This patch modifies several administration templates to use the
Bootstrap grid instead of YUI.
This patch also removes obsolete "text/javascript" attributes from
<script> tags and "text/css" attributes from <style> tags in the
modified templates.
To test, apply the patch and view the following pages, confirming that
they look correct at various browser widths:
- Navigate directly to /cgi-bin/koha/admin/printers.pl
- View and edit printers
- Administration -> Search engine configuration (or navigate directly
to /cgi-bin/koha/admin/searchengine/elasticsearch/mappings.pl
- Administration -> Circulation and fines rules
- Administration -> SMS cellular providers (enable SMSSendDriver or
navigate directly to /cgi-bin/koha/admin/sms_providers.pl)
- Administration -> Z39.50/SRU servers -> New SRU server -> Modify SRU
search fields mapping
- Administration -> System preferences -> Local use
- View and edit local use preferences
- Administration -> Transport cost matrix
- With UsageStats enabled, go to Administration -> Share your usage
statistics.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
mechanism, it will be tedious
This patch:
- adds a Template::Toolkit plugin that generates <script> and
<link> tags for JS and CSS files, and inserts automatically the Koha
version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable
Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
checking your browser's dev tools (there should be no 404 for JS and
CSS files, and the Koha version should appear in filenames) and the
server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates the template for printers administration according to
current interface guidelines.
- Custom JavaScript form validation is removed in favor of the built-in
form validation plugin.
- Printer-specific header search form is removed, along with server-side
pagination code. The functionality of both is now taken care of the
adding DataTables sorting and pagination to the table.
- Edit and delete links are styled as Boostrap buttons with Font Awesome
icons.
- Confirmation dialogs are updated to use Font Awesome icons.
To test properly you will need to add multiple printers.
- Apply the patch and open /cgi-bin/koha/admin/printers.pl (there is no
menu link for the page).
- When no printers exist you should see a message dialog saying so.
- Add a new printer. Confirm that printer name and queue are required
fields.
- After adding multiple printers, confirm that the table of printers is
correctly sorted and searched by the DataTables plugin.
- Delete a printer and verify that the confirmation dialog is correctly
styled.
Signed-off-by: Marc Véron <veron@veron.ch>
Update: rebased and updated Bootstrap 3 classes
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
We should be using Font Awesome for our icons instead of Glyphicons, for
the reasons discussed on bug 13696.
Test Plan:
1) Apply this patch
2) Note all Glyphicons have been replaced with FA icons in the staff intranet
3) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/modules/
should give no results
4) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/includes/
should give no results
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
We need a follow-up to cover the files changes since this
patch was written. Especially to cover the changes in the
label creator modules.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Some scripts pass a template variable to facilitate an alternate table
row class for styling. Other use the 'IF (loop.odd)' construction. I
think we're at the point where the CSS3 :nth-child() selector is
widely-supported enough that we can do without template-based solutions:
http://caniuse.com/#feat=css-sel3
This patch adds such a selector to the staff client CSS and removes the
corresponding template markup from Administration pages. The last in
this series of patches will remove the redundant CSS.
Also in this patch: a few minor markup corrections.
To test, apply the patch and clear your browser cache if necessary. View
the following pages and confirm that alternate table row highlighting
works as before:
- Administration -> Budgets
- Acquisitions -> Vendor -> Contracts
- Administration -> Budgets -> Budget -> Planning
- Administration -> Authority types
- Administration -> Authority types -> MARC structure
- Administration -> Authority types -> MARC structure -> subfields
- Administration -> MARC bibliographic framework
- Administration -> MARC bibliographic framework -> MARC structure
- Administration -> MARC bibliographic framework -> MARC structure -> Subfields
- Administration -> Libraries and groups
- Administration -> Cities and towns
- Administration -> Classification sources
- Administration -> Circulation and fines rules
- Administration -> Currencies and exchange rates
- Administration -> Item types
- Administration -> Koha to MARC mapping
- Administration -> System preferences -> Local use
- Administration -> Z39.50 client targets
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Several administration templates declare but do not use the JavaScript
function isDate(). This patch removes the declarations.
To test, apply the patch and search for instances of "isDate" in Koha
templates, includes, and JavaScript files. There should be no results.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
I'm not sure this function has ever been used.
This patch removes the toUC in tools/letter.tt too.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
toUC() is repeatedly declared on many administration templates. This
function, used to transform user input to uppercase, can be added to
staff-global.js to prevent repetition.
To test, confirm that transformation to uppercase is working on the
following Administration pages when text is entered in a form field and
focus is moved to the next field:
- Authority types -> New: Test the "Authority type" field.
- MARC bibliographic framework -> New framework: Test the "Framework
code" field.
- Patron types and categories -> New category: Test the "Category code"
field.
- Currencies and exchange rates -> New currency: Test the "Currency"
field.
- Item types -> New item type: Test the "Item type" field.
- Z39.50 client targets -> New Z39.50 server: Test the "Z39.50 server"
field.
The following pages do not call the toUC function despite the fact that
they included it:
auth_tag_structure.tt
printers.tt
roadtype.tt
stopwords.tt
systempreferences.tt
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
tools/letter.tt declares this js function and don't use it.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This patch converts the toolbar on the printers administration page to
Bootstrap, replacing YUI button code with Bootstrap markup.
To test, view the printers administration page and confirm that the "New
printer" button looks correct and works correctly.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Comment: Works well. No errors.
Off-topic: How do you access this page? I can't find a link
(tested using .../cgi-bin/koha/admin/printers.pl)
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works well, no problems found.
Accessed printers page manually: /cgi-bin/koha/admin/printers.pl
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This is the first patch for bug 7760 and touches all pages in administration.
This adds a unique id "admin_<filename>" and a class "admin" to the body tag of
each page in administration.
Note: aqcontract can only be accessed from the acquisition module, so I made it acq
instead of admin.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
