Commit graph

20 commits

Author SHA1 Message Date
6c7c97f67c Bug 22015: Move DataTables CSS to global include
DataTables are used on enough pages in the staff client that it
doesn't make sense to put inclusion of the CSS into each template
where it is needed. This patch moves includes of datatables.css from
individual templates into the global header file.

To test, apply the patch and view various pages which have DataTables.
View various styles of DataTables, e.g.

 - Full pagination, like item search results
 - Four-button, like Saved SQL reports

Everything should look the same as it was.

Signed-off-by: Jose-Mario Monteiro-Santos <jose-mario.monteiro-santos@inLibro.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-19 19:40:35 +00:00
7185a96ca6 Bug 21436: Update two-column templates with Bootstrap grid: Tools part 4
This patch modifies several tools templates to use the
Bootstrap grid instead of YUI.

This patch also removes obsolete "text/javascript" attributes from
<script> tags and "text/css" attributes from <style> tags in the
modified templates.

To test, apply the patch and view the following pages, confirming that
they look correct at various browser widths:

 - Tools -> Task scheduler
 - Tools -> Staged MARC management -> View batch -> View diff of
   imported record which duplicates a record in the catalog
 - Tools -> Stage MARC for import
   - Test each step
 - Tools -> Upload local cover image
   - Test each step
 - Tools -> Upload any file
   - Test each step
 - Tools -> Log viewer
   - Test from the tools menu and from both the bibliographic
     patron details pages ("Modification log").

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-04 03:13:48 +00:00
Jonathan Druart
dcd1f5d48c Bug 13618: Add html filters to all the variables
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.

This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.

To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags

- Remove them from borrower_debarments.comments (there are allowed here)
update  borrower_debarments set comment="html tags possible here";

- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)

Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:05 +00:00
15fd90dcbc Bug 19633: Use alphanumeric error codes in upload
The error codes 1 to 7 are used in Uploader.pm or tools/upload.pl.
It would be nice to use alphanumeric codes instead.
No behavior change expected.

Test plan:
[1] Run t/db_dependent/Upload.t
[2] Verify that a regular upload with tools/upload.pl still works.
[3] Rename upload_path in your koha-conf.xml. Restart Plack, flush the cache
    and try to upload to a category. Correct error message?
[4] Upload the same file twice to the same category.
    Correct error message the second time?

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Bug 19633: (QA follow-up) Really remove these ugly numbers

See BZ comment5. We now remove the numbers also from the constant names.

Test plan:
Read the changes.
Git grep "ERRCODE_"
Run t/db_dependent/Upload.t (Note: You may see one failure here; it is fixed
on bug 20727. So depends on who reaches master first.)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:10:46 +00:00
Julian Maurice
ed7543287b Bug 20538: Remove the need of writing [% KOHA_VERSION %] everywhere
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
  mechanism, it will be tedious

This patch:
- adds a Template::Toolkit plugin that generates <script> and
  <link> tags for JS and CSS files, and inserts automatically the Koha
  version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable

Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
   checking your browser's dev tools (there should be no 404 for JS and
   CSS files, and the Koha version should appear in filenames) and the
   server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-13 11:49:44 -03:00
0ad922011c Bug 12904: Force browser to load new javascript files after upgrade
This patch has been automatically generated using:
  perl kv.pl **/*.tt **/*.inc

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
2018-02-08 14:53:24 -03:00
a6abaca8d0 Bug 19653: Move tools templates JavaScript to the footer: Additional tools
This patch modifies the staff client "Additional tools" templates so
that JavaScript is included in the footer instead of the header:

- Calendar
- CSV profiles
- Log viewer
- News
- Task scheduler
- Edit quotes for QOTD feature
- Upload

Note that the log viewer template has been modified so that the
"interface" variable (passed to the template to provide the correct path
to staff client assets) isn't overwritten by an "interface" variable
required by the log viewer.

To test, apply the patch and test the JavaScript-driven features of
each modified template: All button controls, DataTables functionality,
form validation, etc.

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-11 11:34:21 -03:00
0c9f01f175 Bug 19420: (Follow-up) Add errors on other pages
Fix error array (add '0' value)
Update errors on other places using upload.js

Eventually these should all be using the same code in a js file

upload.tt already dealt with these errors, but has diff code, made it
work with new error syntax

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: Removed the added js comment in upload.tt

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-11-08 13:31:37 -03:00
Aleisha Amohia
40babe1a10 Bug 14854: Add DataTables on upload results table
This patch adds datatables to the upload results table.
Tools -> Upload

To test:
1) Go to Tools -> Upload
2) Put any search term in search box, click Search
3) Confirm table shows as datatable and sorting works on all columns
EXCEPT Actions

Sponsored-by: Catalyst IT

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-02-17 11:36:06 +00:00
158442eb9e Bug 17501: Remove Koha::Upload::get from Koha::Upload
The get routine actually returns records from uploaded_files. It should be
possible to replace its calls by direct calls of Koha::UploadedFiles.

This patch is the crux of this patch set. It deals with all scripts that
use Koha::Upload.

In the process we do:
[1] Add a file_handle method to Koha::UploadedFile. This was previously
    arranged via the fh parameter of get.
[2] Add a full_path method to UploadedFile. Previously returned in the
    path hash key of get. (Name is replaced by filename.)
[3] Add a search_term method too (implementing get({ term => .. }).
    This logic came from _lookup.
[4] Add a keep_file parameter to delete method. Only used in test now.

Test plan:
[1] Run t/db_dependent/Upload.t
[2] Go to Tools/Upload. Add an upload, download and delete.
[3] Add another public upload , search for it.
    Use the hashvalue to download via opac with URL:
        cgi-bin/koha/opac-retrieve-file.pl?id=[hashvalue]
[4] Go to Tools/Stage MARC for import. Import a marc file.
[5] Go to Tools/Upload local cover image. Import an image file.
    Enable OPACLocalCoverImages to see result.
[6] Test uploading a offline circulation file:
    Enable AllowOfflineCirculation, and create a koc file (plain text):
    Line1: Version=1.0\tA=1\tB=2
    Line2: 2016-11-23 16:00:00 345\treturn\t[barcode]
    Note: Replace tabs and barcode. The number of tabs is essential!
    Checkout the item with your barcode.
    Go to Circulation/Offline circulation file upload.
    Upload and click Apply directly.
    Checkout again. Repeat Offline circulation file upload.
    Now click Add to offline circulation queue.
[7] Connect the upload plugin to field 856$u.
    Enable HTML5MediaEnabled.
    Upload a webm file via the plugin. Click Choose to save the URL,
    and put 'video/webm' into 856$q. Save the biblio record.
    Check if you see the media tab with player on staff detail.
    (See also: Bug 17673 about empty OPACBaseURL.)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-01-20 14:20:05 +00:00
7a62005468 Bug 17501: Move Koha::Upload::delete to Koha::UploadedFile[s]
Since delete is not part of the upload process, we will move it now
to Koha::UploadedFile[s].
Deleting the file will be done in UploadedFile.
The (multiple) delete method in UploadedFiles refers to the single delete.

Test plan:
[1] Run t/db_dependent/Upload.t
    The warning ("but file was missing") in the last subtest is fine;
    the file did not exist. Will be addressed in a follow-up.
[2] Search for uploads on Tools/Upload. Clone this tab (repeat search on
    a new tab in your browser).
[3] Delete an existing upload on the first tab.
[4] Try to delete it again on the second tab. Error message?
[5] Bonus points:
    Add an upload. Mark the file immutable with chattr +i. Try to delete
    the file. You should see a "Could not be deleted"-message.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-01-20 14:20:04 +00:00
804677265e Bug 16239: Update templates
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-01-13 14:41:22 +00:00
12beaef4b3 Bug 17083: Remove more event attributes from tools templates
This patch removes event attributes from several tool-related templates.
Events are defined instead in the JavaScript.

To test, apply the patch and:

- Go to Tools -> Label creator -> Manage -> Layouts and edit any layout.
  - In the "Font" setting, choose any font which includes the word
    "italic" or "oblique" in the name. Doing so should disable the
    "Oblique title" checkbox.
- Go to Tools -> Batch patron deletion/anonymization.
  - Submit the form without making any changes. You should be prompted
    to select an action.
- Go to Tools -> Inventory.
  - Select a batch of barcodes to upload.
  - Submit the form without selecting any filters. This should trigger a
    warning.
  - Also changed: Added Font Awesome icons to the "Select all" and
    "Clear all" links on the inventory results view.
- Go to Tools -> Notices and Slips.
  - Click "New notice"
  - Change the selection under "Koha module." The page should reload
    with the correct available message body fields. For instance,
    selecting "Holds" should make available reserves.* columns.
- Go to Tools -> Upload.
  - In the search form, enter a search term and click the 'Search'
    button. The form should submit.

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised. Event attributes removed

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-09-25 15:48:13 +00:00
Nicole C Engard
ebaa3543d6 Bug 16727: Clarify upload category note
This patch clarifies the note on the upload tool
that states that no categories are defined.

To test:

* Log in to Koha
* Confirm that you have no values set for the UPLOAD
  authorized value category
* Visit Tools > Upload
* Check the warning note for typos
* Add a authorized value category for UPLOAD
* Visit Tools > Upload
* Confirm that note is replaced

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-08-04 21:29:51 +00:00
65b2da08c9 Bug 16538: Improve the style of progress bars
This patch updates the style of progress bars to make them a little
nicer. Progress bars in the staff client are not built in a consisten
way. Some have been updated to use the <progress> element and some have
not. This patch improves some styling common to both kinds.

Other changes:

- Redundant in-page CSS has been removed from many pages.
- An invalid "min" attribute has been removed from several instances of
  <progress>.
- Corrected capitalization.
- Fixed incorrectly quoted attributes.
- Added missing form "action" attributes.

To test, clear your browser cache if necessary. Apply the patch and
test uploads on the following pages:

- Circulation -> Offline circulation file upload
- Tools -> Batch item modification
- Tools -> Batch record modification
- Tools -> Stage MARC records for import
- Tools -> Manage staged MARC records
- Tools -> Upload local cover image
- Tools -> Upload

In all cases, progress bars should look improved and work correctly.

Test Tools -> Batch item deletion. Unused background job handling markup
has been removed. Deletion processing should work correctly.

Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-15 18:06:08 +00:00
6cd592ba3b Bug 16529 - Clean up and improve upload template
This patch makes some fixes and improvements to the template for Tools
-> Upload, including markup corrections, removal of 'onclick,' and
conversion of some links to styled buttons.

To test, apply the patch and go to Tools -> Upload.

- Confirm that uploading a file works correctly.
- Confirm that clicking 'Cancel' during a file upload works correctly.
- Search existing uploads.
  - Confirm that the 'Download' and 'Delete' buttons look correct and
    work correctly.
- In Administration -> MARC bibliographic framework, choose a
  framework and configure a tag subfield to use the upload plugin.
- Create or edit a bibliographic record using the framework you
  modified.
- Click the tag editor icon next to your modified subfield to trigger
  the pop-up window with the upload form.
  - Confirm that this window has a layout which is adjusted for the size
    of the window.
  - Confirm that uploading and selecting files from this window works
    correctly.

Signed-off-by: Rocio Dressler <rocio@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-06-04 06:53:01 +00:00
5e1bcc4aa7 Bug 16242 - Move staff client JavaScript out of language directory
This patch moves the JavaScript files in prog/en/js to prog/js.
JavaScript files do not need to be in the directory which is processed
by the translator.

To test, apply the patch and visit various pages in the staff client to
confirm that JavaScript files are still loading correctly.

Revised: I intended for this to be built on top of Bug 15883 as well as
Bug 16242. Now it is.

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
On top of 15883 and 16241
All seems to work, js files pulled from new dir.
No errors

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-04-29 14:32:42 +00:00
9eb80092e3 Bug 14686: Add Upload to Tools menu
This patch makes sure that the added granular permissions work as
advertised.

Note: The field owner was not included in the Koha::Upload->get response.
The code to verify if a user is allowed to delete an upload, is concentrated
in the template now. When get returns a Koha::Object, this check could be
relocated.

Test plan:
[1] Verify that the current user has permission for tools, or has
    at least upload_general_files.
[2] Do you see Upload in the Tools menu? Follow the link.
[3] Upload a permanent file (with a category).
[4] Do you see the Delete button in the results form?
[5] Make sure that another user has no permission to upload.
[6] Login as that user and check the Tools menu.
    Try the URL [yourserver]/cgi-bin/koha/tools/upload.pl
    You should have no access to the upload form.
[7] Enable upload_general_files for this user. Go to upload and search for
    the upload from step 3. You should not see a Delete button.
[8] Enable upload_manage for this user. Search for the upload again.
    Delete the upload.
[9] Go to upload via the Cataloguing editor (856$u plugin) or add
    parameter "plugin=1" to the URL. You should not see the Tools menu.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
2016-04-27 16:14:17 +00:00
9f753799d8 Bug 14321: [QA Follow-up] Additional QA requests
This patch makes following requested changes:

[1] Renamed categorycode to uploadcategorycode (with atomicupdate file)
[2] Confirmation before deleting an uploaded file
[3] Label for Public checkbox can be clicked
[4] Back button on result list (not in plugin mode)
[5] Correct additional variable interpolation from sql queries

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested the db revision, unit test.
Uploaded temporary and permanent file, incl. plugin mode.
Deleted an upload.
Ran stage-marc-import.pl.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-09-25 12:02:52 -03:00
83ea49a009 Bug 14321: Integrate Upload.pm into Koha
This patch makes the following changes to achieve that:
[1] Use Upload.pm in stage-marc-import.pl, upload-cover-image.pl,
    offline_circ/process_koc.pl and enqueue_koc.pl.
[2] A new file-upload.js replaces file-upload.inc in the associated template.
    We now use ajax to get progress figures instead of launching perl script
    upload-file-progress.
    The js changes now also allow for aborting a file upload.
[3] Adds a tools/upload script and template. It allows to upload multiple
    files at once.
[4] Makes upload-file return error messages in JSON. For a multiple upload,
    we could have some files with errors and others without errors.
    The upload is now marked as Failed only if there was no upload at all.
[5] The upload plugin is converted to use tools/upload with plugin param.
    Deleting an upload is now presented via the search results form.

NOTE: In editing the process_koc.tt I noticed that the form enqueuefile was
hidden and no longer used (with associated code in process_koc.pl). When a
file has been uploaded, I display the form again (with the Apply directly
button). The code still works.

NOTE: We fix an error in upload-file from one of the patches of bug 6874.
The userid of the Koha admin user is passed to haspermission, but we
should pick the userid from the session.

NOTE: Bug 14686 will add a specific permission for tools/upload.pl, and
will add the tools/upload script to the Tools menu.
For now, you need edit_catalogue to start upload.pl and you will
additionally need a permission like upload_local_cover_images
to successfully upload a new file.

Test plan:
[1] Upload a marc file in stage-marc-import. (This is temp storage.)
[2] Check new entry in table uploaded_files. Look for the file in your
    temporary directory (/tmp ?), subfolder koha_upload.
    Bonus: Remove permissions on this subfolder. Retry, check error and
    restore permissions again.
[3] Upload another (larger) file and abort the upload. Check table and
    directory again. You should have a partial file, but no record.
[4] Verify that Stage for import still works as expected.
[5] Test Upload local cover image. (Enable OPACLocalCoverImages.) You can
    test an individual image or a zip file including images and a file
    called datalink.txt (with lines biblionumber,filename).
[6] Test uploading a offline circulation file:
    Enable AllowOfflineCirculation, and create a koc file (plain text):
    Line1: Version=1.0\tA=1\tB=2
    Line2: 2015-08-06 08:00:00 345\treturn\t[barcode]
    Note: Replace tabs and barcode. The number of tabs is essential!
    Checkout the item with your barcode.
    Go to Offline circulation file upload. Upload and click Apply directly.
    Checkout again. Upload again, click Add to offline circulation queue.
[7] Upload three files via tools/upload.pl with a category and marked as
    public. Check the results in the table.
    Verify that you can download the file in OPAC without being logged in.
[8] Pick one new file and one of the files of step 7. Upload them in the
    same category. One upload should succeed. Check for reported error.
[9] Connect upload.pl to field 856$u.
    Goto Cataloguing editor.
    In an empty 856$u, click the tag editor. Upload a file and click Choose.
    Save the record. Open the record in the OPAC and click the link.
    Copy this link to your clipboard for next step.
[A] Go back to editor. Click the tag editor on the same 856 field.
    Choose for Delete.
    Open the link in your clipboard again. Error message?
[B] Check the process of upload, search, download and delete of an upload
    with some diacritical characters in the filename. (Bonus points for
    adding special chars in the category code.)
    Note: You can add categories via authorized values, UPLOAD key.

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Bug 14321: [QA Follow-up] Perltidy upload.pl

Run perltidy -pro=xt/perltidyrc on tools/upload.pl.
No other changes.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2015-09-25 12:02:52 -03:00