Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Swapped the order of the page titles to have the unique information first, i.e. the name of the specific page displays first, and the name of the website (e.g. Koha) displays at the end.
To test:
1) Apply patch
2) Ensure each of the files in the modules folder and the modules/acqui folder are swapped around to display the most unique information first, and the website name is at the end
3) Ensure the pages displayed on the Staff Client that correspond to
these files also display the changes
Sponsored-by: Catalyst IT
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Henry Bolshaw <bolshawh@parliament.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch cleans up some instances I missed on the first round:
- Acquisitions -> Vendor -> Receive shipments
- Acquisitions -> "All available funds" table
-> Click an "Ordered" value
-> Click a "Spent" value
- Acquisitions -> Vendor
-> test sorting of contracts in the "Contracts" table
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies several acquisitions templates to replace the use of
the "title-string" DataTables sorting method with the newer "data-order"
attribute.
To test, apply the patch and view the following pages to confirm that
columns containing dates sort correctly when using any setting of the
"dateformat" system preference:
- Acquisitions -> Late orders
- Acquisitions -> Vendor -> Basket -> Add to basket -> From a
subscription
- Acquisitions -> "All available funds" table
-> Click an "Ordered" value
-> Click a "Spent" value
- Acquisitions -> Vendor -> Receive shipments
- Acquisitions -> Vendor
-> test sorting of contracts in the "Contracts" table
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
I think the "breadcrumbs" ID is worth saving for past and future CSS
customization reasons.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes some indentation changes to make things (in my opinion)
more consistent. Diffing while ignoring whitespace should show no
changes except to acqui/basket.tt where some lines were broken up.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Modified breadcrumbs to be accessible, in particular for a
screen-reader.
Made the block of breadcrumbs be a <nav aria label="Breadcrumb"
class="breadcrumb"> with an ordered list inside. The last breadcrumbs
also has aria-current="page" to specify that it is the current page.
To test:
1) Apply patch
2) Build scss file
3) Ensure each of the files in the modules folder and the modules/acqui
folder has breadcrumbs that are in a <nav aria label="Breadcrumb"
class="breadcrumb"> block
4) Ensure that there is an ordered list in the block of breadcrumbs
5) Ensure that the last breadcrumb has aria-current="page"
6) Ensure that the breadcrumbs on each page of the staff client
belonging to these files look the same as before, but the '>' symbol
is replaced with '/' and the last breadcrumb has bold text
7) Ensure that when the last breadcrumb is clicked it takes you to the
page you are currently on
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch add the noExport class to all "Actions" columns in the
codebase.
It's a stupid search and replace, maybe the class is added to table
where there is no export button.
Test plan:
Search tables where the export button is available. Confirm that the
"Actions" columns is not exported.
Example: /admin/branches.pl, /admin/cities.pl
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the "focus" class to the vendor name field in the form
for adding or editing a vendor in acquisitions.
To test, apply the patch and go to Acquisitions -> New vendor.
On page load the cursor focus should automatically be on the vendor name
field. The same should true when editing an existing vendor.
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Koha shows the number of subscriptions linked to a vendor,
but there is no way to look them up. This adds a link to the
subscription search with the vendor name, so there is an easy way
to find the subscriptions.
To test:
- Be superlibrarian or have serials permission
- Make sure you have one or more subscriptions linked to vendors
- Go to the vendor's detail page in acquisitions
- Verify the number of subscriptions is now a link
- Verify the search results are correct when clicking on it
- Remove permissions (no serials, not superlibrarian)
- Verify now the number shows, but is not linked
Signed-off-by: Nazlı Çetin <nazli@devinim.com.tr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
When the user doesn't have superlibrarian, full acq or
contracts_manage permission, don't show buttons for editing
and deleting contracts.
To test:
- Create a vendor with a few contracts
- Create a staff user with
- superlibrarian = can view edit/delete contracts
- full acq perms = same
- without manage_contracts = can view, but action buttons are gone
- Make sure the sorting of the contracts table works in all cases
Signed-off-by: Holly Cooper <hc@interleaf.ie>
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes a number of changes in order to improve the way the
staff client's header menu adjusts at narrower browser widths:
- Updated version of Bootstrap 3.3.7 which includes the "collapse"
JavaScript plugin.
- Modified default Bootstrap CSS using Bootstrap's customization tool.
These changes facilitate the removal of some custom CSS (overriding
Bootstrap) from staff-global.scss.
- Added Bootstrap config file for loading customizations at
https://getbootstrap.com/docs/3.3/customize/
- Revised button classes for buttons in Bootstrap-styled toolbars.
The modified default CSS resets the base font size in Bootstrap to
better match our global CSS. A side-effect of this is that toolbar
buttons ended up looking smaller than they should. Changing the
button class solves this.
- Restructure the header menu in order to allow different rules to
govern the appearance of the navigational part of the menu
(Circulation, Search, etc) and the user menu (Set library, My
account, Log out).
- Modify the cart JS to so that the popup works well at narrow widths.
To test, apply the patch, regenerate the staff client CSS, and clear
your browser cache.
- Log in to the staff client and observe the layout of the header menu
as you adjust the browser to various widths.
- Confirm that sections of the menu "collapse" as the window gets
narrower.
- Confirm that dropdown menus behave correctly and that links work.
- Confirm that the Cart link works as expected when the cart empty
and when it has items.
- Install and enable multiple translations, including at least one
set of sub-languages (e.g. fr-FR and fr-CA).
- Test the appearance of the language menus in the footer at
various browser widths.
- View pages with button toolbars and confirm that they appear unchanged
(e.g. biblio detail page, patron detail page).
NOTE: While this patch is intended to make improvements to staff client
responsiveness, it does so within a limited scope. There are still many
pages which do not work well at narrower browser widths.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
DataTables are used on enough pages in the staff client that it
doesn't make sense to put inclusion of the CSS into each template
where it is needed. This patch moves includes of datatables.css from
individual templates into the global header file.
To test, apply the patch and view various pages which have DataTables.
View various styles of DataTables, e.g.
- Full pagination, like item search results
- Four-button, like Saved SQL reports
Everything should look the same as it was.
Signed-off-by: Jose-Mario Monteiro-Santos <jose-mario.monteiro-santos@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The new floating toolbar plugin doesn't like a particular combination of
markup: A toolbar inside a form which is styled "display:inline." The
staff client CSS styles forms that way globally, so it must be
explicitly overridden in these situations.
Changing the default will have broad consequences, so I propose an
inline style to fix this.
To test, apply the patch and go to Acquisitions. Add or edit a vendor
and confirm that after scrolling down the page the form is still
editable.
Signed-off-by: Andrew Isherwood <andrew.isherwood@ptfs-europe.com>
Signed-off-by: Mikaël Olangcay Brisebois <mikael.olangcay-brisebois@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch replaces the fixFloat jQuery plugin with a new one: HC-sticky
(https://github.com/somewebmedia/hc-sticky). This plugin provides the
same functionality without the page-reflow problems fixFloat suffers
from.
To test, apply the patch and regenerate the staff client CSS. Test the
behavior of the floating toolbar on these pages:
- Acquisitions -> Vendor -> Vendor details
- Acquisitions -> Vendor -> View basket
- On both these pages, test toolbar behavior before and after
expanding the "Orders search" options at the top of the page.
- Administration -> System preferences
- Authorities -> Create or edit an authority
- Catalog -> Advanced search
- Search results
- Catalog -> Item search
- Cataloging -> Add or edit a record
- Open the plugin window for the 008 field
- Tools -> Label creator -> New label batch -> Add items -> Search ->
Results
- Patrons -> New patron
- Test before and after expanding the patron search options at the
top of the page
- Test editing a patron too
- Tools -> Automatic item modifications by age -> Edit
- Tools -> Notices & slips -> Edit
- Lists -> View list
Check that the About page has been updated with information about the
plugin.
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch changes the HTML structure of the vendor edit page so that
the markup is a little simpler. CSS is modified to match. This structure
should serve as a model for other similar form structures:
<fieldset class="rows">
<ol>
<li>
<label>General label:</label>
<label class="radio">
Specific label 1 <input type="radio" />
</label>
<label class="radio">
Specific label 2 <input type="radio" />
</label>
</li>
</ol>
</fieldset>
To test, apply the patch and regenerate the staff client CSS.
- Go to Acquisitions -> Vendor search -> Vendor -> Edit vendor
- In the "Ordering information" section, confirm that the position of
radio buttons looks correct.
- Confirm that radio button labels work correctly.
- Confirm that the adjacent dropdown menus work well.
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch adds or corrects Bootstrap grids on three
acquisitions-related templates.
To test, apply the patch and confirm that these pages look correct and
adjust well to various browser widths:
- Acquisitions -> Vendor -> Basket -> View
- Acquisitions -> Vendor -> Details
- Acquisitions -> Vendor -> Basket -> Add to basket -> From a new
(empty) record
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch has been generated with the script provided on bug 21576.
It only affects variable used in the href attribute of a link *when*
href it the first attribute of the node (grep "a href")
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch moves the Save and Cancel controls on the vendor edit form
into a toolbar which sticks to the top of the screen as you scroll.
To test, apply the patch and Acquisitions -> New vendor.
- Confirm that as you scroll down the page, the toolbar with the Save
and Cancel buttons sticks to the top of the screen.
- Test that the Save and Cancel buttons both work correctly.
- Perform the same tests when editing an existing vendor.
Signed-off-by: Maksim Sen <maksim.sen@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch modifies several acquisitions templates to use the Bootstrap
grid instead of YUI.
This patch also removes obsolete "text/javascript" attributes from
<script> tags and "text/css" attributes from <style> tags in the
modified templates.
To test, apply the patch and view the following pages, confirming that
they look correct at various browser widths:
- Acquisitions home page -> Click a "spent" value for a fund.
- Acquisitions -> Vendor -> Vendor details.
- Acquisitions -> Vendor -> Uncertain prices
- Acquisitions -> Vendor -> Receive shipments
- Click an "Invoice number" link in the table of shipments.
- Click "Receive" for one of the titles in pending orders.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
mechanism, it will be tedious
This patch:
- adds a Template::Toolkit plugin that generates <script> and
<link> tags for JS and CSS files, and inserts automatically the Koha
version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable
Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
checking your browser's dev tools (there should be no 404 for JS and
CSS files, and the Koha version should appear in filenames) and the
server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies even more staff client acquisitions templates so
that JavaScript is included in the footer instead of the header.
To test, apply the patch and test the JavaScript-driven features of the
modified templates: All button controls, DataTables functionality, tabs,
etc.
- Acquisitions -> Vendor -> Vendor details
- Contracts datatable
- Edit vendor
- Add contacts, form validation
- Acquisitions -> Vendor -> Invoices -> Invoice -> "Go to receipt"
- Datatables, MARC and Card previews
- Transfer
- Confirmation of transfer, window closes
- Acquisitions -> Vendor -> Receive shipments
- Datatables, date pickers
- Acquisitions -> Available funds table -> Spent report
- Datatables
- Acquisitions -> Vendor -> Uncertain prices
- Datatables, form validation
- Acquisitions -> Vendor -> Basket -> Add to basket from external source
- Select and clear all on search form
- Search results
- Datatables, MARC and Card previews, in-table pop-up controls
(click any table cell)
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test
1. Hit the page /cgi-bin/koha/acqui/supplier.pl?op=enter
2. Add a text in the field Name that contains java script
3. Save the page.
4. Notice js is execute
5. Apply patch and reload the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In preparation:
Make sure you enter <script>alert("sth")</script>
in all fields of a new vendor that are not validated
and save.
1) Access vendor summary page.
2) Verify scripts are executed
3) Apply patch
4) Verify scripts are on longer executed
This works in combination with the other patches for XSS
on this bug.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
1. Hit the page /cgi-bin/koha/acqui/supplier.pl?op=enter
2. Add a text in the field company_postal, physical, company_fax,
accountnumber, contactposition, contact_fax, contact_notes, notes that contains java script
3. Save the page.
4. Notice js is execute
5. Apply patch and reload the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test
1. Hit the page /cgi-bin/koha/acqui/supplier.pl?booksellerid=xx
xx is a booksellerid
2. Apply the patch and reload the page.
3. You can see vendor name in browser title bar.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
Read the changes and make sure they make sense
Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Number of subscriptions: X subscriptions
Sound like we repeat "subscriptions"
Replaced with
Number of subscriptions: X
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Adding some subscription information to the vendor page
To test
- Search for a vendor, access profile
- Under Contact, Subscription details
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Fixed a missing </div>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Tax rates are stored in decimal(6,4) fields which means that 4 decimals
are allowed.
If a tax rate is 8.42%, it is stored as 0.0842
If a tax rate has more precision than that, Koha won't deal correctly
with it. We will need to update the DB structure.
With this patch, the tax rate will be displayed with the same precision
as in the DB. So if you enter 8.42, you will see 8.42% instead of 8.4%
without this patch.
Test plan:
Do a full acquisition workflow with a tax rate like 8.42% and confirm
that it is correctly displayed.
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch renames the variable according to the new DB column names
* gste => tax_excluded
* gsti => tax_included
* gstrate => tax_rate
* gstvalue => tax_value
This patch also modify the ModReceiveOrder subroutine:
* Edit vendor note on receiving is not possible, so the code should not
permit that.
* Update ModReceiveOrder to pass a hashref
And that's all!
git grep on gste, gsti, gstrate and gstvalue should not return any code
that can be executed.
Signed-off-by: Laurence Rault <laurence.rault@biblibre.com>
Signed-off-by: Francois Charbonnier <francois.charbonnier@inlibro.com>
Signed-off-by: Sonia Bouis <sonia.bouis@univ-lyon3.fr>
Signed-off-by: Sonia Bouis <koha@univ-lyon3.fr>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
With this patch it will be possible to send order information
to the vendor by e-mail. For now this feature can be triggered
manually with a button before closing the basket.
The order e-mail is based on the acquisition claim feature, but
uses a new notice template.
Test plan:
1) Vendors
A new checkbox "Contact when ordering?" was added to the vendor
page.
- Add a vendor and/or edit an existing vendor
- Verify the new option is saved correctly
- Verify the new option displays on the vendor summary page
after saving
2) Notices
The feature works with a new notice template: ACQORDER
It works with the same formatting/fields etc. as the acq claim
notice.
- Add a new notice template ACQORDER in module
'Claim/order aquisition'
- Make sure to use fields from the various offered tables
in your notice
- Verify it is saved correctly
3) Basket
- Turn on LetterLog system preference
- Create multiple order lines
- Click the 'Send order' button in the toolbar
- Verify error or success message
- Verify you received the e-mail
- Verify there is a new entry with about the sent
notice in your action_logs table
4) Regression testing...
- Verify order claims still work
- Verify serial claims still work
- Verify new serial issue notices still work
...
(I can provide additional test plans if needed)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
When edit or create a new vendor the two fields "email" and "website" don't test
if the data provided is right. When you add a direction like
"koha-community.org" without the protocol "https" the program redirect to an
404 error.
To reproduce the issue:
1-Go to Acquisition and create a new Vendor
2-Fill the field Website with koha-community.org
3-Use an email without at sing (@)
4-Notice that there is no error
5-Save
6-Go to the vendor created (/cgi-bin/koha/acqui/supplier.pl?booksellerid=1)
7-Click in Website: koha-community.org -> redirect to an 404 error
8-Notice the bad mailto:
To test:
-Apply patch
-Reproduce step 1 to 8 with the same vendor or create a new one
-Enter multiple wrong and valid urls
-Enter urls with and without protocols http, https, ftp
-Enter wrong and valid emails
NOTE: The classes used are taken from 'branches.tt'
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
no longer allows entering of improper website urls or incomplete email addresses.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch makes changes to Font Awesome icons in order to make icon
choice consistent for common actions.
<i class="fa fa-trash"></i> where something is deleted, removed, or
emptied.
<i class="fa fa-remove"></i> where an operation is cancelled (also where
selections are cancelled, as in checkboxes).
<i class="fa fa-times-circle"></i> for "close," as in baskets and
windows.
To test, apply the patch and view the following pages to confirm that
the correct icon is used:
- Acquisitions -> Vendor -> Vendor delete button.
- Acquisitions -> Vendor -> Edit -> Delete contact button.
- Acquisitions -> Invoices -> Delete menu item.
- Cataloging -> Edit record -> Authority search pop-up (triggered from
the tag editor for a tag linked to an authority) -> Clear field button
- Authorities -> Authority detail -> Delete button.
- Tools -> Quotes editor -> Quotes delete button.
- Reports -> View saved report -> Delete button.
- Reports -> Saved reports -> Delete menu item.
- Serials -> Subscription details -> Subscription close button.
- Administration -> Budgets -> Delete menu item.
- Administration -> Item search fields -> Delete button.
- Administration -> Z39.50/SRU servers -> Delete menu item.
- Catalog -> Advanced search -> Clear fields link.
- Cataloging -> Advanced editor -> Macros -> Delete macro button.
- Circulation -> Checkout -> Check out an item which is on hold for
another patron. "Cancel checkout and place hold" button now uses the
icon used elsewhere for holds.
- Course reserves -> Course -> Delete course button.
- Patrons -> Patron lists -> Add patrons -> Remove selected button.
- Acquisitions -> Suggestions -> Suggestion details -> Delete button.
- Lists -> List contents -> Remove selected button.
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
To test:
1) Go to Acqui -> find a vendor
2) On Vendor details page (supplier.pl) confirm that Contracts table now
has one column called Actions
3) Confirm that Edit and Delete show as buttons
4) Confirm that buttons don't wrap on a narrower browser
5) Click Contracts tab
6) Confirm Actions column, Edit and Delete buttons, and button's don't
wrap
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
According to https://jquery.com/upgrade-guide/1.9/#attr-versus-prop-
.attr() is no longer correct to access the checked state of a checkbox.
This patch do the following replacements:
.attr('checked') => .prop('checked')
.attr('checked, '') => .prop('checked', false)
.attr('checked, 'checked') => .prop('checked', true)
.attr('checked', boolValue) => .prop('checked', boolValue)
.removeAttr('checked') => .prop('checked', false)
.attr('checked') == 'checked' => .is(':checked')
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The staff client CSS is not language-specific, so it can be moved out of
the en/ directory and thus not be duplicated for every translation.
In order to be able to have a generic path to the YUI CSS files, the YUI
directory is moved by this patch to the staff client's lib/ directory.
To test, apply the patch and visit various pages in the staff client.
Look in particular at pages which include more than the standard CSS.
For example:
- The staff client login page.
- The staff client home page.
- Patron -> Set permissions.
- The advanced cataloging editor.
- Acquisitions -> Vendor -> Basket groups.
- Tools -> News -> Edit news.
- Administration -> System preferences.
Revised: I intended for this to be built on top of Bug 15883. Now it is.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
On top of 15883
Works as described, all pages on test plan
No Errors
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch fixes a regression introduced by bug 15084: The currency
dropdown lists are not correctly built.
The selected currencies are wrong.
Test plan:
Create a vendor, the selected currencies should be the default one
Edit the vendor, the selected currencies should be the ones defined for
this vendor
Create an order, the selected currency should be the 'List prices' of
the vendor
Edit an order, the selected currency should be the one defined for this
order
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
To test:
Apply patch and go to pretty much every page on the Intranet - look out
for labels on forms etc where there should be colons but aren't. If you
see any that I've missed but I'm 99% sure I got all of them! Make sure
to click through some forms where creating a new thing involves
continuing the submission on multiple pages.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Rebased on current master and checked all changed pages.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
If you click on a link that opens a new tab/window to another site, that tab
has access to the original window through JavaScript. The browsing context is
related, even if the domains are totally different.
The tab retains access to the original window's object via window.opener, even
if you navigate to another page or domain, in the new or original window.
Access to the Window object means the new window can use Window.location to
open a different URL in the original window, perfect for phishing attacks.
Depending on the site's Same-Origin Policy settings, the new window may have
access to other parts of the original window's DOM as well.
Any 'A HREF' that contains a target of of '_blank' or '_new' or a fixed name
is vulnerable. Previous security best practice often suggested creating a random
fixed name for an unpredictable namespace - that won't help with this problem!
Targets of '_self' and '_parent' are safe.
We do not use _new (at first glance) but several _blank. Some are used
to refer internal url, we do not need to update or remove them. Others
are used to satisfy OPACURLOpenInNewWindow, in these case, we should add
the rel="noreferrer" attribute to the a tags.
In other cases, we can simply remove them and let the users discover
that a mouse has more than one button (we are in 2016, they can do it!)
Signed-off-by: Chris <chrisc@catalyst.net.nz>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Most part of the code here is unnecessary complex. We should selected
the currency if it is selected, that's all :)
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
The "highlight" class on table rows is unnecessary since we have a CSS
rule which defines colors for alternating row colors. This patch removes
use of the "highlight" class from templates and removes the definition
from staff-global.css
To test, view the affected pages and confirm that the change has not
broken anything.
Acquisitions -> Vendor -> View basket
Acquisitions -> Late orders
Acquisitions -> Ordered
Acquisitions -> Vendor -> Receive shipment
Acquisitions -> Spent
Acquisitions -> Vendor details -> Contracts table
Administration -> MARC frameworks (comment removed only)
Administration -> Class sources
Authorities -> Authority search results
Catalog -> Bibliographic detail page -> Items -> View item's checkout
history
Catalog -> subject.tt (is this template used?)
Cataloging -> Cataloging search results
Patrons -> Patron account
Reports -> Patrons who haven't checked out
Reports -> Statistics wizards -> Patrons
Reports -> Top lists -> Most-circulated items
Reports -> Inactive -> Items with no checkouts
Reports -> Reports dictionary
Reports -> Statistics wizards -> Circulation
Reports -> Statistics wizards -> Holds
Holds -> Place a hold -> Existing holds table
Serials -> New subscription -> Search for a vendor -> Search results
Serials -> Check expiration
Serials -> Subscription -> Serial collection
Serials -> Subscription -> Serial collection -> Edit serials
Suggestions
Tags -> View tags -> View titles with a tag
Tools -> Manage staged MARC records -> Batch (I think the affected
section of this template is obsolete)
Tools -> Log viewer -> Log result
Lists -> View lists (May be broken by Bug 15916)
Note that if you search the templates for instances of a <tr> with a
"highlight" class you'll find two instances in slip templates which
refer to a class defined in printreceiptinvoice.css.
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Looks good. Haven't seen any regression.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
We should be using Font Awesome for our icons instead of Glyphicons, for
the reasons discussed on bug 13696.
Test Plan:
1) Apply this patch
2) Note all Glyphicons have been replaced with FA icons in the staff intranet
3) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/modules/
should give no results
4) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/includes/
should give no results
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
We need a follow-up to cover the files changes since this
patch was written. Especially to cover the changes in the
label creator modules.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes it possible to choose a particular contact for
acquisitions and serials claims. To test:
1) Select a contact to use for claiming late orders and a contact
to use for claiming late issues.
2) Send a claim for a late order and a claim for a late issue.
3) Note that the claims went out to the proper people.
4) Run the unit test with:
> prove t/db_dependent/Letters.t
5) Sign off.
Note: the claim messages are recorded in the logs in the *Acquisitions*
module, not the Letters module as you might expect
This patch also fixes several perlcritic violations and centralizes
contact-related unit testing in Bookseller.t.
Signed-off-by: Paola Rossi <paola.rossi@cineca.it>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This template-only follow-up tweaks the button labels and restructures
the vendor view layout a little bit to make it more amenable to multiple
contacts:
- Add spaces after button icons
- Change "Add contact" to "Add another contact" in hopes of making it
less ambiguous whether clicking it will submit the whole form.
- Eliminate duplicate headers on the vendor view page by making the
contact name the subheading for each individual contact.
To test, view details for vendors with one or more contacts, and try
editing to add additional contacts. Everything should look good and work
correctly.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Signed-off-by: Paola Rossi <paola.rossi@cineca.it>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
