This patch modifies several administration templates to use the
Bootstrap grid instead of YUI.
This patch also removes obsolete "text/javascript" attributes from
<script> tags and "text/css" attributes from <style> tags in the
modified templates.
To test, apply the patch and view the following pages, confirming that
they look correct at various browser widths:
- Administration -> MARC frameworks -> MARC structure -> Subfields
- View and edit subfields
- Administration -> Record matching rules
- View and edit record matching rules
- Administration -> OAI sets configuration
- View and edit OAI sets
- Define mappings for an OAI set
- Administration -> Patron attribute types
- View and edit patron attribute types
- Administration -> System preferences
- Administration -> Z39.50/SRU servers
- View and edit servers
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
mechanism, it will be tedious
This patch:
- adds a Template::Toolkit plugin that generates <script> and
<link> tags for JS and CSS files, and inserts automatically the Koha
version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable
Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
checking your browser's dev tools (there should be no 404 for JS and
CSS files, and the Koha version should appear in filenames) and the
server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Allow translating two strings in the OAI set config:
"setDescription" and "Remove"
Test plan:
1) Go to Home -> Administrator -> OAI sets config -> Add a new OAI set
2) Click on "New set"
3) Click on "Add description"
4) Note the "setDescription:" and "Remove" -texts
5) Install patch, update language, translate the new strings
6) Redo 1-4, note how the strings in part 4 are now translated
Signed-off-by: Pasi Kallinen <pasi.kallinen@joensuu.fi>
Signed-off-by: Roch D'Amour <roch.damour@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the staff client catalog-related administration
templates so that JavaScript is included in the footer instead of the
header.
To test, apply the patch and test the JavaScript-driven features of
each modified template: All button controls, DataTables functionality,
tabs, etc.
Signed-off-by: Simon Pouchol <simon.pouchol@biblibre.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To Test
1. Hit the page /cgi-bin/koha/admin/oai_sets.pl
2. Click on New set
3. Add a text in the field setSpec, setName that contains js
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch is amended to use the sysprefs search on all Administration
pages that do not have their own custom search.
To test:
1) Go to Administration
2) Notice Catalogue search at the top - seems out of place.
3) Apply patch and refresh page.
4) Notice admin / sysprefs search now shows and is more appropriate.
5) Confirm searching for sysprefs still works
This patch affects the following pages:
- admin-home.pl
- audio_alerts.pl
- authtypes.pl
- auth_tag_structure.pl
- authorised_values.pl
- biblio_framework.pl
- marctagstructure.pl
- branch_transfer_limits.pl
- branches.pl
- checkmarc.pl
- classsources.pl
- columns_settings.pl
- didyoumean.pl
- edi_accounts.pl
- edi_ean_accounts.pl
- fieldmapping.pl
- item_circulation_alerts.pl
- items_search_fields.pl
- items_search_field.pl
- item_types.pl
- koha2marklinks.pl
- matching-rules.pl
- oai_sets.pl
- oai_set_mappings.pl
- patron-attr-types.pl
- smart-rules.pl
- transport-cost-matrix.pl
- sms_providers.pl
Sponsored-by: Catalyst IT
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In order to bring the OAI sets configuration template into compliance
with coding guideline JS9, this patch changes with way some JavaScript
events are handled by moving JS handling out of the HTML markup.
To test, apply the patch and go to Administration -> OAI sets
configuration.
- Create or edit a set.
- Test the "Add description" link. Clicking it should add a
description textarea.
- Test the "Remove" link associated with multiple description lines.
Click them should remove the corresponding textarea.
- Test that additions and removals are saved correctly.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To test:
1) Go to Admin > OAI Sets Configuration
2) Confirm button in dropdown now says 'Edit'. Click button
3) Confirm heading of page now says 'Edit' and says 'Edit' in breadcrumbs
Sponsored-by: Catalyst IT
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
There are links on the OAI sets administration page which can use Font
Awesome icons instead of being styled with background images. This patch
makes that change.
Another minor change: Added the "fa-fw" class to items in the "Actions"
menu which didn't have it. This helps the items line up correctly:
http://fortawesome.github.io/Font-Awesome/examples/#fixed-width
To test, apply the patches for Bugs 16014 and 15991 if necessary. Apply
this patch and:
- Go to Administration -> OAI sets configuration.
- Click the "New set" button and verify that the "Add description" link
uses a Font Awesome icon.
- Confirm that the "Add description" link works correctly.
- After adding a description, verify that the "Remove" link looks
correct and works correctly.
- From the list of OAI sets choose "Define mappings" from the "Actions"
menu.
- Confirm that the "Delete" button is styled correctly and works
correctly.
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
1) Apply Bug 16014 first
2) Go to Administration -> OAI sets
3) Confirm that the actions 'Modify', 'Delete' and 'Define mappings' have been moved into a drop-down menu and buttons behave as expected.
4) Confirm you are asked to confirm on 'Delete' as per Bug 16014
Sponsored-by: Catalyst IT
Signed-off-by: Nicole C Engard <nengard@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
A JavaScript alert should ask the user to confirm deletion of a OAI set.
Test plan:
Define a OAI set
Delete it
=> With this patch you should get a warning
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
We should be using Font Awesome for our icons instead of Glyphicons, for
the reasons discussed on bug 13696.
Test Plan:
1) Apply this patch
2) Note all Glyphicons have been replaced with FA icons in the staff intranet
3) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/modules/
should give no results
4) git grep "icon-" ./koha-tmpl/intranet-tmpl/prog/en/includes/
should give no results
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
We need a follow-up to cover the files changes since this
patch was written. Especially to cover the changes in the
label creator modules.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The form for adding a new OAI indicates that two fields are
required but does nothing to enforce this rule. This can be
handled client-side with HTML5 validation attributes and Koha's built-in
validation plugin. This patch implements this.
To test, apply the patch and go to Administration -> OAI sets
configuration -> New set. Try submitting the form without entering a
setSpec and/or setName. Doing so should trigger a validation warning.
Submission of the form with valid data should work correctly. Editing an
existing set should also work correctly.
Followed test plan. Patch behaves as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Passes all tests and QA script, works as described.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
This patch converts the toolbar on the OAI sets administration page to
Bootstrap, replacing YUI button code with Bootstrap markup.
To test, view the OAI sets administration page and confirm that the "New
set" button looks correct and works correctly.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Comment: Works and looks nice. No errors.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Works nicely, no problems found.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Revising OAI configuration interface to conform to
existing interface patterns:
- Properly-formatted form rows
- "clone" and "clear" links consistent with other
forms which use these conventions
- Improved title and breadcrumbs
- Standard save and cancel markup
New to the mappings interface: A "clear" button
to remove or empty the contents of a row. This replaces
the help text about emptying fields.
To test: view, add and edit OAI sets and mappings. Try adding
and removing multiple set descriptions and mappings.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
This is the first patch for bug 7760 and touches all pages in administration.
This adds a unique id "admin_<filename>" and a class "admin" to the body tag of
each page in administration.
Note: aqcontract can only be accessed from the acquisition module, so I made it acq
instead of admin.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
New sql tables:
- oai_sets: contains the list of sets, described by a spec and a name
- oai_sets_descriptions: contains a list of descriptions for each set
- oai_sets_mappings: conditions on marc fields to match for biblio to be
in a set
- oai_sets_biblios: list of biblionumbers for each set
New admin page: allow to configure sets:
- Creation, deletion, modification of spec, name and descriptions
- Define mappings which will be used for building oai sets
Implements OAI Sets in opac/oai.pl:
- ListSets, ListIdentifiers, ListRecords, GetRecord
New script misc/migration_tools/build_oai_sets.pl:
- Retrieve marcxml from all biblios and test if they belong to defined
sets. The oai_sets_biblios table is then updated accordingly
New system preference OAI-PMH:AutoUpdateSets. If on, update sets
automatically when a biblio is created or updated.
Use OPACBaseURL in oai_dc xslt
