Commit graph

43522 commits

Author SHA1 Message Date
42d1bc3d49 Bug 29363: Fix TestBuilder.t if bib 123 does not exist
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-29 09:59:29 +02:00
20078affb9 Bug 28959: DBIC update
Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:47:47 +02:00
900bd815d1 Bug 28959: DBRev 21.06.00.039
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:47:46 +02:00
d821cf9c9c Bug 28959: Fix other cases
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:47:38 +02:00
35d03d6cf6 Bug 28959: (follow-up) Adjust more places in which 'category' was used
Some links still had category.

I propose we use explicit public=1 and public=0 when links to public/private are side by side.
Otherwise whe just use /cgi-bin/koha/opac-shelves.pl?op=list using default value 0.

Signed-off-by: David Nind <david@davidnind.com>
JK: Adjust commit title
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:47:38 +02:00
adc3772204 Bug 28959: (follow-up) Adjust all places in which 'category' was used
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:47:38 +02:00
0c72031539 Bug 28959: Add virtualshelves.public as a boolean
This patchset moves the 'category' attribute for virtual shelves, that
takes values of 1 and 2 (private and public respectively) into a boolean
for public.

The DBRev is trivial, and the changes to the code are as well.

To test:
1. have some known public and private lists
2. Apply this patches
3. Run:
   $ updatedatabase
=> SUCCESS: Public lists have public=1, private have public=0
4. Run:
   $ kshell
  k$ prove t/db_dependent/Utils/Datatables_Virtualshelves.t \
           t/db_dependent/Virtualshelves.t
=> SUCCESS: Tests pass!
5. Try the feature in staff and OPAC
=> SUCCESS: All good
6. Sign off :-D

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:47:38 +02:00
d38be59a48 Bug 28959: Move category => public
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
c9fc07aee3 Bug 29290: Unit tests
This patch adds unit tests for the new route. All behaviors are tested:

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/biblios.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
8fdd52b17c Bug 29290: Add GET /biblios/:biblio_id/checkouts
This patch adds the required controller method.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
d46492ac23 Bug 29290: Rename relationships borrower => patron
This is a trivial change that is required to be able to embed patron
objects in the (old) checkout object.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
6ff32002da Bug 29290: Add spec changes
This patch adds the new route. It also tweaks the checkout object
definition to allow embedding the required related objects (for bug 29275).

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
84f5167108 Bug 29288: Add current_checkouts and old_checkouts methods to Koha::Biblio
This patch adds helper methods for accessing current and past checkouts
for a given Koha::Biblio object.

To test:
1. Apply the unit tests
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Biblio.t
=> FAIL: Methods are not implemented
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
ca5781d795 Bug 29288: Unit tests
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
1f3b63261e Bug 29108: Add q parameters to items routes
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
f5ee8ced57 Bug 29107: Rename item_type => item_type_id
This simple change renames the attribute in the item object API
representation.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass
2. Run:
   $ git grep 'api/v1/items'
=> SUCCESS: The items routes are not (yet) used in Koha
3. Run:
   $ cd koha-tmpl
   $ git grep --name-only '"embed"'
=> SUCCESS: Only two templates are using embed.
4. Check:
   - register.tt uses it to embed the manager, good
   - parcel.tt uses it to embed items. Alert.
=> SUCCESS: parcel.tt only uses a count on items. No item_type involved.
5. Sign off

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
9ef23bb642 Bug 27358: Add GET /public/biblios/:biblio_id/items
This patch introduces a route to fetch items belonging to a biblio. It
is expected to return the 'public' representation of the Koha::Item
objects.

It is also enforcing the visibility rules, by using
Koha::Items->filter_by_visible_in_opac.

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/biblios.t
=> SUCCESS: Test pass and they cover all the cases!
3. Try your favourite REST tool against the new route.
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
f907070116 Bug 27358: Unit tests for public items retrieval
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
fde97d3969 Bug 28948: Fix random failure
This patch makes the query for randomly generated libraries
deterministic, thus getting rid of the random tests failures.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
4a1d841e44 Bug 28948: Don't require catalogue permission for public route, don't allow smtp server embed
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
bc22185625 Bug 28948: Remove query params, 'q' param covers everything needed
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
e0de8364b7 Bug 28948: Remove FIXME
This patch reproduces what we did for `to_api_mapping`: make it always
present on Koha::Object classes. This has the side-effect of... making
things more secure!

Before this patch, if undefined, all attributes were returned.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
31e9ccfe70 Bug 28948: (QA follow-up) Convert to allow-list
This patch converts the code to use an allow-list as aposed to a
deny-list.  This is more 'fail safe' than requireing maintanence of a
deny-list.

We also switch to using db fields names for the list as aposed to api
mapped names. This way, the list can be re-used for non-api related
sanitising if required.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
c56b2db564 Bug 28948: Add GET /public/libraries routes
This patch introduces a route to fetch a list of libraries or a single
library as expected on the /public namespace. It is expected to return
the 'public' representation of the Koha::Library objects.

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/libraries.t
=> SUCCESS: Test pass and they cover all the cases!
3. Try your favourite REST tool against the new route.
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
7647d51478 Bug 28948: Teach objects.search about public requests
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
9b2226a649 Bug 28948: Make is_public stashed on public routes
This patch makes the API authentication code stash the 'is_public' value
when public routes are hit.

This will be particularly useful to have $c->objects->search generically
pass this info down to the ->to_api method.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> SUCCESS: Tests pass! When a public route is reached, the controller
has the 'is_public' value stashed
3. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
f6c2147ec7 Bug 28948: Add a generic way to handle API privileged access attributes deny-list
This patch introduces a way for Koha::Object(s)->to_api to filter out
attributes that require privileged access. It is done in a way that the
'public' parameter is recursively passed to nested objects in recursive
to_api() calls.

This way, Koha::Object-based classes can determine how they will render
depending on this parameter. For example, for implementing a
route for fetching an library looks like:

GET /libraries

The controller will look like:

my $library = Koha::Libraries->find( $c->validation->param('library_id') );
return $c->render(
    status  => 200,
    openapi => $library->to_api
);

Implementing an unprivileged (public) route would look like:

GET /public/libraries/:library_id

The controller will look like:

my $library = Koha::Libraries->find( $c->validation->param('library_id') );
return $c->render(
    status  => 200,
    openapi => $library->to_api({ public => 1  })
);

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Object*.t
=> SUCCESS: Tests pass (i.e. current behaviour is kept, new behaviour
        passes the tests)
3. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
e68f715340 Bug 17314: Implement /suggestions routes
This patch introduces routes to handle purchase suggestions, from the
staff POV.

Tests are added as well.

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/suggestions.t
=> SUCCESS: Tests pass! And they are meaningful!
3. Play with your favourite REST tool (Postman?)
4. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
8cc404b651 Bug 17314: OpenAPI spec
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
acdba5165f Bug 17314: Unit tests
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
370a79648d Bug 17314: Make TestBuilder set good defaults for Suggestions
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
16e988301c Bug 28859: Correctly handle 'Checked out by' visibility
We must have the column in the table and let DT deal with the
visibility.

This patch hides the "Checked out by" column by default if
RecordStaffUserOnCheckout is off, but the DT column settings is aware of
its existence and the end user can still display the column.

IMO that's the most optimal situation considering both maintenance and ergonomic.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
Andrew Isherwood
a8a7ce3717 Bug 28859: Fix missing column setting
This commit adds the missing checked_out_by column to
columns_settings.yaml

Test plan:

- Follow the test plans in the bug description and note that the
symptoms are no longer seen

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
712be5b41f Bug 29229: (follow-up) Update method for linking flatpickr fields
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
675224ebc9 Bug 29229: Use Flatpickr in suggestion search sidebar filter
This patch corrects the date field configurations for the suggestions
sidebar filter. These fields are now linked Flatpickr widgets instead of
jQueryUI datepickers.

To test, apply the patch and go to Suggestions.

- In the sidebar, click "Suggestion information" to expand the form.
- Test these linked date fields:
  - "Suggested date from" and "to"
  - "Managed date from" and "to"
  - "Accepted by from" and "to"
- Each should trigger Flatpickr calendars which are linked, i.e. you
  can't select a "to" date which is before a "from" date.
- Test that the dates submit correctly to filter as expected.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
204ded1950 Bug 29261: (bug 15812 follow-up 2) Fix translation issue in include file
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 17:32:34 +02:00
67398811d4 Bug 29301: Display error with serials search flatpickr when searching Mana
This patch changes the way certain serials search fields are hidden when
a standalone search of Mana is being performed (from the "Search on
Mana" link). Instead of targeting specific labels and inputs to hide we
can hide list items by class.

Unrelated: This patch updates the page heading so that it is different
depending on whether you're searching Koha subscriptions or Mana
subscriptions.

To test, apply the patch and enable Mana.

- Go to Serials -> Advanced search (in the search header).
- The search form should include all fields, including call number,
  vendor, library, location, and "Expires before."
- Click "Search on Mana" in the sidebar.
- This page should have the heading "Mana subscriptions search," and
  there should only be three fields visible: ISSN, Title, and Publisher.
- When you perform a Mana search which returns results the page should
  have the heading "Mana subscriptions (X found).

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:28:33 +02:00
4d1bed2b60 Bug 29299: (follow-up) Add markup comments
This patch adds comments to the template to highlight the markup
structure.

This patch should have no effect on the page's appearance or
functionality.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:28:33 +02:00
42158f3c06 Bug 29299: Reindent serials search template
This patch updates the serials search template to give it consistent
indentation.

The patch also moves one section of markup: The <tfoot> section is moved
to after <tbody> in order to conform to current standards.

To test, apply the patch and go to Serials -> Search subscriptions (in
the header).

- Serials search should work correctly and the page should look correct.
- With Mana enabled, click on the "Search on Mana" link in the sidebar.
- Searches of Mana should work correctly too.
- If you view the diff while ignoring whitespace the only changes should
  be the move of <tfoot> and places  where line breaks were introduced.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:28:33 +02:00
3e5046a029 Bug 28613: Add missing parameters to objects.search-based routes
The objects.search helper provides convenient ways to paginate and a 'q' filter parameter to build complex queries on this Koha::Objects-based routes.

Some routes were created prior to this feature getting introduced. We need to adjust the parameters for all existing objects.search-based routes.

This patch adds that.

The only GET (as in list) routes that would still be missing the
parameters are those about ILL, that are not objects.search based, and
probably need to be rewritten.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:28:30 +02:00
da285c5255 Bug 29300: Add 22.05 release team to teams.yaml
Add the 22.05 release team.

Test plan
1/ Check against
   https://wiki.koha-community.org/wiki/Release_Teams

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:21:23 +02:00
deea41e9ef Bug 29218: Rename .hidden class for DT visibility
.hidden get the CSS that interferes with DT behaviour

.hidden {
    display: none !important;
}

Test this patch with bug 28859.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:20:12 +02:00
de6a373126 Bug 28349: (bug 26234 follow-up) Correct wrong array merge
Bug 26234 allowed to remove the different classes we use in aoColumnDefs
for sorting columns of table using DT.

However there is a terrible mistake, the merge of existing aoColumnDefs
array with the default one is totally wrong:
  $.extend(true, new_parameters, default_column_defs);
When we actually wanted to do:
  $.extend(true, new_parameters["aoColumnDefs"], default_column_defs);

But it's still wrong, extend is doing a deep copy and the array will be
replaced by the other one, whereas we want to append.

We want to merge default_column_defs with the existing aocolumnDefs,
this patch is doing it explicitely.

This bug only exists when there is an existing aocolumnDefs.

See commit d3f3a55e0b
It happens on:
 * cataloguing/z3950_search.tt
 * reports/guided_reports_start.tt
 * serials/subscription-detail.tt
 * opac-course-reserves.tt
 * opac-detail.tt

However this bug has been hidden as we have in master related bug from
bug 27945, which removes title-string.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:16:37 +02:00
5b09620287 Bug 29272: (QA follow-up) Category setup overrides syspref
This patch removes an early short-circuit we had, which wasn't correct
regarding the OpacPasswordChange syspref. If a patron category is
allowed to change password, it overrides the syspref.

To test:
1. Tests still pass.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:16:37 +02:00
d91d813e5c Bug 29272: Make public password changing honour category constraints
This patch makes the public API routes validate
$user->category->effective_change_password before allowing the change.

To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/patrons_password.t
=> FAIL: Tests fail, it allows the first change instead of returning
         403.
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:16:37 +02:00
81ec1ad5b5 Bug 29272: Regression tests
This patch introduces regression tests for the described bug.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/patrons_password.t
=> FAIL: Tests fail, excepted failures are considered success

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:16:37 +02:00
0b78011d8c Bug 26374: update from bug 19974 is not idempotent
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:16:37 +02:00
7948b429d1 Bug 29332: Set default library limits in search_for_display
Koha::AdditionalContents->search_for_display needs to filter to just
items with a 'null' branchcode if no library_id is passed.

Test plan
1/ Add some additional content blocks that should display only for
specific branches.
2/ Navigate to the OPAC and note that blocks display for all libraries
prior to login
3/ Login to the OPAC and note that now you only see you users library
block
4/ Apply the patch
5/ Repeat steps 2 and 3 and note that now you see only the 'All
libraries' blocks display prior to login and that 'All libraries' +
'Your users library' blocks appear after login.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:16:37 +02:00
f1780f02f2 Bug 29332: Unit tests
This patch adds unit tests to ensure we do not leak branch specific
addtional contents blocks outside of logged in sessions (i.e. where a
users branch is not yet set).

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:16:37 +02:00
c70de8c530 Bug 28445: Add diag for failing test
Temporary patch to help trying to fix the following random error:
     #   Failed test 'Item types should be sorted by description and an empty entries should be shown'
     #   at t/db_dependent/Koha/UI/Form/Builder/Item.t line 121.
     #     Structures begin differing at:
     #          $got->[12] = 'Be9T9FH5aO'
     #     $expected->[12] = 'REF'
     # Looks like you failed 1 test of 2.

 #   Failed test 'itemtypes'
 #   at t/db_dependent/Koha/UI/Form/Builder/Item.t line 130.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-28 12:16:37 +02:00