Commit graph

1779 commits

Author SHA1 Message Date
2e6fb40ef8 Bug 21087: Hash passwords in ->update_password
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: John Doe <you@example.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2018-07-30 14:58:06 -03:00
Aleisha Amohia
4a3eaf02e2 Bug 17698: Make patron notes show up on staff dashboard
This patch adds a user permission for managing issue notes, and a 'noteseen'
column to the issues table.

To test:
1) Apply Bug 14224 first
2) Apply this patch, update database, rebuild schema.
3) Restart koha-common and memcached
4) Turn on AllowCheckoutNotes syspref if haven't already
5) Issue two items to two different users (one item each)
6) Log into the OPAC as one of the users and add an issue note to their
issue
7) Log out and log back into the OPAC as the other user
8) Disable Javascript
9) Refresh opac-user.pl
10) Leave a checkout note on their issue
11) Enable javascript and log into the Staff Client as a superlibrarian
user
12) Go to your user's account and edit their permissions to have
everything ticked EXCEPT circulate->manage checkout notes.
13) Go to main intranet page. There should be no message saying
'checkout notes pending'.
14) Go to circulation home page. There should be no link to Checkout notes.
15) Go back to user's permissions and tick circulate->manage checkout notes.
16) Go back to main intranet page. There should now be a message at the
bottom saying 'Checkout notes pending: 2'
17) Go to circulation home page. There should be a link to Checkout notes
with a 2 next to it. Click this link
18) Attempt to mark an checkout note as seen. This should update the status
of the checkout note to 'seen' and disable to 'mark as seen' button while
enabling the 'mark as not seen' button.
19) Test both buttons with both issues.
20) Test select all and clear all buttons
21) Confirm that buttons at the bottom are only enabled if a checkbox is
checked
22) Try selecting both issues and using the buttons at the bottom to
mark multiple issue notes at once.
23) Confirm the barcode link to the item works as expected.
24) Confirm the cardnumber link to the user works as expected.
25) Confirm all table details show correctly.

Sponsored-by: Catalyst IT

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Followed test plan, works as expected
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amended patch: Remove self-checkout permissions

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-23 15:23:40 +00:00
d2a2d973ce Bug 20287: Move ModMember to Koha::Patron
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-18 15:49:50 +00:00
cfbc53bb22 Bug 20287: Add plain_text_password (& Remove AddMember_Opac)
But actually we could remove it if it does not make sense for other use.
Callers could deal with it since the password is not generated here

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-18 15:49:49 +00:00
dc6b6e030c Bug 20287: Remove AddMember_Auto
I am not sure I understood the point of this subroutine.
Did I miss something here?

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-18 15:49:49 +00:00
ef410fd62f Bug 20287: Replace occurrences of AddMember with Koha::Patron->new->store->borrowernumber
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-18 15:49:47 +00:00
1b13c453e2 Bug 20287: Move fixup_cardnumber
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-18 15:49:44 +00:00
d421cfaed5 Bug 20953: Prevent several discharge requests on OPAC
On OPAC, a user can requested a discharge even if one is already pending.
This generates several pending discharges in staff interface that can not be deleted.

This is because request operation leads to page 'opac-discharge.pl?op=request' and user can refresh this page performing a new request.

Perl code must check that operation is allowed.

Patch reoganised the code so that the following FIXME is obsolete :
  'FIXME looks like $available is not needed'
Patch also replaces 'op' arg test to also check undef : input->param("op") // ''

Test plan :
1) Set system preference 'useDischarge' to 'Allow'
2) Choose a patron without checkouts nor fines nor restrictions
3) Log at OPAC and go to patron page /cgi-bin/koha/opac-user.pl
4) Click on 'ask for a discharge' tab
   => You see /cgi-bin/koha/opac-discharge.pl
      with text 'What is a discharge? ...'
5) Click on 'Ask for a discharge' link
   => You see /cgi-bin/koha/opac-discharge.pl?op=request
      with text 'Your discharge request has been sent ...'
6) In a new browser tab/page, go to intranet on /cgi-bin/koha/members/discharges.pl
   => You see one discharge requets for the patron
7) Come back to OPAC and refresh page
   => You see /cgi-bin/koha/opac-discharge.pl
   with text 'Your discharge will be available on this page within a few days.'
8) Come back to intranet and refresh /cgi-bin/koha/opac-discharge.pl
   => There is still one requets for the patron
9) Come back to OPAC and enter URL /cgi-bin/koha/opac-discharge.pl?op=get
   => You see /cgi-bin/koha/opac-discharge.pl
      with text 'Your discharge will be available on this page within a few days.'
10) Come back to intranet and refresh /cgi-bin/koha/opac-discharge.pl
   => There is still one requets for the patron
11) Click on 'allow' on patron discharge request
12) Come back to OPAC and refresh /cgi-bin/koha/opac-discharge.pl
    => You see link 'Get your discharge'
13) enter URL /cgi-bin/koha/opac-discharge.pl?op=request
    => You see same page and no new discharge requets is created
14) Come back to intranet on patron details page
15) Remove the discharge restriction
16) Come back to OPAC and refresh /cgi-bin/koha/opac-discharge.pl
    => You see text 'What is a discharge?...'
17) enter URL /cgi-bin/koha/opac-discharge.pl?op=get
    => You see same page and no new discharge requets is created

Signed-off-by: Charles Farmer <charles.farmer@inLibro.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-13 10:34:28 +00:00
Julian Maurice
95b1983a25 Bug 19502: Retrieve index.max_result_window from ES
This avoid hardcoding '10000' in two different places and allow users to
adjust this setting.

Also, this patch fixes a bug when the search return less than 10000
results

Test plan:
1. Do a search that returns 10000+ records.
2. Note the warning above the pagination buttons
3. Go to the last page, no error
4. Change the ES setting:
   curl -XPUT http://elasticsearch/koha_master_biblios/_settings -d \
     '{"index": {"max_result_window": 20000}}'
5. Do another search that returns more than 10000 but less than 20000
6. Note that the warning does not show up
7. Go to the last page, still no error

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-12 13:04:21 +00:00
78b9a3e450 Bug 19502: (follow-up) Pass parameters to avoid making templates depend on search engine
https://bugs.koha-community.org/show_bug.cgi?id=19502

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-12 13:04:21 +00:00
cc131475ed Bug 19502: Limit pagination to first 10000 results when using ES
This patch is to avoid hitting an error page. We should eventually make the
max number returned configurable for ES.

To test:
1 - Have Koha running ES with 10,000+ records
2 - Search for '*'
3 - Click 'Last' to view last page of results
4 - 'Cannot perform search' error
5 - Apply patch
6 - Search again
7 - View 'Last' page
8 - No error, you go to the last of 10000
9 - Note the warning above the pagination buttons

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-12 13:04:20 +00:00
cdb6b68488 Bug 20495: (follow-up) Correct search for report by name
Ultimately we should probably remove name access as it is not a unique
id, but this should preserve existing behaviour

To test:
Create a report
Use the service link to confirm the report runs
Replace id=# parameter with name=XXXXXX
Confirm URL works

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Note: We should not remove the param "name", it's a feature, see bug 8256.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-02 12:06:54 +00:00
4ec5a67c6f Bug 20495: Remove get_saved_report
To test:
1 - prove t/db_dependent/Reports/Guided.t
2 - grep "get_saved_report" - ensure there are no occurences of the
singular form
3 - create, save, edit, and convert a report
4 - access a public report and report json from opac and staff client
5 - Ensure all function as expected

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-02 12:06:54 +00:00
Lee Jamison
fa25c45ffc Bug 17153: Redirect to search when logging in from search
This patch is a fresh attempt at redirecting back to search
results after logging in on opac-search.pl

To test:
- Perform an OPAC search
- Login on opac-search.pl with the search results displayed
- The page is redirected to opac-user.pl
- Log out
- Apply the patch
- Perform a new OPAC search
- Note the URL query string
- Login on opac-search.pl with the search results displayed
- The opac-search.pl page should be displayed with the correct
  query string and the page should indicate a logged in status

Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Followed the test plan and the patch works.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-06-29 20:49:51 +00:00
38d75d28af Bug 20832: Fix opac user profile page when there is overdue fine and no rental charge
Test plan:
0) Do not apply the patch
1) Have an overdue fine linked with specific item currently checked out
to your patron
2) Do not have any unpaid rental fees
3) Go to this patron profile in opac - page opac-user.pl
4) The page crashes with "Can't call method "get_column" on an undefined
value at
/usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 217" in log
5) Apply the patch
6) Restart plack
7) The page should working and show the right amounts for fines

Signed-off-by: Andrew Isherwood <andrew.isherwood@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-06-15 10:10:59 +00:00
e5896f5683 Bug 20838: (bug 16735 follow-up) Fix search by group of libraries
In the last patches of bug 16735, we completely broke the feature!

The limit is using library_groups.id instead of branches.branchcode.

Test plan:
Create a group of library with the search feature
Search (OPAC and staff interfaces) using this limit

=> Without this patch you will see that the generated search query does
not contain branchcodes
=> With this patch applied you will see the branchcodes

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-06-04 13:40:36 -04:00
5530ed6b9d Bug 20763: Remove unecessary Koha::Patron fetch
If $borrowernumber is not set, there is no userenv.
So let's pick the library code set in the userenv instead of fetching
the Koha::Patron->branchcode from DB

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-06-04 12:58:53 +00:00
Kyle M Hall
7b16c9a841 Bug 20763: AllowPurchaseSuggestionBranchChoice triggers error opac-suggestions.pl is visited without logging in
Some code executed in the script opac-suggestions.pl if the system preference AllowPurchaseSuggestionBranchChoice is enabled assumes there is a logged in user. If there is not, patrons will see the error "Internal Server Error".

Test Plan:
1) Enable AllowPurchaseSuggestionBranchChoice
2) Enable AnonSuggestions
3) In the OPAC, perform a search that will have no results,
   click the "Make a purchase suggestion" link.
4) Note the error
5) Apply this patch
6) Reload the page
7) The page should load now!

Signed-off-by: Pierre-Luc Lapointe <pierreluc.lapointe@inLibro.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-06-04 12:58:52 +00:00
88ac8c499f Bug 20724: (QA follow-up) Remove two obsolete comment lines
No test plan :)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-16 10:53:13 -03:00
1798d22e76 Bug 20724: Move the ReservesNeedReturns logic to AddReserve
Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-16 10:53:13 -03:00
d8a3fae361 Bug 20737: Use https for baker and taylor cover images
Easy change, should be able to verify with code review or testing with
dummy values

To test:
1 - Put some values in baker and taylor prefs (don't need to be valid)
2 - Do a search on the opac (and have some items with isbns)
3 - Inspect the cover images links to ensure they are formed correctly
4 - prove -v t/External/BakerTaylor.t

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-11 11:36:23 -03:00
5347537f1a Bug 19579: Do not confirm the registration if email already used - PatronSelfRegistrationEmailMustBeUnique
If PatronSelfRegistrationVerifyByEmail and
PatronSelfRegistrationEmailMustBeUnique are set, it should not be
possible to register twice with the same email.
However the test is made on already created patron cards when the
registration is done.
Which means it is possible to register several times with the same
email address and click on the registration link to finalise the
registration.

This patch adds a test when the registration link is clicked and display
the "Registration invalid" generic message if the same email is used

Test plan:
1. Patron submits self registration form using the same email address 3
times
2. Patron receives 3 verification emails
3. Patron clicks on 3 verify token URLs
=> Only the first registration should succeed, the 2 others must fail

Maybe we should display a more specific message?

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-11 10:52:46 -03:00
4200ffb720 Bug 20722: Display search results when searching only by ITEMTYPECAT
- Create an entry for the ITEMTYPECAT authorised value category.
  Make sure to fill in the OPAC description.
- Go to administration > itemtypes and add the new category to 2 item types.
- Go to the OPAC and check that the advanced search shows your new itemtype
  group instead of the individual itemtypes.
- Check the checkbox and Search.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-11 10:52:45 -03:00
82edceb2ed Bug 20568: (QA follow-up) Remove api-key management from OPAC
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:00 -03:00
45841d9ec7 Bug 20568: CSRF protection
Edit: fix warning introduced by this patch

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
28a750fb76 Bug 20568: (QA follow-up) Get rid of the id column
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
b67e88f429 Bug 20568: Move value => client_id + secret
This patch addresses the request from Julian that api keys are expected
to be client id/secret pairs.

It does so by
- Adding 'client_id' and 'secret' columns
- Removing 'value'

Tests got adjusted and so controller scripts and templates.
Both libs and tests changes have been squashed. This ones remain in
order to keep Owen's attribution on the template changes and avoid
rebase conflicts.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:59 -03:00
37efe6ff76 Bug 20568: (follow-up) Interface and markup changes
This patch makes some interface changes to bring things better in line
with existing interface patterns. This patch also re-indents the
modified templates with 4 spaces instead of 2 and makes <input>s
self-closing.

Also changed: Corrected system preference check in opac-apikeys.pl.

To test, apply the patch and:

In the staff client:

 - Open a patron record and choose More -> Manage API keys.
   - There should be a standard message dialog containing a link to
     "Generate a new key."
     - Clicking the link should show the form for adding a new key.
     - Test that clicking the "Cancel" link hides the form.
     - Test that creating the new key works correctly.
   - You should now see a table showing existing keys and a "Generate a
     new key" button above it.
     - Test that the "Delete" button asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.

In the OPAC:

 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Allow."
 - Log in to the OPAC and click the "your API keys" link in the sidebar.
   - Clicking the "Generate new key" button should display the form for
     adding a new key.
     - Clicking the "cancel" link should hide the form.
     - Submitting the form should add a new key.
   - You should now see a table showing existing keys.
     - Test that the "Delete" link asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.
 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Don't
   allow."
   - Log in to the OPAC and confirm that the "your API keys" link in the
     sidebar is no longer visible.
     - Confirm that navigating directly to /cgi-bin/koha/opac-apikeys.pl
       results in a 404 error.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:58 -03:00
9007b25d09 Bug 20568: API key management for OPAC users
This patch makes the OPAC interface for API keys management work
with the new lib. Verify all actions work for a logged user.

Users without login should be redirected to an error page.

The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the
OPAC feature is enabled or not.

To test:
- Verify the syspref works
- Verify users can manage their API keys

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:58 -03:00
Julian Maurice
3aa102d0c3 Bug 20568: API keys management in interface
This introduces the concept of API keys for use in the new REST API.
A key is a string of 32 alphanumerical characters (32 is purely
arbitrary, it can be changed easily).
A user can have multiple keys (unlimited at the moment)
Keys can be generated automatically, and then we have the possibility to
delete or revoke each one individually.

Test plan:
1/ Go to staff interface
2/ Go to a borrower page
3/ In toolbar, click on More -> Manage API keys
4/ Click on "Generate new key" multiple times, check that they are
   correctly displayed under the button, and they are active by default
5/ Revoke some keys, check that they are not active anymore
6/ Delete some keys, check that they disappear from table
7/ Go to opac interface, log in
8/ In your user account pages, you now have a new tab to the left "your
   API keys". Click on it.
9/ Repeat steps 4-6

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:55:58 -03:00
f0b88ed328 Bug 20687: (follow-up) Look for invitekey in show_accept and fix error codes
We should check the invitekey in show_accept by passing it along in the
search call.
On the way I fixed some error checking: if the list number is invalid, or
the list is public or you are the owner, or if the key is not found, we
should set the right error code; the template contains those messages.

Test plan:
[1] Share a list and accept a correct invitation with another user.
[2] Try to accept some invalid proposals: wrong key, wrong list.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested invalid key, wrong list, owner, public list, expiry.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:13 -03:00
90d249b39d Bug 20687: Check all share keys for a given list
This patch gets all the shares for a list and iterates through to find
the correct one when accepting from a link

To test:
1 - Create a private list in the opac
2 - Invite 2 patrons to the list
3 - Try to accept from the patron you first shared to
4 - You will get a failure message about expiration of the link
5 - Apply patch
6 - Now try to accept the first share
7 - It works! Success!

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:13 -03:00
ab52b1f3ac Bug 20284: Fix minor compilation errors
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:01 -03:00
Andrew Isherwood
1b67f20823 Bug 20284: (follow-up) Added missing 'exit's
This patch adds the exits that were missing after the redirects

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:01 -03:00
Andrew Isherwood
b12d5e7c20 Bug 20284: ILLModuleCopyrightClearance text breaks
This patch fixes the display of the copyright notice text that is defined
in ILLModuleCopyrightClearance preference when placing ILL requests from
the OPAC. Handling of the copyrightclearance stage was missing,
this has been added.

To test:
1) Ensure you have at least one ILL backend available:
   https://wiki.koha-community.org/wiki/ILL_backends
2) Ensure you have the "ILLModule" preference enabled
3) Add some text to the "ILLModuleCopyrightClearance" preference
4) Navigate to a search results page in the catalog
5) Click the "Make an Interlibrary Loan request" link at the bottom
6) Choose "Create a new request", then select a backend
7) Observe the text you added earlier is displayed with buttons for
   agreeing or disagreeing (prior to this patch, this screen displayed
   an error)
8) Observe that clicking "Yes" takes you to the form for adding request
   details
9) Observe that clicking "No" takes you back to the "Interlibrary loan
   requests" page

Signed-off-by: Barry Cannon <bc@interleaf.ie>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-07 11:55:01 -03:00
Katrin Fischer
d2d937fc9b Bug 19171: Attempt to make "no holds possible" messages less confusing
At the moment, when no holds are possible, the OPAC reads something
like:

Sorry, none of these items can be placed on hold.
No items available.

This is confusing to the patrons, because the records have items,
but they are not showing. The record also may have available items,
they are just not permitted to place holds on them.

Changes:
- Only display the first message, when somoene tried unsuccessfully
  to place holds on multiple records.
- Change first message to: Sorry, none of these titles can be placed on hold.
- Change the second message to read:
  No items available to be placed on hold.
- Remove <strong> around Sorry for better translatability.

To test:
- Try to place a hold on single record, where no hold is possible.
- Try to place a hold on a single record, where a hold is possible.
- Try to place holds on multiple records where no hold is possible.
- Try to place holds on multiple records where at least one hold
  is possible.

  Verify the screen messages make sense in all cases.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Fixed stray </strong> during signoff.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
For consistency with staff, I renamed multi_holds to multi_hold.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-04 09:17:10 -03:00
Mark Tompsett
fc595ecc17 Bug 20666: Correct permissions on opac-routing-lists.pl
You will need to have the 'Your routing lists' appear
in the opac-user page in order to trigger the error.

Make sure plack is off, and you will an error 500 page.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-03 13:26:48 -03:00
0a49e3bf92 Bug 20363: (bug 16966 follow-up) better messages handling
User views the "Your privacy" -page, it shows "No reading history to
delete", even when the user has history.

Test plan:
- Turn OPACPrivacy on
- Go to opac-privacy.pl
- Click the "Immediate deletion button" to delete the reading history
=> If the patron has reading history you must get "Your reading history has been deleted."
Otherwise "No reading history to delete"

Note that this patch reintroduce the "something went wrong" message if
the deletion failed for whatever reason.

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:16 -03:00
5c7ff786d5 Bug 19855: Move getalert, addalert and delalert to Koha::Subscription
This patch removes 3 subroutines from C4::Letters:
- getalert
- addalert
- delalert

And add 3 methods to Koha::Subscription:
- subscribers
- add_subscriber
- remove_subscriber

It makes the code cleaner for future cleanup.
TODO - we should remove alert.alertid and alert.type, and rename
alert.externalid with alert.subscriptionid
That way alert will be renamed borrowers_subscriptions (or similar) and
will become a simple join table between borrowers and subscriptions.
We will need to deal with FK that could not be satisfied.
Let's do that after this patch is pushed.

Test plan:
Subscribe and unsubscribe to email notifications sent when a new issues
is available.
Make sure everything works as before and you receive the emails.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:15 -03:00
0bd1f30c8c Bug 19855: Remove $type from the alerts
It looks like this feature has never been finished. It has been
developed with more flexibility in mind, but only 'issue' is used for
this parameter. Apparently it could have been 'virtual', for virtual shelves.

Let remove this parameter and clean the code a bit.
TODO: Remove the DB column

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:15 -03:00
e6441436f4 Bug 19855: Remove getalert from opac-user.pl
This is not used later and seems unused since:
commit e61173aa8e
Date:   Sun May 21 02:29:09 2006 +0000
    syncing dev-week and HEAD

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-23 14:22:15 -03:00
Katrin Fischer
9c0d403586 Bug 20400: (follow-up) Several fixes from RM review
- "your routing lists" tab is now highlighted when active
- get_routinglists was renamed to get_routing_lists
- Koha::Patron->get_routing_lists returns the ->search result
  directly
- Koha::Subscription::RoutingList->subscription uses DBIC
  relationship
- Undo changes to C4/Auth.pm

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-20 17:59:06 -03:00
Katrin Fischer
9af0b9de7d Bug 20400: Add routing list tab in OPAC
This patch adds the base for the new feature:
Show a list of the serial titles a patron is on routing
lists for in the OPAC.

Test plan applies to the complete patch set:

To test:
- Apply all patches
- Make sure RoutingSerials is not activated
- Check patron account in OPAC - no tab should appear
- Activate RoutingSerials
- Create subscriptions and different routing lists, test with:
  - Patron with no routing list entries = no tab
  - Patron with one or more routing list entries = tab appears

Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 20400: Rewrite using Koha::Objects

Adds
- Koha::Subscription::Routinglist
- Koha::Subscription::Routinglists

Adds 2 methods
- Koha::Patron::get_routinglists
- Koha::Routinglist::subscription

Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 20400: Add unit tests

prove t/db_dependent/Koha/Subscription/Routinglists.t
prove t/db_dependent/Koha/Patrons.t

Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 20400: Display new tab in OPAC only for patrons with routing lists

The visibility of the routing list tab in the OPAC depends
on the system preference RoutingSerials and the existence
of routing list entries for the patron.

Some libraries only offer routing lists to certain user groups and
would not want it generally visible. As there are currently no
actions you can perform from the list, this appears to be a
reasonable behaviour.

See test plan in first patch.

Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 20400: (follow-up) Use Asset TT plugin on opac-routing-lists.tt

Patch applies and functions as described.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 20400: (QA follow-up) Redirect to 404 if routing is disabled

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-20 13:34:41 -03:00
3277ca88fd Bug 20489: Remove warnings from the interface
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-20 12:24:00 -03:00
84d6c23edd Bug 20536: (ILL) authnotrequired should be explicitly unset on opac
* koha/opac-illrequest.pl - Added explicit setting of authnotrequired

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-11 16:45:09 -03:00
Mark Tompsett
9a76781f9e Bug 20083: (follow-up) use same logic in opac-showmarc
It was correctly pointed out that opac-showmarc would leak
the same way as catalogue/showmarc.pl, and so this patch
moves the authentication step up to the top where it
should be so as to prevent inappropriate data leaks.

TEST PLAN
---------
1) Set your OpacPublic system preference to Disabled
2) Open your OPAC and login
3) Find a biblio with items
4) Go to the opac details, particularly MARC view.
5) Copy the "view plain" shortcut link.
6) log out.
7) Paste the link into the address bar.
   -- the information will leak!
8) apply the patch
9) restart_all
10) Refresh the OPAC link
    -- log in screen will appear.
11) run koha qa test tools

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-04 15:45:34 -03:00
8538886cb9 Bug 19935: (follow-up) Replace GetPendingIssues - opac-user.pl
Syntax issue, can be squashed on pushing.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-03 11:43:39 -03:00
509892fd00 Bug 19935: Replace GetPendingIssues - sco-main
Same as previously, we do not need all the prefetched values here, just
a few.

Test plan:
Use the self checkout module to check some items out

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-03 11:43:38 -03:00
a53471e8bb Bug 19935: Replace GetPendingIssues - opac-user.pl
At first glance we just need the biblio title and the subtitle (in
addition of the fines info), we should not need the prefetch.

Test plan:
Loggin at the OPAC, on the summary page you should see your checkouts
and overdues with the correct values

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-03 11:43:38 -03:00
83082242a5 Bug 19935: Replace GetPendingIssues - opac-ics.pl
We only need the biblio title and the barcode, we should not need the
whole prefetch.

Test plan:
On your OPAC summary page export your checkout list using the
"Download as iCal/.ics file" link.
Before and after the patchset, the generated files must be the same

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-03 11:43:38 -03:00