Signed-off-by: Eivin Giske Skaaren <eivin@sysmystic.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the staff client cart template so that
JavaScript is included in the footer instead of the header.
To test, apply the patch and test the JavaScript-driven features of the
cart: All button controls, DataTables functionality.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Correction for QA: Removed contditional around footer JS (from
copy-paste) because it will always be true.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds IDs to the item search results table header so that
columns can be targeted by CSS or JS. The CSS for the item search page
has been modified to give the title column a minimum width.
To test, apply the patch and clear your browser cache if necessary.
Perform an item search and confirm that the title column stays at a
reasonable width.
Signed-off-by: Dominic Pichette <dominic@inlibro.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Now that we have a check client-side, nothing prevents us from a smart guy to
bypass it and force an invalid password.
This patch adds two new subroutines to Koha::AuthUtils to check the
validity of passwords and generate a password server-side. It is used
only once (self-registration) but could be useful later.
Moreover the 3 different cases of password rejection (too leak, too
short, contains leading or trailing whitespaces) were not tested
everywhere. Now they are!
This patch makes things consistent everywhere and clean up some code.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The length of the passwords generated for a patron should not be as long
as the value of minPasswordLength.
It is the minimum required size of a password, not the maximum!
So let's fix it to 8 if the minPasswordLength if < 8, that sounds
reasonable and less risky for patrons.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Indeed if RequireStrongPassword is set we need at least 3 characters to
match 1 upper, 1 lower and 1 digit.
We could make things more complicated to allow minPasswordLength < 3
but, really, 3 is already too low...
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch removes a really ugly way to generate a password: the whole
template was sent and parsed to retrieve the "#defaultnewpassfield" node.
To avoid the password to be sent plain text it is certainly better to
generate it client-side.
The same kind of passwords will be generated: 0-9a-zA-Z
The while loop prevents to get an invalid generated password.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To validate password fields we need to use the validate jQuery plugin.
To make things reusable this patch adds a new include file
'password_check.inc' at the intranet and opac sides, it creates 3 new
validation methods:
- password_strong => make sure the passwords are strong enough according
to the values of the RequireStrongPassword and minPasswordLength prefs
- password_no_spaces => prevent passwords to be entered with leading or
trailing spaces
- password_match => make sure both password fields match
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patchset prevents users to enter too leak password, controlled by
a new syspref RequireStrongPassword. If set the staff and patrons will have
to enter a strong password.
The strongness cannot be modified, it has been arbitrarily set (by the
author of this enhancement) to at least 1 lowercase, 1 uppercase and 1
digit. This can be inforce by increasing the value of the existing
minPasswordLength pref.
I decided to turn this feature on, it cannot hurt! For existing installs
it will have to be turned on manually.
Writing these patches I found a lot of inconsistencies all around the
password checks and decided to refactor everything to make things
consistent and more robust.
Now the password validity is check at only one place (subroutine
covered by tests).
Test plan:
We have several places where a password can be change/created:
a. Editing a patron (members/memberentry.pl)
b. Changing the password of a patron (members/member-password.pl)
c. Changing your own password at the opac (opac/opac-passwd.pl).
OpacPasswordChange needs to be set
d. Reseting your own password at the opac
(opac/opac-password-recovery.pl). OpacResetPassword needs to be set,
see "Forgot your password?" link when you are not logged in
e. Self registration feature, PatronSelfRegistration needs to be set.
You will also need to add 'password' to PatronSelfRegistrationBorrowerMandatoryField.
Note that '****' is considered by Koha internally that the password is
not changed (existing behavior).
To fully test this patch you will need to test the different
combinations of RequireStrongPassword and minPasswordLength.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The SelfCheckoutByLogin lists 'Barcode' as an option, but this should be
Cardnumber. Especially since more and more libraries are using chip
cards instead of barcodes.
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Followed test plan again and patch still applies and works as expected.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Followed test plan and patch applies and functions as described
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
0) Do not apply the patch
1) Have some overdued checkouts in your database
2) Go to circulation -> overdues (overdues.pl)
3) Try to sort the overdues table by due date and notice it is sorted
alphabetically, not by date
4) Apply the patch
5) Try again and confirm, it is sorted by date
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
'Show all details' add columns on the basket summary page.
This link is broken if the basket is closed.
Indeed there is a JS error raised by $('#toolbar').fixFloat();
The toolbar is not displayed if the basket is closed.
This is caused by bug 12333, which added the floating toolbar.
Test plan:
Create 2 baskets with orders
Close 1 basket
Click on the 'show all details' links and confirm it works as expected
Also confirm that the toolbar works correctly
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Steps to reproduce:
1. Create a new basket
2. Choose "Add to masket"
3. Choose "From a staged file"
4. Select a file
5. Save without selecting a fund
Expected results: A validation error should be shown, and form submit
halted.
Actual results: No validation error is shown and form submits.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This adds a new basket attribute (create_items) that can optionally be
set to override AcqCreateItem.
The following have been modified to reflect this (with the value of
create_items that causes them to behave differently in parentheses):
* Cancelling receipt of an order (receiving)
* Creating an order by hand or from MARC (ordering)
* Receiving an order (receiving)
* Showing orders with uncertain price (ordering)
* Showing orders (receiving)
* Showing acquisition details in the OPAC (ordering)
Test plan:
1) Create baskets with "Create items when:" set to ordering,
receiving, cataloging and unset.
2) Test each of the above for each of these baskets, verifying that
the basket-specific attribute overrides AcqCreateItem if set and
falls back to the syspref otherwise.
NOTE: A check of AcqCreateItem in opac-detail.tt was removed because it
was redundant; the code path in question cannot be triggered unless
create_items/AcqCreateItems is set to the correct value anyway.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Barbara Fondren <bfondren@roundrocktexas.gov>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
- Fill the authorised values's category 'SUGGEST' with reason
- Edit a pending suggestion. Set the status to rejected
and select a reason
- Check the reason has been saved (i.e in the suggestions
table of rejected tab)
- Check in the corresponding message_queue that the reason
is here
- Re-edit the same suggestion
- Check that the correct reason is selected by defaut
- Edit an other pending suggetion. Set the status to rejected,
select other reason and fill the input text
- Re-edit the previews suggestion and make sure the input
"other" is displayed by default with the correct value
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Moves the location of the button in question to be below the framework selector
Test plan:
1. Go to Tools -> Stage MARC records for import
2. Upload a .mrc file and stage it for import
3. Click Manage staged records
4. Note that the import button appears above the framework selector
5. Apply patch
6. Refresh the window
7. Notice that the button has now moved to below the framework selector
Sponsored-By: CALYX information essentials
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
1) Insert some value to staffBaseURL preference, without starting http://
2) Apply the patch
3) Update database
4) Go to system preferences adminsitration, find the staffBaseURL
preference, the inserted value should be prepended with 'http://' and
the comment should be "This should be a complete URL, starting with
http:// or https://. Do not include a trailing slash in the URL. (This
must be filled in correctly for CAS, svc, and load_testing to work.)"
5) prove t/db_dependent/Auth_with_cas.t
6) prove t/db_dependent/selenium/basic_workflow.t
7) prove t/db_dependent/check_sysprefs.t
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Overdue rules do not save when a delay that is not an integer > 0,
without any warnings.
This patch forces the user to select a number > 0.
Test plan:
Without this patch applied, enter non-integer value or negative or 0
=> The rule will not be inserted without any warnings.
With this patch applied you will get an message from the browser and the
form will not save
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch changes the sequnce of form fields for card height and card width.
To test:
- Apply patch
- Edit or create a patron card template
- Verify that the fields display in sequence Page height - Page width -Card height - Card width
Followed test plan, worked as intended
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the release team for 17.11 to about template.
Test plan:
Check the changes with the wiki pages for 17.05 and 17.11.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch speaks for itself.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The explanation on list categories on the shelves form is removed.
The online help text is actualized.
Test plan:
Go to Lists in staff. Edit a list. The remarks about private and public
lists on the right side are gone.
Click Help. Read the adjusted text. Does it make sense?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
There are other scripts where the borrower variable is not defined and
the fields are passed one by one.
To have a consistent behaviour we should add the title at the different
places.
Note that this script also add the use of the include file for
statistics.tt and remove the pass of parameters to the template, already
done later:
99 $template->param(%$borrower);
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To look the same as OPAC.
To test:
1) Do a catalogue search in staff client that results in more than one
page
2) Notice pagination is only at the bottom
3) Apply patch and refresh page
4) Notice pagination is at top also
Sponsored-by: Catalyst IT
Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Have changed
my $last_page = $pages * ( $results_per_page - 1 );
to
my $last_page = ( $pages - 1) * $results_per_page;
which seems to fix the 'last' button offset! (Comment 10)
Will add the box to jump to a page in a separate patch.
Adding the pagination to the top on the staff client will be dealt with
in Bug 18916 as it is slightly out of the scope of this bug.
Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
See Comment 8.
Test:
When on first page of results, confirm that the 'First' and 'Previous'
buttons do not show. Confirm they come back on the second page and every
page after.
When on last page of results, confirm that the 'Last' and 'Next' buttons
do not show. Confirm they come back on all previous pages.
Check on both staff side and OPAC.
Sponsored-by: Catalyst IT
Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds first and last page buttons to the pagination at the
bottom of a page of catalog search results.
To test:
1) Apply patch
2) Do a number of searches
3) For each search, ensure that the first and last page buttons work as
expected
Sponsored-by: Catalyst IT
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If you hit the renewal limit on the renewal tab, the message gives you a
message like:
"Windows 8 / ( 50610018249545 ) has been renewed the maximum number of
times by Johnny Test ( 12345678 )"
And has a button that reads:
"Ignore and continue"
This button is misleading, as it may be interpreted as "ignore the limit
and continue to renew the item".
Signed-off-by: Dominic Pichette <dominic@inlibro.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
1. Place a hold on an item
2. Search for the patron who the hold is associated with
3. View the Hold(s) tab of the Checkouts page and notice there is a
column with the text 'Delete?' and a button below the table with the
text 'Cancel marked holds'
4. Apply patch
5. Notice that the column text described in step 3 now has the text
'Cancel?' and the button text is the same as it was in step 3
Sponsored-By: Catalyst IT
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
After order is deleted we don't have a vendor or basket so we get blank
breadcrumbs, this removes them
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan remains the same.
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1) Go to Acquisitions -> Find a vendor -> View a basket with orders in
it (or make a new basket and add an order)
2) Click Cancel order
3) Notice incomplete breadcrumbs, and 'Acquisition' typo
4) Apply patch and refresh page
5) Breadcrumbs should be fixed. Confirm links to vendor and basket work
as expected
Sponsored-by: Catalyst IT
Signed-off-by: severine.queune <severine.queune@bulac.fr>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
1 - Have a patron with guarantees
2 - Charge some fines to the guarantees
3 - View the patron
4 - Fines are displayed unformatted
5 - Apply patch
6 - Refresh
7 - Fines should now be formatted correctly
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When searching for a patron from the circulation tab, the results table
shows the date of birth unformatted.
Test plan:
Apply this patch, search for patrons in the circ tab and confirm that
the date of birth are correctly formatted according to the dateformat
syspref
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When CircSidebar is activated, "Transferred items" table at
Circulation -> Transfers goes under the sidebar. This patch fixes the issue.
To test:
1. Enable CircSidebar system preference
2. Go to cgi-bin/koha/circ/branchtransfers.pl
3. Enter a barcode and click submit
4. Observe transferred items table under the circulation side bar
5. Apply patch
6. Enter a barcode and click submit
7. Observe transferred items is now correctly displayed
8. Also test with CircSidebar system preference deactivated
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 19374: (follow-up) Remove stray closing div tag
To test:
1. Apply first patch and validate the document e.g. here
https://validator.w3.org/#validate_by_input
2. Observe "Stray end tag div." error
3. Apply this patch and validate again
4. Observe no errors
5. Go through test plan from first patch to make sure things still look nice
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: m23 <black23@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This syspref is going to be used for populating field 008, range 15-17
with a desired default. It is currently hardcoded to 'xxu'. If not set,
it will still fallback to 'xxu'.
Signed-off-by: m23 <black23@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Overview:
Repeat tag fails if authority field has select subfield (for example, UNIMARC 700$8, 800$a)
This patch adds Select2 to authority editor
Steps to Reproduce:
In authority editor repeat field that has select subfield
Actual Results:
Field does not repeat (copy is not created).
Console shows a js TypeError in cataloging.js: «$(...).select2 is not a function»
Expected Results:
Field will repeat (copy is created)
Additional Information:
Error happens in version 16.11+ after adding Select2 js functions. The easiest way to fix is to add Select2 to authority editor
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
