Also updated 'cud-edit' in the controller back to 'edit' as it's a 'get'
request to display the form.. i.e. read not create, write or update.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
A couple of left not caught by the previous regex
Still TODO:
% git grep csrf_token **/*.inc **/*.tt
still shows example that needs to be replaced, later (because we use GET)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
perl -p -i -n -e 's#<input type="hidden" name="csrf_token" value="\[% csrf_token \| html %]" />#[% INCLUDE '\''csrf-token.inc'\'' %]#g' **/*.tt **/*.inc
This should have actually been done at the same time as
"Bug 30524: (QA follow-up) Only generate CSRF token if it will be used"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If a different branch is selected after an incorrect login, the previous
branch will be used.
To recreate:
* login with foo/bar, select CPL => FAIL
* login with koha/koha, select another branch => OK but CPL is picked!
It was caused by a dup of "branch" in CGI param list (and first was
picked).
This patch patch also removes "koha_login_context" to not have it twice.
You can also open the source of the page to confirm that form#loginform
contains "branch" and "koha_login_context" in hidden inputs.
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested in KTD. Works as advertised.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Since bug 20489 it is no longer possible to login with the DB user.
At the time, get_template_and_user returned borrowernumber=0 in this case.
In tags/review.pl we have:
$borrowernumber == 0 and push @errors, {op_zero=>1};
This condition is never met, and op_zero related code can be removed in the template.
Test plan:
Confirm the above
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Since
commit 61628c97c2
Bug 18936: (follow-up) Add cloning of circulation rules back to Koha
There are some dead code in admin/clone-rules.
"result" is always passed to the template.
Test plan:
Confirm the above and that cloning rules from the circ rules page still
works correctly.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
messagetransfert is never set (it is from circ/waitingreserves.pl, `git grep messagetransfert`) and branchreserves.pl does not exist!
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch fixes some templates where the messages include was appearing
in the wrong place, for instance above the left-hand sidebar instead of
at the top of the main content.
The patch also adds the new include to some templates which lacked it.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
* cc is an abbreviation, so updated to CC
* Adding consistency with punctuation for error messages
* Updated a borrower to patron
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds further delivery details to the notices tab in patron
details in the staff client.
Once a message is sent, we display the 'from:', 'to:' and 'cc:'
addresses in the 'Delivery note' column when they exist.
Test plan
1. Enable KTD to send email [1] (without email configured the
delivery note displayed "Unhandled email failure, check the logs for
further details").
2. Add email addresses to two patrons and to KohaAdminEmailAddress,
and run misc/cronjobs/process_message_queue.pl after generating
notices.
3. For the two patrons with email addresses, make one a guarantor.
4. Sent Welcome messages (Patron account > More > Send welcome email) -
nothing in delivery note column.
5. Checkout out an item to the guarantee (item checkout email enabled) -
nothing in delivery note column.
6. Send the notices by running misc/cronjobs/process_message_queue.pl
again.
7. Now the 'Delivery note' columns should contain from:, to: and cc:
address details.
[1] Option 1 - smpt-sink (aka the sandboxes way)
- Install the postfix package inside ktd (sudo apt install postfix)
When asked in the wizard, I named mine 'local'
- Start smpt-sink with
`nohup smtp-sink -u root -D mail 127.0.0.1:25 100 </dev/null >/dev/null 2>&1 &`
Option 2 - To test sending emails using a Google account:
- Set up an App password for your Google Account
- Edit /etc/koha/sites/kohadev/koha-conf.xml file and add this
configuration near the end (where <user_name> = your Google email
address; <password> = your APP password, not your Google account
password):
<smtp_server>
<host>smtp.gmail.com</host>
<port>587</port>
<timeout>5</timeout>
<ssl_mode>STARTTLS</ssl_mode>
<user_name>GOOGLEACCOUNTUSER</user_name>
<password>GOOGLEAPPPASSWORD</password>
<debug>1</debug>
</smtp_server>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Staging modal area had issues listing availability checks for each request in the batch creation process
To test:
1) Run bash <(curl -s https://raw.githubusercontent.com/ammopt/koha-ill-dev/master/start-ill-dev-plus.sh)
2) Install a metadata enrichment plugin, e.g. https://github.com/PTFS-Europe/koha-plugin-api-pubmed/releases
3) Install and configure an availability plugin, e.g. eds https://github.com/PTFS-Europe/koha-plugin-ill-avail-eds/releases
4) Enable ILLCheckAvailability sys pref
5) Create a new ILL batch and input some pubmedids, i.e. 34898594, 31452466
6) Verify that the availability results show and are working, for each request in the batch
Signed-off-by: Edith Speller <Edith.Speller@ukhsa.gov.uk>
Sponsored-by: UKHSA (UK Health Security Agency)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
Disable StockRotation pref. Check if report is hidden on circ home.
Enable. Check if report is visible.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
When an existing report is saved and an incorrect AV category is selected,
the UI is asking "do you want to save anyway", but the "Update SQL" button
leads to a blank page and the report is not saved.
On bug 33966 the value is been adjust to 'update_sql' but this incorrect
was left.
To test you need to use the browser inspector to adjust the value of the
selected option.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
* Enable AcqEnableFiles system preference
* Go to acquisitions
* Search for a vendor and receive shipment
* Enter an invoice number and create new invoice
* Finish receive
* Click on 'manage invice files' link
* Upload a sample file
* Verify the table is missing the usual white background
* Apply patch
* Verify the the table now displays with the usual white
background
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch fixes even more markup errors and HTML validation issues.
Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
When a patron search is performed only a user with edit_borrowers
permission can search by name. Search can works only with cardnumber but
it makes searching less intuitive I think.
So, as mentioned in the discussion, I've added a new 'list_borrowers' permission,
completely independent of 'edit_borrowers', so that I can search for a member via the interface
and get the results. In addition to the permission to perform check in and checkouts, this no longer poses an obstacle to simple use.
Test plan:
1) Check with a user without 'edit_borrowers' permission that the patron search can only be performed with cardnumber
2) Apply this patch
3) Make the updatedatabase to add new 'list_borrowers' permissions
4) Set 'list_borrowers' permission on one user and see the difference
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Emmi Takkinen <emmi.takkinen@koha-suomi.fi>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
TO TEST:
1. Have a waiting hold on a particular barcode
2. Have at least 1 HOLD_CANCELLATION auth value
3. Check in the barcode and try to cancel the hold on the modal while
selecting a reason.
=> SUCCESS: You can cancel a hold when selecting a reason.
4. Repeat 1-3 but not selecting any reason.
=> SUCCESS: Hold cancelled correctly.
5. Delete all HOLD_CANCELLATION auth values.
6. Repeat Try 1-3
=> SUCCESS: No reason displayed
=> FAIL: Cancelling does nothing. There's an error in the browser
inspector
7. Apply this patch
8. Repeat 1-3
=> SUCCESS: No reason displayed
=> SUCCESS: Cancelling works
9. Sign off :-D
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Edit: amended the test plan to make it clearer
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. APPLY PATCH and clear browser cache.
2. Have multiple additional content items ( news/HTML customization/Pages )
3. From one of the pages ( news/HTML customization/Pages ) click the 'Delete selected' button. Since no items are checked you should see the 'Please select content to delete' alert.
4. Check some items and click 'Delete selected' they should be correctly deleted.
Note: There is no change in behavior from this patch.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch switches us from '<span class="clearfix">' to '<div>' so
we're just using a block level elemenet instead of manipulating an
inline element to act like a block.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds a clearfix span around the invoicenumber and EDI message
display texts which should result in them each having their own line.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
