We were having a "Patron is not authenticated yet" comment, but it was not correct,
we set 'number' and 'id' in session, and waiting-for-2FA was not set => the patron is fully authenticated.
The test returned 401 because we fully authenticated user cannot request
an otp token when not waiting for the second auth step.
This situation is already covered (last test of the subtest).
Test plan:
prove t/db_dependent/api/v1/two_factor_auth.t
must return green
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Adding a test for a 403 status when lowering authorization.
The Auth mock for check_cookie_auth is not needed here.
Reading back the session after flush either.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This is a deadlock I think. Any ideas how we could continue to test that
in any conditions?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To make the tests pass even if no SMTP server is defined.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If we are fully logged-in or haven't pass the password phase, don't send
the notice!
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Changing flags to 20 to include the required Staff access for
intranet login.
This changes the http status. The API raises an exception now.
Test plan:
Run t/db_dependent/api/v1/two_factor_auth.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 28786 let librarians enable a Two-factor authentication but force them to use
an application to generate the TOTP token.
This new enhancement add the ability to send an email containing the token to the
patron once it's authenticaed
The new notice template has the code '2FA_OTP_TOKEN'
Test plan:
- Setup the two-factor authentication (you need the config entry and the
syspref ON)
- Enable it for your logged in patron
- Logout
- Login and notice the new link "Send the code by email"
- Click on it and confirm that you received an email with the code
- Use the code to be fully logged in
QA question: Is 400 the correct error code to tell the email has not
been sent?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the style of the time selection controls so that it
is clearer that they are elements which the user can interact with. The
times are now styled as buttons, and a check-mark icon is added when a
time is selected.
Also changed: Pickup date and notes fields are hidden until a library
has been selected. The count of existing appointments has been removed
in favor of showing the count of available appointments. A tooltip has
been added: "Appointments available: X"
I also changed the way the date selection event is fired. I found that
jQuery's "change" event on the input itself was not reliable for some
reason. I implemented instead an "onClose" event using the flatpickr
instance.
Note: The patch contains some indentation changes.
To test, apply the patch and enable and configure curbside pickups if
necessary. You should have at least two libraries with curbside hours
defined.
- Log in to the OPAC and go to "your curbside pickups."
- Under the "Schedule a pickup" tab you should see only the option to
select a library.
- When you select a library the "Pickup date" field should appear.
- When you select a date the time-selection buttons and the notes field
should appear.
- Hovering over a time should trigger the "Appointments available"
tooltip.
- Clicking a time should cause the "button" to turn green with a
check-mark icon.
- Submit a pickup request and confirm that it is saved correctly.
- Return to the "Schedule a pickup" form and confirm that selecting the
same library again triggers a message, "You already have a pickup
scheduled for this library."
- Select another library and another date.
- Switch your library selection to the library you already have a
request for. The date, time, and notes fields should be hidden again
and the same message triggered about already having a pickup
scheduled.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If a backend hasn't been updated to support this functionality, we need
to handle that gracefully
Also, this commit fixes some indentation.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This commit allows illview to use an intranet template supplied by the backend, as
per other stages. The template must be named illview.inc
Test plan:
- Apply the patch
- Install FreeForm backend (https://github.com/PTFS-Europe/koha-ill-freeform)
- Create a request
- On the resulting "Manage ILL request" note the display is normal
- Create a new file in the FreeForm backend directory: /intra-includes/illview.inc
with the following content:
[% BLOCK backend_jsinclude %]
<script>(function() { alert("Working!"); })()</script>
[% END %]
- Restart Plack if enabled
- Reload the page
=> TEST: Observe that the alert specified in the template is displayed
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
It was commented anyway
Hey, nothing to do here!
Amended patch removes refactor comment that referred to this line, maybe?
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 27272 is going to remove C4::Items::GetItemsInfo in favour of Koha::Items->search.
Here we are going to deal with opac-sendbasket
Test plan:
List items on the modified view and confirm that all the info is
displayed correctly
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
JD amended patch: add 'me' prefix to prevent failure if biblio is linked
with a subscription
DBIx::Class::Storage::DBI::_dbh_execute(): DBI Exception: DBD::mysql::st execute failed: Column 'biblionumber' in where clause is ambiguous at /kohadevbox/koha/Koha/Objects.pm line 394
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 27272 is going to remove C4::Items::GetItemsInfo in favour of Koha::Items->search_ordered.
Here we are going to deal with tags/list
Test plan:
List items on the modified view and confirm that all the info is
displayed correctly
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Commit message from JD:
On bug 27272 we are going to replace C4::Items::GetItemsInfo with Koha::Items
methods, but we need to keep the existing behaviour that is:
Order by publisheddate, enumchron for searisl, or by homebranch.branchname,
enumchron, LPAD( copynumber, 8, '0' ), desc dateaccessioned
Test plan:
Confirm that the code from the new method makes sense
Run t/db_dependent/Koha/Items.t
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
It's ugly to move the li to the include file, but it's the easiest for
now...
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Requested by QA, see comment 26.
Sponsored-by: Orex Digital
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
See comment 26:
$6 is a very specialized field that will never contain a URL. Linkage here means 'linking MARC fields within the record'. For example it is used to link an original script tag with the corresponding tag in transliteration. See: https://www.loc.gov/marc/authority/ecadcntf.html
Sponsored-by: Orex Digital
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Orex Digital <info@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This new enhancement add the capability to list the different
identifiers of authors. It is helpful for research publications for
instance.
This patch will add a new "Author identifiers" tab on the detail page
(OPAC) of a bibliographic record, with the list of the authors and their
identifiers.
On the detail page of the authority record, the same identifier list
will be displayed.
Test plan:
Create some authority with
024
$a source
$2 number
$6 link to the source
With the pref turned ON you will be able to see the new information.
Sponsored-by: Orex Digital
Signed-off-by: Orex Digital <info@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Sponsored-by: Orex Digital
Signed-off-by: Orex Digital <info@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Sponsored-by: Orex Digital
Signed-off-by: Orex Digital <info@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
get_marc_authors actually return authors from 700..712, not the first
author from 200
Sponsored-by: Orex Digital
Signed-off-by: Orex Digital <info@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
also with SearchWithISSNVariations on and off
Signed-off-by: KIT Library Germany <michaela.sieber@kit.edu>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
- add search form field for ISSN number
- add search logic including ISSN variations search
if SearchWithISSNVariations preference is set
Signed-off-by: KIT Library Germany <michaela.sieber@kit.edu>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>