavioral%20science&volume=58
4) Notice the DOI is considered a custom field, and the actual DOI native field is not populated.
5) Apply patch. Repeat 4. Notice the native field is populated and is no longer a custom field entry.
Original patch:
6f00282af4
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
The previous patch fixed what it stated, but uncovered a new issue:
If you input a cardnumber + a branchcode and then change type, the 'Create' button becomes disabled
This happens because the trigger for it is on change only, the current patch updates this to also happen
on DOMContentLoaded.
Test plan:
1) Apply previous patch
2) Do steps from previous patch plan up to and including step 5)
3) Click 'Create'. Notice it doesn't submit (nothing happens).
4) Apply this patch and do a hard reload (clearing browser js cache)
5) Repeat steps 1) to 3). Notice it now submits correctly.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
1) Apply 35570
2) Enable ILLModule sys pref through UI, or run:
echo "update systempreferences set value = 1 where variable = \"ILLModule\";" | koha-mysql kohadev
3) Create a new Standard request, visit:
http://localhost:8081/cgi-bin/koha/ill/ill-requests.pl?method=create&backend=Standard
4) Input a cardnumber and/or set a library at the bottom under "Patron options".
5) Change the type (top of the form). Notice the data from step 4) is gone.
6) Apply patch. Repeat test plan and notice data is kept when changing request type.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This follow-up patch removes the unused delete list confirmation dialog in virtualshelves/shelves.tt
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Create a list in the staff interface
2. Go to lists
3. View the list
4. Click the Edit dropdown
5. Notice the two dropdown options for Edit list and Delete list have different formatting and look different
6. Apply patch
7. Try steps 1 through 4 again
8. The delete list button form looks right, and delete function works
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
