Commit graph

1224 commits

Author SHA1 Message Date
Emmi Takkinen
207e10b81a Bug 33849: Do not reset new patrons home library when error occurs
While adding new patron, if patron is flagged as duplicate
or another error occurs and their home library differs from
library user is logged in, patrons home library resets as
logged in users library. This happens with all patrons
expect those with category type C. This patch removes checking
if patrons category type is C from code so that all category
types use previously chosen home library even if error occurs.

To test:
1. Add new patron and set their library to a different
library than the one you're logged in.
2. Cause an error (wrong age, duplicate etc) while saving.
3. Attempt to save.
=> Note that patrons home library is set as one you're
logged in.
4. Apply this patch.
5. Repeat steps 1 to 3.
=> Note that patrons home library hasn't changed.

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Esther <esther@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit d2f41df188)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 3c52b89167)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-05-30 19:15:53 +00:00
87efbaa43e Bug 30987: Fix relationship fields for patron full and quick add forms
To test:
1. APPLY PATACH and restart services.
2. Find the borrowerRelationship system preference. The description should no longer include the words "Leave empty to deactivate."
3. Populate the system preference with at least 1 choice.
4. Find a patron category with can_be_guarantee set to 'Yes'.
5. Quick add a patron of that type, making sure the relationship field shows in the Patron guarantor section. ( You have to +Add gaurantor before this field will show )
6. The values in the dropdown should refelct the borrowerRelationship values.
7. With BorrowerMandatoryField make relationship mandatory.
8. Try step 5 again, this time the Relationship field should be mandatory.
9. Remove the field from  BorrowerMandatoryField and add it to BorrowerUnwantedField.
10. Do step 5 again, the relationship field should not show on the quick add form.

Signed-off-by: Myka Kennedy Stephens <mkstephens@fosgail.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit fccbd327d9)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 7083a9dfbe)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-05-28 19:31:23 +00:00
9dde1fddd0 Bug 36376: (QA follow-up) Tidy
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 2e6a4a555b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 768701bf1d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-05-28 16:27:54 +00:00
09846cc5a1 Bug 36376: Display library limitations alert in patron's messages
Bug 31422 added a warning message when library limitations issue in patron edition page.
We should add this patron's messages in circ and details pages.
Like age limitations.

Test plan:
1) User's login branch and home library is: Centerville
2) Patron category "B - Board" is limited to Franklin
3) Edit a patron with Board category from Centerville
4) A message appears "The patron's current category (Board) is limited to other libraries."

Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 841dc00ec8)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit ebd8a50e6e)
2024-05-28 16:27:40 +00:00
bfc1cdcccc Bug 36321: Problem when dateexpiry in BorrowerUnwantedField
hen dateexpiry is in BorrowerUnwantedField it is hidden in patron edition form.
The problem is when editing an existing patron the value is re-computed with category settings, as if it where empty.

This comes from all fields in BorrowerUnwantedField beeing removed from %newdata in memberentry.pl.
Whe must skip dateexpiry.

Test plan :
1) Be sure dateexpiry is not in BorrowerUnwantedField
2) Define a patron category with enrollment period 12 month
3) Create a new patron in this category
4) Its expiration date is in now + 12 month
5) Edit the patron category to set enrollment period 6 month
6) Add dateexpiry in BorrowerUnwantedField
7) Edit the patron and save
=> Without patch the expiration date is changed to now + 6 month
=> With patch the exporation date is unchanged

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>

Perl-tidied.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 571521ba13)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit c65b3a3813)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-05-23 14:40:14 +00:00
Brendan Lawlor
2043237199 Bug 33832: Allow updating username without changing password on member-password.pl
This patch updates the change password page on the staff interface to
allow for changing the patron's username without changing the password.
If the new password is an empty string we can skip setting the patron's
password and sending the new password to the template.

Test plan:
1. From a patron record tool bar click 'Change password'
2. Notice that if you try to change the user's name without also
   changing the password the page just reloads and nothing happens
3. Apply patch and restart_all
4. From the patron record click 'Change password' again
5. Set the user's new username and  password eg. '1234Abc' and click
   'Save'
6. Confirm that you can log in to the OPAC with the user
7. Return to the patron record and click 'Change password' again
8. This time change just the 'New username field' and click 'Save'
6. Notice that the username is updated
7. Confirm you can log into the OPAC with the new username and the
   original password '1234Abcd'
8. Make sure that the change password form still validates passwords
   for length and matching errors etc

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e26fc0a3d5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 34e17b5aba)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-05-23 13:53:27 +00:00
Shi Yao Wang
cd533cb16a Bug 35911: Make archived suggestions not show in patron's account
Remove archived suggestions in patron's account page

Test plan:
1. Go to a patron's account in the staff interface
2. Go to the Suggestions tab
3. Click New purchase suggestion and create a suggestion
4. In another browser tab, go to Acquisitions > Suggestions
5. Click the small arrow next to the edit button to the right of the suggestion, and choose Archive (alternatively, check the suggestion's box and click Archive selected)
   --> Suggestion disappears from the suggestions management page (OK)
6. Go back to the tab with the patron's account and refresh
   --> Suggestion is still visible
7. Apply the patch
8. Redo step 6 and notice the suggestion is not visible anymore
9. Redo step 4 and 5 but this time, unarchiving the suggestion
10. Redo step 6 and notice the suggestion is back

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit ac71adbd23)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit d35481b1ab)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 21:02:57 +00:00
0b89414d0c Bug 36170: Wrong error variable in memberentry
It is hidding an important error.

$@ is never set here, we need $_ (inside a try-catch)

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit cd9de702e2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit f49a9e1a4d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-03-19 19:48:03 +00:00
0a1088372b Bug 30287: Conditionally render notice preview
This patch adds conditional formatting based on whether the notice was
generated from an HTML template or a plaintext one. We simply drop the
'html_line_break' filter for the case where the notice should already be
html formatted.

I was tempted to replace the html_line_break for plaintext formatted
notices too as I believe this closer resembles how we actually output
such generated notices.. but I decided that should be for another bug.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f83b9ab1ff)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit ebf8e267ac)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2024-01-04 20:34:51 +00:00
83b251e91d Bug 34910: (follow-up) alert in patron details
The anonymous patron details page should show an alert message.

1) Configure an existing borrowernumber in system preference 'AnonymousPatron'
2) Go to details page of this borrower :
   /cgi-bin/koha/members/moremember.pl?borrowernumber=x
3) Check you see alert 'This is the anonymous patron.'

Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com>
Signed-off-by: Johanna Miettunen <johanna.miettunen@haaga-helia.fi>
Signed-off-by: Päivi Knuutinen <paivi.knuutinen@joensuu.fi>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit a8e770d9c4)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-11-07 21:09:50 -10:00
e9363693e0 Bug 35127: Fix 'Search type' for patron search
We need to fallback on the syspref DefaultPatronSearchMethod but keep
the value when one is passed!

Test plan:
Search for patrons, and use the "search type". Set it to different
values than DefaultPatronSearchMethod and confirm that the value is
kept.
Fix is expected when searching for patrons in the header (use the
options to select a different value and run the search)

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit e08bf3bb4c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-10-25 21:49:52 -10:00
Emmi Takkinen
e522b49641 Bug 26558: Make guarantor information persist despite an error
When one tries to create an account with patron guarantor and
error occurs (already used username, wrong age etc.), guarantor
information is lost. This patch always saves added patron
guarantor information to the template param new_guarantors.

To test:
1. Create a new account but cause an error that will keep the
account from saving (enter the wrong age for a category or
give the patron a username that's already being used).
2. Search for and select a guarantor.
3. Try to save the account and wait for the "The following
fields are wrong. Please fix them." message.
=> Note that the guarantor information is gone and you need
to search for and select the guarantor again.
4. Apply this patch.
5. Repeat steps 1.-3.
=> Note that guarantor information hasn't been lost.

This patch also removes code block from duplicate patron
check because we now save param new_guarantors even if
error doesn't occur.

To test:
1. Create a new account but cause a duplicate patron error.
2. Search for and select a guarantor.
3. Try to save the account.
=> Guarantor information should persist.

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 70fc698899)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-10-12 14:11:43 -10:00
emilyrose
eea0310a62 Bug 34870: Perform UTF8 encoding before redirection
Display special characters correctly when writing off an invoice.

The issue arises because pay.pl does not perform UTF-8 encoding on the “notes” parameter before redirecting the page. By using uri_escape_utf8, characters with a code above 255 are also UTF-8 encoded. Then, paycollect.pl can collect the information without any trouble.

This patch work with “;” and “:” characters.

TEST PLAN
1) Go to any patron profile > Accounting
2) Click “Create manual invoice”
3) Fill the fields and click the “Save” button
4) Repeat steps 2 and 3
5) Click “Make a payment”
6) Add a note with special characters for each one (e.g., éçö)
7) Select the created invoices and click the “Write off selected” button
8) In the note field, you should see “�” symbols where the special characters are supposed to be
9) Click the “Cancel” button
10) Now add a note with “:;” for one of the invoices
11) Select the invoices and click the “Write off selected” button
12) You should see a page with an error 500
13) Go back to the “Make a payment” page
14) Apply the patch
15) Add a note with special characters for each one (e.g., éçö)
16) Add “:;” to one of the note fields
17) Select the invoices and click the “Write off selected” button
18) Now the special characters are displayed correctly

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 1c01617634)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-10-05 14:35:21 -10:00
1a0dcf64e5 Bug 34731: Don't call SendQueuedMessages if message_id is bad
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit e0b3a6c2aa)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-09-14 07:54:48 -10:00
Amit Gupta
49bd9bae3e Bug 22990: Add CSRF protection to boraccount, pay and suggestion
Signed-off-by: David Cook <dcook@prosentient.com.au>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Test plan would have been nioe.
Tested by changing MAX_AGE with suggestions.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 833d1dc8b082cc742b88e358edef77960b5ffc2f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2023-07-28 09:12:39 -10:00
2f3e1cd76b
Bug 34094: Use DefaultPatronSearchMethod consistently
This patch updates the patron search bar and pages to default search
method to that defined by DefaultPatronSearchMethod system preference.

Test plan
1) Prior to this patch confirm that regardless of what you set
   DefaultPatronSearchMethod to, the search in /members/member.pl,
   members/members-home.pl and the search from the patrons search top bar
   all default to 'contains'.
2) Apply the patch
3) Confirm that the system preference now affects the default option for
   match type upon page load.

Signed-off-by: Sam Lau <samalau@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit b804313c20)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2023-07-17 16:04:31 +01:00
37cb3391d2
Bug 33803: Remove comment about tab width
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-06-09 11:22:17 -03:00
Emmi Takkinen
b5f8c52657
Bug 33010: Do not filter checkins with logged in patrons branch in printslip.pl
If one tries to print checkin slip for checkins that
have been checked out from different branch, list
of checkins is empty. One has to change their branch
as checkout library to be able to print checkins.

This happens because we filter (or rather search) patrons
old checkouts with logged in patrons branch. This patch
removes this search so that checkout are filtered using
just filter_by_todays_checkins.

To test:
1. Checkout items for patron from branch A.
2. Switch to branch B and checkin items.
3. Print checkin slip.
=> Checkins list is empty.
4. Switch back to branch A.
5. Print checkin slip again.
=> Checkins are printed.
6. Apply this patch, restart services if needed.
7. Switch back to branch B and print checkin slip.
=> Checkins should now print.

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-05-18 11:35:11 -03:00
a4b687c3aa
Bug 31448: Replace 'Print' with 'Receipt' dropdown
This patch replaces the 'Print' button with a 'Receipt' menu dropdown
exposing 'Print' and 'Email' options when `UseEmailReceipts` is enabled

Test plan
1. Enable `UseEmailReceipts`
2. Navigate to a patron with paid charges
3. Note the new dropdown 'Receipt' menu
4. Confirm 'Print' works as expected
5. Confirm 'Email' works as expected

Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-05-05 10:18:45 -03:00
Maryse Simard
54307579ce
Bug 26598: Display guarantee's fines on guarantor's details page
A new tab is added to the details page of a patron to show, in a table, the fines of the patron's guarantees. A warning appears in the "Guarantees" section of the patron to make it obvious that fines exists.

+ resolve a git merge conflict

To test:
1) Apply patch
2) Choose a patron that has guarantees and navigate to the patron's details page
3) If the guarantees don't have any fines, the display should be unchanged
4) Add fines to the guarantee
5) Go back to the guarantor's details page
    => A warning should appear in the "Guarantees" section with the total due
6) Clicking on the link accompanying the warning focuses on the new
"Guarantees' fines" tab containing a table of all guarantee's and their
fines.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Hammat Wele <hammat.wele@inlibro.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-04-06 10:03:16 -03:00
561dac9335
Bug 32373: Show patron restriction date
This is a rebased submission following bug 31095 which removed the use of GetDebarments. This patch now uses $patron->restrictions to find the date and pass it to the template

Test plan:
1) Create a restriction on a patron and navigate to that patron in Checkouts or the patron details page
2) There should be a message with details about the restriction but the creation date of the restriction won't be included in the message
3) Apply patch
4) The message should now say "Restricted since DATE" as in the screenshot attached.
5) Change the 'dateformat' syspref and refresh, the date should change to reflect the syspref

Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-03-31 12:34:13 +02:00
9d250efae9
Bug 32426: Changes for members/memberentry.pl
Test plan:
Note: We will address this again when installing a plugin, but
first we test with the legacy userid code.

Add a new user with members/memberentry in staff.
Edit this user, change userid in staff. Try full form and partial
one.
If you remove userid or replace by a space (when mandatory), Koha
should regenerate a legacy userid.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-03-27 12:49:54 +02:00
4017946876
Bug 31095: Remove GetDebarments from members/memberentry.pl
This patch removes the use of GetDebarments from members/memberentry.pl
and replaces the references in the templates with patron.restrictions.

Test plan
1. Add a new user and confirm that the patron restrictions section does
   not appear on the form
2. Edit the user and confirm the patron restrictions section now appears
3. Add a manual restriction using the patron edit form
4. Confirm the restriction appears on the patron edit form
5. Confirm you can remove the restriction usine the patron edit form

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-01-31 10:19:36 -03:00
efd9ed271c
Bug 31095: Remove GetDebarments from members/moremember.pl
This patch removes the use of GetDebarments from members/moremember.pl
and replaces template references with patrons.restrictions and the new
includes introduced in the prior patch

Test plan
1. Confirm that the 'Restrictions (x)' tab still appears on the patron
   details page.
2. Confirm that the 'Restrictions (x)' tab count is correct
3. Confirm that the 'Restrictions (x)' tab table functions
4. Confirm that the 'Restrictions (x)' tab 'Add manual restriction' form
   works as expected

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-01-31 10:19:36 -03:00
fc650b3e87
Bug 31893: Use checkauth and do not fetch about.tt template
This patch updates four scripts to use checkauth instead of get_template_and_user

reserve/modrequest.pl
reserve/modrequest_suspendall.pl
course_reserves/mod_course.pl
members/members-update-do.pl

No behvaiour change is expected

To test:
0 - Apply patch
1 - Place some holds for a patron
2 - From patron page, confirm you can suspend all
3 - confirm you can delete marked holds
4 - Edit a course in course-reserves
5 - Make a chaneg to personal details via OPAC
6 - Confirm change can be approved on staff side

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2023-01-20 13:56:30 +00:00
e49e7d483a
Bug 32119: (bug 31422 follow-up) Fix add guarantee
To test:
1 - go to a patron detail view, click "add guarantee"
2 - Confirm form loads
3 - Confirm categories lsited are eligible to have a guarantor
4 - Fill out required fields and confirm patron saved correctly

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-11-07 11:09:56 -03:00
3a9d38b3a5
Bug 31422: Add patron's current category to dropdown while editing
Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-11-03 09:45:25 -03:00
Björn Nylén
043017af13
Bug 31739: Password recovery from staff fails if previous expired reset-entry exists.
SendPasswordRecoveryEmail relies on the calling script to tell if there is an
existing valid recovery already. If there's an expired recovery-entry the
members/notices.pl script will try to create a new entry resulting in a duplicate
key error.

This patch fixes the bug by removing the need for the calling script to do the check as
since SendPasswordRecoveryEmail does the same thing anyway.
SendPasswordRecoveryEmail will now use DBIx ->update_or_create instead of looking at
the $update param to determine if it should update an existing entry or create a new.

The update param is removed from all calling scripts and test are updated.

To test:
1. Generate a password recovery mail for a patron
2. Let it expire.
3. Generate a new password recovery from staff to the same patron - Fail!
4: Apply patch
5. Generate a new password recovery from staff to the same patron - Success!
6. Opac password recovery flow should also work.
7. Tests pass.

Sponsored-by: Lund University Library

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-24 14:12:16 -03:00
d92b2b4c67
Bug 30588: (QA follow-up) Adjust flags for two_factor_auth.pl
Anyone with staff access (catalogue) should be able to go
to account and enable 2FA.

Test plan:
Have a staff user with minimum staff permission.
Access account, manage 2FA.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:37:01 -03:00
b93e15c235
Bug 30588: Add the option to require 2FA setup on first staff login
Bug 28786 added the ability to turn on a two-factor authentication,
using a One Time Password (OTP).
Once enabled on the system, librarian had the choice to enable or
disable it for themselves.
For security reason an administrator could decide to force the
librarians to use this second authentication step.

This patch adds a third option to the existing syspref, 'Enforced', for
that purpose.

QA notes: the code we had in the members/two_factor_auth.pl controller
has been moved to REST API controller methods (with their tests and
swagger specs), for reusability reason. Code from template has been
moved to an include file for the same reason.

Test plan:
A. Regression tests
As we modified the code we need first to confirm the existing features
are still working as expected.
1. Turn off TwoFactorAuthentication (disabled) and confirm that you are not able to
enable and access the second authentication step
2. Turn it on (enabled) and confirm that you are able to enable it in your account
3. Logout and confirm then that you are able to login into Koha

B. The new option
1. Set the pref to "enforced"
2. You are not logged out, logged in users stay logged in
3. Pick a user that does not have 2FA setup, login
4. Notice the new screen (UI is a bit ugly, suggestions welcomed)
5. Try to access Koha without enabling 2FA, you shouldn't be able to
access any pages
6. Setup 2FA and confirm that you are redirected to the login screen
7. Login, send the correct pin code
=> You are fully logged in!

Note that at 6 we could redirect to the mainpage, without the need to
login again, but I think it's preferable to reduce the change to
C4::Auth. If it's considered mandatory by QA I could have a look on
another bug report.

Sponsored-by: Rijksmuseum, Netherlands

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:36:57 -03:00
8511750de9
Bug 30588: Adjust existing occurrences of TwoFactorAuthentication
We need to replace 0 with 'disabled', and 1 with 'enabled'

Sponsored-by: Rijksmuseum, Netherlands

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 11:36:56 -03:00
a059392490
Bug 29987: (follow-up) Fix missing payment type
The payment type include has changed since the patch was first written,
we now require a 'type' is passed to properly set the field name.

This should fix the 'bankable' issue raised.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 10:18:53 -03:00
529341c78b
Bug 29987: Add register support to manual credits
This patch adds the register and transaction type selection options to
the manual credit page.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 10:18:53 -03:00
dc86053bd8
Bug 31714: Add Generic way to print patron slips
This patch adds a very simple controller and template to allow patron
slip printing without all the boilerplate.

See bug 31713 for an example use.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-10-21 10:09:03 -03:00
fde33d7a4c
Bug 31562: Treat flags as other borrower fields
Rather than generate a custom hash for these fields, we should treat them as other borrower data fields

To test:
 1 - Edit a patron, note the 'Lost card' and 'Gone no address' fields
 2 - Edit syspref BorrowerunwantedField
 3 - Set gonenoaddress and lost as unwanted
 4 - Edit patron, the fields remain
 5 - Apply patch
 6 - Edit a patron, fields are hidden
 7 - Unhide one of the fields
 8 - Edit a patron and confirm it shows and saves correctly
 9 - Unhide the other field
10 - Confirm it can be edited and saved

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-22 09:24:41 -03:00
Julian Maurice
63f88a5742
Bug 31254: Add additional fields for accountlines
Test plan:
1. Go to Admin » Additional fields
   There are two new categories: "Account lines (credit)" and
   "Account lines (debit)"
2. Create fields for both categories, with and without an authorized
   value category
3. Go to a user's accounting page
4. Create a manual invoice. Verify that all "debit" fields are there,
   put a value in them and save
5. Create a manual credit. Verify that all "credit" fields are there,
   put a value in them and save
6. Make a payment. Verify that all "credit" fields are there, put a
   value in them and save
7. Go to the transactions tab, click on the "Details" button for the
   lines you just created and verify that the additional fields are
   there

Signed-off-by: Emmanuel Bétemps <e.betemps@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-09-21 18:58:28 -03:00
2954fbc9cc
Bug 30335: (follow-up) Bind new permissions to pages and tabs
This patch binds the new permissions added in the previous patch to the
tab display on the borrower account page.

Test plan
1) Apply the previous patch and run the database update
2) Configure a user without the new permissions
3) Confirm the 'Create manual invoice' and 'Create manual credit' tabs
   no longer appear under the 'Accounting' area when logged in as the
   above user.
4) Confirm that you cannot manually navigate to /members/mancredit.pl or
   /members/maninvoice.pl when logged in as the above user.
5) Confirm that users with the above permissions are still able to see
   the tabs and take actions on them.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-31 08:41:01 -03:00
6ce4d25bd3
Bug 23681: Move to ::Patron::Restriction::Type(s)
This patch moves the new classes under ::Patron::Restriction:: and
enhances the Unit tests for those classes.

NOTE: We should drop keyed_on_code as part of bug 31095
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-25 08:50:35 -03:00
Andrew Isherwood
a8448041ba
Bug 23681: Allow for selection of restriction type
This patch displays a restriction type select box (when appropriate)
when adding manual patron restrictions

Sponsored-by: Loughborough University
Signed-off-by: Benjamin Veasey <B.T.Veasey@lboro.ac.uk>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-25 08:41:01 -03:00
Andrew Isherwood
e0160b905b
Bug 23681: Allow for changes to debarments
The structure of debarments has changes slightly in that the displayed
text is now a product of a call to Koha::RestrictionTypes rather than
just the debarment's code. This patch allows for that

Sponsored-by: Loughborough University
Signed-off-by: Benjamin Veasey <B.T.Veasey@lboro.ac.uk>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-25 08:41:01 -03:00
48bf9b1d91
Bug 30718: Use flatpickr's altInput
The idea rely on the KohaDates TT plugin for the date formatting. We
should not have any output_pref calls in pl or pm (there are some
exceptions, for ILSDI for instance).

Also flatpickr will deal with the places where dates are inputed. We
will pass the raw SQL value (what we call 'iso' in Koha::DateUtils), and
the controller will receive the same value, no need to additional
conversion.
Note that DBIC has the capability to auto-deflate DateTime objects,
which makes things way easier. We can either pass the value we receive
from the controller, or pass a DT object to our methods.

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-19 08:26:31 -03:00
bc0d561cf0
Bug 30874: Remove category_type
In which case do we pass category_type to this script? Am I missing
something?

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-05 14:51:36 -03:00
a2330a84e0
Bug 30874: Simplify categories loop construction
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-05 14:51:36 -03:00
71611bb146
Bug 30874: 2 more - need more investigation
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-05 14:51:35 -03:00
18d7c7fdf9
Bug 30874: Reduce number of category fetches
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-05 14:51:35 -03:00
36cb2bff47
Bug 30874: Replace categoryname
== Test plan ==
1. Apply all patches
2. Create a new patron in a given category
   => Form show the dropdown with the selected category
3. Edit again
   => Value is kept
4. Edit a category to give it specific values for: messaging prefs,
   password strength/length, can be guarantee
5. Edit the patron, change the category, and confirm that the different
   limitation are correctly applied.

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-08-05 14:51:35 -03:00
87aa05f9de
Bug 26689: Prepend letter codes.
This patch prepends the credit_type_code and debit_type_code with
CREDIT_ and DEBIT_ respectively when doing a lookup on the notice letter
code.

Test plan
1) As previous patches, however instead of just naming your notice to
   match the credit_type_code or debit_type_code use
   CREDIT_credit_type_code and DEBIT_debit_type_code respectively.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-07-22 15:01:36 -03:00
8e46612d7c
Bug 26689: Check for specific template then fallback - printinvoice
This patch adds a check for a more specific ACCOUNT_DEBIT template
(named to match the debit_type_code of the credit line) prior to
falling back to the ACCOUNT_DEBIT template.

Test plan
1/ On a patrons account page use the print option on a series of debit
lines with differing credit types (Overdue, Payout)
2/ Note that the same template 'ACCOUNT_DEBIT' is used for all types
3/ Apply the patch
4/ Run step 1 again and note all still print using ACCOUNT_DEBIT
5/ Add a new notice template under the 'circulation' module with a code
that matches one of your account debit types (OVERDUE, PAYOUT)
6/ Run step 1 again and note that where you have added a specific notice
for that debit type it has been used.

Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-07-22 15:01:36 -03:00
422ab47283
Bug 26689: Check for specific template then fallback - printfeercpt
This patch adds a check for a more specific ACCOUNT_CREDIT template
(named to match the credit_type_code of the credit line) prior to
falling back to the ACCOUNT_CREDIT template.

Test plan
1/ On a patrons account page use the print option on a series of credit
lines with differing credit types (Payment, Lost Item Return, Writeoff)
2/ Note that the same template 'ACCOUNT_CREDIT' is used for all types
3/ Apply the patch
4/ Run step 1 again and note all still print using ACCOUNT_CREDIT
5/ Add a new notice template under the 'circulation' module with a code
that matches one of your account credit types (PAYMENT, WRITEOFF,
LOST_FOUND)
6/ Run step 1 again and note that where you have added a specific notice
for that credit type it has been used.

Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-07-22 15:01:36 -03:00
Andrew Isherwood
968c5865e7
Bug 23838: Add renewals modal
This patch adds the display of the renewals modal when appropriate. A
"View" link is displayed next to renewals count where appropriate.
Clicking the link opens the modal that displays the logged renewals.

Sponsored-by: Loughborough University
Signed-off-by: Myka Kennedy Stephens <mkstephens@lancasterseminary.edu>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>
Signed-off-by: Ben Veasey <B.T.Veasey@lboro.ac.uk>

Rescued-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

I rescued this patchset by squashing previous work and updating it to
utilise the new renewals API routes introduced in bug 30275.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-07-22 11:39:09 -03:00