Commit graph

5792 commits

Author SHA1 Message Date
48a1381554 Bug 29346: Avoid duplicate actions tests
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-05 11:17:36 -10:00
ad66e214bd Bug 29346: Highlight double enqueue
This patch highlights a possible issue with the triggers.. though it may
not actually matter in reality.

I appear to already see test failures before this patch with a double
enqueue of the rebuild for both AddIssue and AddReturn.. I couldn't spot
what was causing that but whilst digging I did find another case where
it could happen as highlighted here...

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-05 11:17:35 -10:00
1646d8be3e Bug 29346: Item action trigger
This patch makes the following actions trigger a holds queue rebuild for
the related biblio:

- Adding an item
- Updating an item
- Deleting an item

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Item.t
=> SUCCESS: Tests pass! Background job scheduled
3. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-05 11:17:35 -10:00
a6d501ad8a Bug 29346: Biblio actions triggers
This patch adds the trigger for the holds queue update on teh following
methods:

- C4::Biblio::DelBiblio
- C4::Biblio::ModBiblio

The ModBiblio use case could be improved by checking if itemtype is one
of the updated attributes... but it felt there was no way to do it
without some overhead. So I leave it as-is.

It also mocks the ->enqueue method in the tests that call DelBiblio and
ModBiblio to avoid breakages [1]

Tests are added to check the trigger is called.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Biblio.t
=> SUCCESS: Tests pass! It means the trigger is triggered :-D
3. Sign off :-D

[1] This breakages could be avoided if we solve Koha/BackgrounJob.pm:101
FIXME.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-05 11:17:35 -10:00
90b76521bf Bug 29346: Circulation actions triggers
This patch introduces triggers for real-time updating the holds queue at
check out and check in.

The following high-level methods are involved:

- C4::Circulation::AddIssue
- C4::Circulation::AddReturn

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Circulation_holdsqueue.t
=> SUCCESS: Tests pass! Triggers are triggered
3. Sign off :-D

Note: I put the tests on a separate file because the other one was too
big already.

Sponsored-by: Montgomery County Public Libraries
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-05 11:17:35 -10:00
b09d93b4e9 Bug 29346: Hold actions triggers
This patch makes several holds related actions schedule the background
job for real-time update of the holds queue.

This actions are:

- place (C4::Reserves::AddReserve)
- fill (Koha::Hold->fill)
- cancel (Koha::Hold->cancel)
- suspend (Koha::Hold->suspend)
- resume (Koha::Hold->resume)

The cancel() action is added a *skip_holds_queue* parameter to skip
triggering the background job entirely. It targets cases like
C4::Biblio::DelBiblio in which all biblio holds are cancelled in a loop.
In that case, we just want to cancel them and let a single backgroung
job take care of the holds queue, once the biblio is deleted.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Hold.t \
           t/db_dependent/Reserves.t
=> SUCCESS: Tests pass! Triggers are triggered
3. Sign off :-D

Sponsored-by: Montgomery County Public Libraries
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-05 11:17:35 -10:00
4e9d8bb297
Bug 30572: (QA follow-up) Fix failing unit test
We changed from 'null' being meainingful to using a tinyint and
explicitly requiring '0'.  This patch simply updates the unit test to
reflect that change.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2022-05-05 17:13:35 +01:00
b13b4aaa4f
Bug 30360: Add methods for dealing with the JSON payload
This patch adds high-level methods to handle the JSON payload
(de)serialization as needed. This allows devs implementing background
jobs to abstract themselves from the internals of the jobs handling.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/BackgroundJob.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2022-05-05 16:11:37 +01:00
38fdd82d27
Bug 30360: Add helper methods to Koha::BackgroundJobs
This patch adds some helper methods to ease writing background jobs, and
also making it more consistent/solid.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/BackgroundJob.t
=> SUCCESS: Tests pass. The methods have the expected behaviour.
3. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2022-05-05 16:11:36 +01:00
9374824bc5 Bug 30663: Add x-koha-override options to /suggestions
This patch adds the x-koha-override header parameter to the route that
is used to create suggestions, POST /suggestions.

The idea is that adding suggestions will be rejected under certain
conditions unless x-koha-override is passed with appropriate values. The
added overrides are:

* any
* max_total
* max_pending

Tests are added for the expected behavior.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2022-05-05 10:26:41 -03:00
cec899902e Bug 30663: Add Koha::Suggestions helper methods
This patch adds the following helper methods:

* filter_by_pending
* filter_by_suggested_days_range

This methods follow basically what's done in opac-suggestions.pl
I chose 'pending' as opposed to 'open' to follow what we use in the UI
which might be the case because of being more accurate for end users.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Suggestions.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2022-05-05 10:26:41 -03:00
79f57cf303 Bug 28998: (QA follow-up) Silence some useless warnings
This patch fixes the tests and also silences some useless warnings about
REMOTE_ADDRESS not being defined.

A test is added for a legit warning that is thrown.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-05-05 08:39:52 -03:00
8160b794c2 Bug 28998: Fix Auth.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2022-05-05 08:30:25 -03:00
3b6238af13 Bug 30180: (follow-up) Add temporary deprecation warning
This patch adds a temporary deprecation warning to let users know the
plugin needs to get updated before the next release.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Plugins/Holds_hooks.t
=> SUCCESS: Tests pass, warning is displayed
3. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 14:29:24 -10:00
141b817b93 Bug 30180: Unit tests
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 14:29:24 -10:00
08b046f69a Bug 30167: (follow-up) Compare dt objects
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 14:29:23 -10:00
8de0a02bd2 Bug 30167: (follow-up) Return a hash with soonest_renew_date
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 14:29:23 -10:00
4cf759259f Bug 30167: Return soonest renewal date when renewal is to soon
This patch adds an 'info' return param to CanBookBeRenewed and passes
the soonest renewal date when returning too_soon errors

To test:
1 - prove -v t/db_dependent/Circulation.t

Fix whitespace

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 14:29:23 -10:00
f300a7d363 Bug 28998: (follow-up) Check missing encryption key in script and module
Script prints a warning.
Module raises an exception.
Unit test added.

Test plan:
Run t/db_dependent/Koha/Encryption.t
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t
Remove entry and check script.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 05:18:31 -10:00
f62c485bb7 Bug 28998: Add encryption_key to the config file
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 05:18:31 -10:00
ff980555f3 Bug 28998: Adjust Selenium test
Test plan:
Run t/db_dependent/selenium/authentication_2fa.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 05:18:31 -10:00
b515208fa2 Bug 28998: (follow-up) Apply changes to TwoFactorAuth module and script
Test plan:
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t
Walk thru cycle register - logout/login - deregister - logout/login.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 05:18:31 -10:00
642d0daa7c Bug 28998: (follow-up) Add Patron->encode_secret and ->decoded_secret
Test plan:
Run t/db_dependent/Koha/Patron.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 05:18:31 -10:00
27c2100fe9 Bug 28998: Introduce Koha::Encryption
Test plan:
Run t/db_dependent/Koha/Encryption.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[AMENDED] Added copyright line to module.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-04 05:18:31 -10:00
cefb82be2c Bug 30536: Fix Query.t Unit Test
The stash_embed method no longer validates the query so this patch drops
the validation tests and instead just focuses on varifying the correct
output structure of the stash after the method call.

We have not lost validation however, it now happens only once at the
OpenAPI level and tests are present in t/db_dependent/api/v1/query.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-03 11:19:51 -10:00
384c9396f4 Bug 30536: Unit tests
This patch adds tests to make sure there's no behavior change regarding
error conditions. When requests include wrong x-koha-embed values, a 400
error should be returned, both in our original implementation or relying
on the Mojolicious::Plugin::OpenAPI features.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/query.t
=> SUCCESS: Tests pass
3. Apply the rest of the patches
4. Repeat 2
=> SUCCESS: Tests still pass
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-03 11:19:51 -10:00
48ae97e361 Bug 22785: Allow option to choose which record match is applied during import
This patchset adds the display of all matches found during import to the import management screen

A staff member with the permission to manage batches will be able to select for any individual record which match, or none, should be used during import

To test:
1 - Import a batch of records or export existing records from your catalog
2 - Import the file (again) and select a matching rule that will find matches
3 - Note that you now have radio buttons allowing you to select a record, or none
4 - Test scenarios:
    I - When 'Action if matching record found' is 'Ignore'
        a - Imported record ignored if match is selected
        b - 'Action if no match found' followed if no match is selected (Ignore matches)
    II - When 'Action if matching record found' is 'Replace'
        a - The chosen record is the one overlayed (you can edit the chosen record before importing to confirm)
        b - 'Action if no match found' followed if no match is selected (Ignore matches)
    III - When 'Action if matching record found' is 'Add incoming record'
        a - Record is added regardless of matches
5 - Confirm 'Diff' 'View' links work as expected
6 - Confirm that after records are imported the radio buttons to choose are disabled

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>

Bug 22785: API files

Signed-off-by: Ben Daeuber <bdaeuber@cityoffargo.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-03 11:19:50 -10:00
04c0413352 Bug 27344: Fix call to update_index with invalid ids
Can't use an undefined value as an ARRAY reference at /kohadevbox/koha/Koha/SearchEngine/Elasticsearch/Indexer.pm line 121.

Caught that when working on follow-up bug reports.

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-03 11:19:50 -10:00
6266474f87 Bug 27344: Fix tests
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-03 11:19:50 -10:00
31450d8f2f Bug 29894: Add Selenium tests for disable 2FA
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-02 11:22:58 -10:00
0988807436 Bug 29894: (QA follow-up) Get rid of send_confirm_notice
Chose here to fall back to $patron->queue_notice. Which is tested
already, so removing the additional test code.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-02 11:22:58 -10:00
279d9d62a3 Bug 29894: Send a confirmation notice
When registering or deregistering, send a confirmation.

Test plan:
Register or deregister with patron having email address.
Verify that you got a confirmation mail.
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-02 11:22:58 -10:00
d42cd2b629 Bug 29894: Add some exceptions to TwoFactorAuth module
Test updated accordingly.
Adding utf8 flag to CGI in staff script.

Test plan:
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-02 11:22:58 -10:00
7619b1662f Bug 29873: Add unit test
Test plan:
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended to reflect requested changes.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-02 11:22:58 -10:00
4352f855f8 Bug 22379: Unit tests for CancelHold service
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-05-02 11:22:57 -10:00
bbc0dbeb21 Bug 24001: (follow-up) Fix t_Profile.t
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-28 20:26:20 -10:00
83bd88e040 Bug 30576: (follow-up) Corrections to behaviour to reflect unit tests
The unit tests highlighted my original patch didn't cover the full
preference description.

We now replace the 'standard' option with the fields from the preference
and we also add those fields as options to the field selection in
advanced searches.

This patch also adjusts the tests to test for that and reflects the
expected changes to the number of options displayed in the select boxes.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-28 10:49:20 -10:00
e02e1cba5f Bug 30626: (QA follow-up) Fix test plan
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-28 10:49:20 -10:00
7148e222d5 Bug 30626: Fix test
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-28 10:49:20 -10:00
763bfaa55b Bug 30072: (followup) Fix random failure of Holds_hooks.t
When building Koha::Holds object,
do not let 'found' random otherwise it may take a valid value indicating
hold is found.

See other holds unit tests.

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-26 15:01:56 -10:00
cf8f7aafff Revert "Bug 28371: Unit tests"
This reverts commit 7e98a8a686.

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-25 20:52:28 -10:00
6d4ed3b70c Bug 30596: Prevent api/v1/acquisitions_baskets.t and api/v1/acquisitions_funds.t to fail randomly
because of updated_on

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-25 20:52:28 -10:00
7e98a8a686 Bug 28371: Unit tests
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-25 10:00:22 -10:00
c8199147b1 Bug 30595: Prevent update_child_to_adult.t to fail randomly
t/db_dependent/selenium/update_child_to_adult.t ..         # Looks like you planned 3 tests but ran 2.

    #   Failed test 'Update child to adult'
    #   at t/db_dependent/selenium/update_child_to_adult.t line 132.
    # Looks like you planned 3 tests but ran 2.
    # Looks like you failed 1 test of 2 run.
t/db_dependent/selenium/update_child_to_adult.t .. 1/1
 #   Failed test 'Update child to patron'
 #   at t/db_dependent/selenium/update_child_to_adult.t line 153.
Cannot wait more for element '//input[@type="submit"]' to be visible at /kohadevbox/koha/t/lib/Selenium.pm line 189.

It happens when there are too many patron's categories and the submit
button is not in the viewport.

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-22 10:02:52 -10:00
74792b35a8
Bug 28786: Fix 2FA selenium tests
Looks like there was a bad rebase at some point.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2022-04-22 15:40:21 +01:00
24db0479e6 Bug 30446: Add a test for GetTagsLabels
Moved from obsoleted bug 2222 on its own.

Test plan:
Run t/db_dependent/AuthoritiesMarc_GetTagsLabels.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-21 21:01:09 -10:00
d5e0bf50a1 Bug 30531: Add mock of UseRecalls to Search.t
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-21 21:01:09 -10:00
90971d01ed Bug 28786: Add tests for checkauth
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-20 20:43:15 -10:00
6eeb9bc1b3 Bug 28786: Two-factor authentication for staff client - TOTP
This patchset introduces the Two-factor authentication (2FA) idea in
Koha.

It is far for complete, and only implement one way of doing it, but at
least it's a first step.
The idea here is to offer the librarian user the ability to
enable/disable 2FA when logging in to Koha.

It will use time-based, one-time passwords (TOTP) as the second factor,
an application to handle that will be required.

https://en.wikipedia.org/wiki/Time-based_One-Time_Password

More developements are possible on top of this:
* Send a notice (sms or email) with the code
* Force 2FA for librarians
* Implementation for OPAC
* WebAuthn, FIDO2, etc. - https://fidoalliance.org/category/intro-fido/

Test plan:
 0.
  a. % apt install -y libauth-googleauth-perl && updatedatabase && restart_all
  b. To test this you will need an app to generate the TOTP token, you can
 use FreeOTP that is open source and easy to use.
 1. Turn on TwoFactorAuthentication
 2. Go to your account, click 'More' > 'Manage Two-Factor authentication'
 3. Click Enable, scan the QR code with the app, insert the pin code and
 register
 4. Your account now requires 2FA to login!
 5. Notice that you can browse until you logout
 6. Logout
 7. Enter the credential and the pincode provided by the app
 8. Logout
 9. Enter the credential, no pincode
10. Confirm that you are stuck on the second auth form (ie. you cannot
access other Koha pages)
11. Click logout => First login form
12. Enter the credential and the pincode provided by the app

Sponsored-by: Orex Digital

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-20 20:43:15 -10:00
e95dd5dc65 Bug 30204: Add unit test
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-20 20:43:15 -10:00