If it is undefined, there is no biblionumber.
If it is, we can safely assume that it has a biblionumber. Which
is the case for most biblio records, lol.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
When a 773 entry is not linked to another record using 773$w or
by using Easyanalytics, the title information would not display.
To test:
1. Activate the UseControlNumber system preference
2. Search for a record and make sure it has 001 set to some value.
3. Use Edit > Add child record to create an analytical record from this record.
4. Make sure 773$w was filled in and finish by adding any mandatory fields, save.
5. Add this record to your cart. Also add a 773$g with the pages or similar.
6. Create another record with 773$t and $g, but without $w.
7. Also add this record to your cart.
8. Look at the cart brief and full view in staff and OPAC.
9. Verify the In: source information only displays for the first record.
10. Apply patch
11. Veriy the In: source information now displays for both records on all 4 pages.
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch creates notices using Template Toolkit syntax for sending
emails containing cart and list contents.
To test:
1. Apply Bug 27266
2. Run update database and restart services
3. In the staff client, add multiple items to your cart and to a list
4. Go to your cart and click Send to email the contents
5. Add an email and a comment and click Send
6. Confirm the information shown in the success message is correct
7. In your terminal, log into the database. View the message queue ( i.e. select * from message_queue; ). Confirm that your email has been queued and the content is all correct. Confirm the cart contents has been included as an attachment.
8. Go to your list and click Send list to email the contents
9. Repeat steps 5-7
10. Log into the OPAC
11. Add multiple items to your cart and to a list
12. Repeat steps 4-9
13. By the end, you should have four emails in your message queue. All
of the data about the items should be correct, they should all have
attachments, and be addressed to the correct email address.
Sponsored-by: Bibliotheksservice-Zentrum Baden-Württemberg (BSZ)
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The emails sent for cart and list are plain text and any
<a> tag will be scrubbed by HtmlToText. So we can remove
those links.
This also solves an issue with the original patch set,
where the error below would appear on sending a cart or
list email from the staff interface:
Template process failed: file error - biblio_a_href: not found at /kohadevbox/koha/C4/Templates.pm line 127
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
We already use In: as label for 773 on the result lists and
detail pages and it's also recommended in the MARC documentation.
With this patch the label is the same everywhere.
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Also:
- Show related parts 773$g
- Normalise using 'Host item entry' as title
- Remove 'foreach' because non-xslt views only return first
- If no $w, use $atg, and related tests in
t/db_dependent/Koha/Biblio/host_record.t
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This enhancement adds information from a host item entry and a link if
applicable to the host record in the following places:
- staff client list
- staff client cart
- staff client send list email
- staff client send cart email
- staff client search results
- staff client detail page
- opac list
- opac cart
- opac send list email email
- opac send cart email
- opac search results
- opac detail page
To test:
1. apply patch, restart services
2. log into the staff client and enable the syspref EasyAnalyticalRecords
3. find a record with an item. take note of the barcode.
4. go to another record (biblio 2). click Edit -> Link to host record
5. enter the barcode in the input and submit.
6. click the MARC tab and confirm the host record has been linked under
MARC field 773.
7. add biblio 2 to your cart, and to a list.
8. go to your cart. confirm you see the 'host item entry' link.
9. click on 'more details' and confirm you see the 'host item entries'
link.
10. click 'send' to email the cart. confirm the email contains the host
item entry and the link sends you to the catalogue page for the record
in the OPAC.
11. go to the list you added the record to. confirm you see the 'source'
link for the host item entry.
12. click 'send list' to email the list. confirm the email contains the
host item entry and the link sends you to the catalogue page for the
record in the OPAC.
13. log into the OPAC. repeat steps 7 to 12 on the OPAC and confirm they
all pass as expected.
14. Confirm host item info also shows correctly on the
OPAC and staff client search results, and the OPAC and staff client
detail pages (where XSLT is used)
15. Delete the 773$w and confirm host item info still shows correctly
but no longer links to biblio
16. confirm tests pass t/db_dependent/Koha/Biblio/host_record.t
Sponsored-by: Bibliotheksservice-Zentrum Baden-Württemberg (BSZ)
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes changes the button markup in Catalog
templates -- including the Cart -- so that all submit buttons and any
buttons that should should be styled as primary buttons have the
Bootstrap class "btn btn-primary."
Edit: This revised patch changes the button styles on the search history
page to make them more consistent with buttons in similar interfaces
(see catalog search results).
The patch also adds Bootstrap size classes to the item detail page and
removes some global CSS which targeted buttons on that page.
To test, apply the patch and view pages the catalog to confirm
that everything looks correct. In most cases there are no visible
changes.
- Advanced search: The main search button at the top
- Search results: The "Search within results" submit button
- Bibliographic detail page: This change is to a hidden button. This
section can be removed in a separate bug.
- Bibliographic detail page -> Items: Various "Update" and "Set status"
buttons. Note that the alignment of buttons has not changed in the
redesign.
- Item search: The main search button at the top
- Search history (from the logged-in user's menu in the top right):
"Delete" buttons in each section
- Catalog -- Current and previous sessions
- Authority -- Current and previous sessions
- In the Cart popup window, click "Send." In the resulting popup, the
"Send button.
- The template basket/downloadcart.tt has been modified but I think the
template might be unused.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Why are we display with $raw?
Why are we display the location code instead of the AV's lib?
Bug 27272 is going to remove C4::Items::GetItemsInfo in favour of Koha::Items->search_ordered.
Here we are going to deal with basket/sendbasket
Test plan:
List items on the modified view and confirm that all the info is
displayed correctly
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 27272 is going to remove C4::Items::GetItemsInfo in favour of
Koha::Items->search_ordered.
Here we are going to deal with basket/basket.pl
Test plan:
List items on the modified view and confirm that all the info is
displayed correctly
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
And a few minor fixes when they where causing issues for
translatability.
And rephrased a string about password reset to have it identical to
other strings with the same meaning.
Simplified via wrapping strings with <span> to split to huge
concatenated strings with a lot of %s everywhere.
== Test plan ==
This patch needs mainly proof reading. Still it's possible to do some
basic testing to demonstrate that adding a <span> in an IF doesn't
break anything.
Pick in one of the 110 modified templates a string that you know how to
display. Otherwise:
1. acquisitions => vendor => basket => add to basket =>
search "from existing record" => add order
2. Cancel the order
3. You see without issue "Bibliographic record will not be deleted"
4. administration => Patron categories
5. Try to delete a used and unused category
6. You see as expected
Category XXXX is in use. Deletion not possible!
and
Confirm deletion of category XXXX
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Paul Derscheid <paul.derscheid@lmscloud.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Swapped the order of the page titles to have the unique information
first, i.e. the name of the specific page displays first, and the name of the website (e.g. Koha) displays at the end.
To test:
1) Apply patch
2) Ensure each of the files in the authorities, basket and batch folders are swapped around to display the most unique information first, and the website name is at the end
3) Ensure the pages displayed on the Staff Client that correspond to these files also display the changes
Sponsored-by: Catalyst IT
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Henry Bolshaw <bolshawh@parliament.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch moves the functionality contained in biblio-default-view.inc
into biblio-title.inc. biblio-title.inc can now be called with a "link =
1" parameter in order for the title to be displayed as a link which is
controlled by the IntranetBiblioDefaultView preference.
To test, apply the patch and test the affected pages, especially titles
linked to in breadcrumbs menus
Acquisitions:
- Add to basket -> From existing record -> Search
- Title in search results
Catalog:
- Search for a record
- Add record to cart
- Open cart
- Title in brief display
- Check that link opens the correct page in the main window
- View bibliographic record
- ISBD view
- MARC view
- Normal view
- Local cover image detail page
- Checkout history
- Request article
- Item details
- From the "Edit" menu -> Attach item
- Stock rotation rota
- Place hold
Cataloging:
- Cataloging search -> Search results
Circulation:
- Article requests
- Overdues with fines
- Overdues
- Holds queue
- Holds to pull
- Hold ratios
- Holds awaiting pickup
- Transfers to recevie
- Renew
- Batch checkout
Lists:
- View list contents
Patrons:
- View patron details
- Holds history
- Checkout history
Tools:
- Rotating collections
- View collection
- Add item
- Tags
- Click term to see titles tagged with that term
- Batch record deletion
- Submit batch
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch set attempts to replace all the <i> tags with <em> and all
the <b> tags with <strong> in the staff interface.
I attempted to get all the templates, includes, and xslt files.
To test:
1. Review the changes as best as possible, looking for mistakes.
2. grep for <i> and <b> in the modules, includes, and xslt folders. You should get nothing/
3. If you grep '<\/i>' you should only see instances of Font Awesome.
4. If you grep '<\/b>' you should only see instances where caret is used.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch removes the use of the jquery.checkboxes plugin from the
staff interface cart and replaces its functionality with "plain" jQuery.
To test, apply the patch and add some items to the Cart in the staff
interface.
- Open the Cart window in the staff interface by clicking the "Cart"
link in the header.
- Test that the "Select all" and "Clear all" links work correctly to
check and uncheck all checkboxes.
- Test that the "Remove" or "Place hold" controls work correctly,
applying to only the checked checkboxes whether they were checked
using "Select all" or by manually checking them.
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Unify and clean up subtitle usage so that it's always used as a simple array and not the old hash structure.
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes a number of changes in order to improve the way the
staff client's header menu adjusts at narrower browser widths:
- Updated version of Bootstrap 3.3.7 which includes the "collapse"
JavaScript plugin.
- Modified default Bootstrap CSS using Bootstrap's customization tool.
These changes facilitate the removal of some custom CSS (overriding
Bootstrap) from staff-global.scss.
- Added Bootstrap config file for loading customizations at
https://getbootstrap.com/docs/3.3/customize/
- Revised button classes for buttons in Bootstrap-styled toolbars.
The modified default CSS resets the base font size in Bootstrap to
better match our global CSS. A side-effect of this is that toolbar
buttons ended up looking smaller than they should. Changing the
button class solves this.
- Restructure the header menu in order to allow different rules to
govern the appearance of the navigational part of the menu
(Circulation, Search, etc) and the user menu (Set library, My
account, Log out).
- Modify the cart JS to so that the popup works well at narrow widths.
To test, apply the patch, regenerate the staff client CSS, and clear
your browser cache.
- Log in to the staff client and observe the layout of the header menu
as you adjust the browser to various widths.
- Confirm that sections of the menu "collapse" as the window gets
narrower.
- Confirm that dropdown menus behave correctly and that links work.
- Confirm that the Cart link works as expected when the cart empty
and when it has items.
- Install and enable multiple translations, including at least one
set of sub-languages (e.g. fr-FR and fr-CA).
- Test the appearance of the language menus in the footer at
various browser widths.
- View pages with button toolbars and confirm that they appear unchanged
(e.g. biblio detail page, patron detail page).
NOTE: While this patch is intended to make improvements to staff client
responsiveness, it does so within a limited scope. There are still many
pages which do not work well at narrower browser widths.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
In record detail page, item location is displayed with CSS using class "shelvingloc".
Many many places at intranet and OPAC can use this class.
It allows to change display in all places using CSS customisation.
This patch removes the CSS "display:block" for class "shelvingloc".
Some places where using "inline" to correct the display.
I think the display should not be managed in template.
So it will be inline by default and it can be changed by custom CSS, on all places or depending on a selctor.
Test plan :
1) Compile SCSS to CSS
2) Add to preferences IntranetUserCSS and OPACUserCSS : .shelvingloc { color:red }
3) Go to pages impacted by patch, be sure to look at cart with "more details"
4) You see item location italic and red
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Instead of dying!
Test plan:
Assuming you have a patron with borrowernumber=51 and another one that
can be deleted with borrowernumber=42
- authorities-home.pl
* Delete an authority record
* hit /cgi-bin/koha/authorities/authorities-home.pl?op=delete
- basket/sendbasket.pl
* Send a basket to someone
* hit /cgi-bin/koha/basket/sendbasket.pl?email_add=1
- members/apikeys.pl
* Generate and delete an API key for a patron
* hit /cgi-bin/koha/members/apikeys.pl?patron_id=51&op=delete
- members/deletemem.pl
* Delete a patron
* hit /cgi-bin/koha/members/deletemem.pl?member=42&op=delete_confirmed
- members/mancredit.pl
* Add a manual credit
* hit /cgi-bin/koha/members/mancredit.pl?borrowernumber=51&add=1
- members/maninvoice.pl
* Add a manual invoice
* hit /cgi-bin/koha/members/maninvoice.pl?borrowernumber=51&add=1
- members/member-flags.pl
* Change permissions for a patron
* hit /cgi-bin/koha/members/member-flags.pl?member=51&newflags=1
- members/member-password.pl
* Change the password for a patron (from the staff interface)
* hit /cgi-bin/koha/members/member-password.pl?member=51&newpassword=aA1
- members/memberentry.pl
* Edit some patron's info
* hit /cgi-bin/koha/members/memberentry.pl?borrowernumber=51&op=save
- members/paycollect.pl
* Pay an individual fine
* hit something like /cgi-bin/koha/members/paycollect.pl?borrowernumber=51&pay_individual=1&accounttype=L&amount=1.00&amountoutstanding=1.00&accountlines_id=157&paid=1
You may need to edit some values
- tools/import_borrowers.pl
* Import some patrons
* hit /cgi-bin/koha/tools/import_borrowers.pl?uploadborrowers=1
- tools/picture-upload.pl
* Upload an image for a patron
* You will need to edit the html content
hit Home › Tools › Upload patron images
then locate the csrf_token input and modify its value
Note for QA:
- Opac is not done as blocking_errors.inc does not exist for this
interface
- ill/ill-requests.pl
I did not manage to replace this occurrence
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch has been generated with the script provided on bug 21576.
It only affects variable used in the href attribute of a link *when*
href it the first attribute of the node (grep "a href")
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch changes the term ISO2709 in the templates to use
MARC instead.
Test plan:
- The term was changed on the following pages in staff:
- Advanced catalouging editor > Save to catalog
- Patron account > Check out (Activate ExportCircHistory) > Format
- Patron account > Check out > Help page
- Lists > Download list
- Acquisitions > Add order to basket > From a staged file (breadcrumbs)
- Administration > System preferences > ExportRemoveFields
- Cart > Download
- Tools > Export data > Output format
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch reindents the template for the staff client cart, basket.tt
- Trailing spaces removed
- Indentation changed to a consistent 4 spaces
- Markup indentation made more consistent
To test, apply the patch and add multiple items to the cart in the staff
client.
View the cart and confirm that it looks as it should both in the "brief"
and "more details" views.
HTML validation before and after the patch should return the same
results.
Signed-off-by: DEVINIM <kohadevinim@devinim.com.tr>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch updates the OPAC and staff client carts to use CSS to
control print output, removing a print parameter which was passed to the
script.
Currently, when you click "Print" on the OPAC basket, it navigates to
a new page and initiates window.print() followed by a
window.location.href change again. Unfortunately, due to differences in
IE, Chrome, and FF, it will either show the print options, navigate away
without showing them, or refuse to navigate away after printing. By
changing to using print CSS, we don't navigate away from the basket in
the first place, so we prevent this irregular behavior.
TEST PLAN
1) Apply the patch
2) Create an OPAC basket by clicking "Add to cart" on multiple items
3) Using Chrome, IE, and Firefox (of any version), click the "Print"
button
4) You should see the relevant print menu without the OPAC basket
re-loading in any way.
5) After printing is complete, you should still be on the OPAC basket
pop-up
6) Perform the same tests in the staff client
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
mechanism, it will be tedious
This patch:
- adds a Template::Toolkit plugin that generates <script> and
<link> tags for JS and CSS files, and inserts automatically the Koha
version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable
Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
checking your browser's dev tools (there should be no 404 for JS and
CSS files, and the Koha version should appear in filenames) and the
server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates a few catalog-related single-column templates to use
the Bootstrap grid.
- basket/basket.tt - The staff client cart. Add some items to the cart
and open the cart.
- catalogue/advsearch.tt - The advanced search page.
- catalogue/itemsearch.tt - The item search page, both the initial form
and the search results.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the staff client cart template so that
JavaScript is included in the footer instead of the header.
To test, apply the patch and test the JavaScript-driven features of the
cart: All button controls, DataTables functionality.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Correction for QA: Removed contditional around footer JS (from
copy-paste) because it will always be true.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds display of subtitles to the staff client cart.
To test you should have some values mapped to subtitle in Administration
-> Keyword to MARC Mapping.
1. Apply the patch.
2. Add some records to the staff client cart which have subtitles.
3. Open the cart and onfirm that subtitles display correctly in both the
brief and "More details" view.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Removes template var csrf_error and associated handling.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Restested with opac and intranet: Still sends or dies elegantly..
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
No need to send OPACBaseURL to the template, if you load the Koha TT
plugin inside the template.
Test plan:
Send a few items in your cart from OPAC and intranet.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If you have no (valid) token, you will not be able to send the message.
Test plan:
[1] Verify if you can still send the cart from opac and intranet.
[2] While still being logged in, try to send the cart from opac by
using the following URL:
/cgi-bin/koha/opac-sendbasket.pl?email_add=you@somedomain.com&comment=csrf_test&bib_list=doesnotmatter&csrf_token=justsomeguess12345
This should now result in a csrf error.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch makes several changes to the cart JavaScript and template. In
the template:
- Remove "onclick" attributes in favor of defining events in the
JavaScript.
- Add a [% BLOCK %] section for some repeated markup.
- Add some Font Awesome icons (I didn't add icons to all controls
because I thought it looked cluttered).
- Move the batch modification control out of the toolbar and into the
group of controls which affects selected records. I think this is a
logical grouping, and makes more sense than having a drop-down menu in
the toolbar with a single menu item.
JavaScript:
- Created separate "cart.js" file so that JS could be moved out of the
template without loading up basket.js with event functions which are
not needed on every page in the staff client.
- Fix JSHint errors.
To test, apply the patch and clear your browser cache if necessary.
- Add multiple items to the cart in the staff client and open the cart.
- Confirm correct functionality of these toolbar buttons:
- "More details" (and the corresponding "Show less")
- "Send"
- "Print"
- "Empty and close"
- Confirm the correct functionality of all the selection controls:
Select all, clear all, Remove, Add to a list, Place hold, Batch
modify, and Batch delete.
- Confirm that clicking any title in the cart opens the correct detail
page in the parent window.
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
https://bugs.koha-community.org/show_bug.cgi?id=1647
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
The staff client CSS is not language-specific, so it can be moved out of
the en/ directory and thus not be duplicated for every translation.
In order to be able to have a generic path to the YUI CSS files, the YUI
directory is moved by this patch to the staff client's lib/ directory.
To test, apply the patch and visit various pages in the staff client.
Look in particular at pages which include more than the standard CSS.
For example:
- The staff client login page.
- The staff client home page.
- Patron -> Set permissions.
- The advanced cataloging editor.
- Acquisitions -> Vendor -> Basket groups.
- Tools -> News -> Edit news.
- Administration -> System preferences.
Revised: I intended for this to be built on top of Bug 15883. Now it is.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
On top of 15883
Works as described, all pages on test plan
No Errors
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To reproduce:
- Add multiple subfields 856 u to a bilbio
- Add this biblio to a cart and send it as mail
(from Staff client and from OPAC)
Result: Links in mail body are broken
To test
- Apply patch
- Send carts again (from Staff client and from OPAC)
- Result: In mail body, links display separated with blank-pipe-blank
like http://bla.com | http://blabla.com | http://blablabla.com
- Change one of the 856 u to not to be a link, e.g. äöü
- Send carts again
- Verify that in mail body äöü correctly display as text.
(Amended to make it work for OPAC as well, MV)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
If you click on a link that opens a new tab/window to another site, that tab
has access to the original window through JavaScript. The browsing context is
related, even if the domains are totally different.
The tab retains access to the original window's object via window.opener, even
if you navigate to another page or domain, in the new or original window.
Access to the Window object means the new window can use Window.location to
open a different URL in the original window, perfect for phishing attacks.
Depending on the site's Same-Origin Policy settings, the new window may have
access to other parts of the original window's DOM as well.
Any 'A HREF' that contains a target of of '_blank' or '_new' or a fixed name
is vulnerable. Previous security best practice often suggested creating a random
fixed name for an unpredictable namespace - that won't help with this problem!
Targets of '_self' and '_parent' are safe.
We do not use _new (at first glance) but several _blank. Some are used
to refer internal url, we do not need to update or remove them. Others
are used to satisfy OPACURLOpenInNewWindow, in these case, we should add
the rel="noreferrer" attribute to the a tags.
In other cases, we can simply remove them and let the users discover
that a mouse has more than one button (we are in 2016, they can do it!)
Signed-off-by: Chris <chrisc@catalyst.net.nz>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
A simple regex is added to the basket and detail templates to select the
URLs passed separately from MARC21 555$u by GetMarcNotes. Note that the
regex tests if a note starts with http:// or https:// and does not contain
any whitespace in order to be considered as a url.
These URLs are put in an anchor tag.
This touches four places:
[1] opac detail, tab title notes
[2] catalogue detail, tab Descriptions
[3] opac basket, more details, notes
[4] staff basket, more details, notes
Test plan:
[1] Edit a record. Add a 500$a, 555$a and a URL in 555$u.
Put "http://this is not a url" in the 500$a (whitespace!).
[2] Check opac-detail, tab Title Notes. Check the URL.
[3] Do the same for catalogue/detail.
[4] Add record to cart in OPAC. Open basket. Check More details.
[5] Repeat previous step in staff.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Revert "DBRev to make notes of the XSS patches and the new important dependency."
This reverts commit e140603a59.
Revert "Bug 13618: Specific for branches.opac_info"
This reverts commit 06e4a50f00.
Revert "Bug 13618: (follow-up) Specific for other prefs"
This reverts commit d6475a111f.
Revert "Bug 13618: Fix for debarredcomment and patron messages"
This reverts commit dd98c9df92.
Revert "Bug 13618: Do not display html tags in patron's notices"
This reverts commit a065b243fe.
Revert "Bug 13618: Do not display and html tags in item fields content"
This reverts commit baeeaffbf8.
Revert "Bug 13618: Fix for system preference description"
This reverts commit a967a09261.
Revert "Bug 13618: Remove html filters for newly pushed code"
This reverts commit 0e98662b10.
Revert "Bug 13618: (follow-up) add missing lines for opac-shelves"
This reverts commit fc2fb605e5.
Revert "Bug 13618: (follow-up) Specific for ColumnsSettings"
This reverts commit bc308fdd9c.
Revert "Bug 13618: Fix for edit biblios and items"
This reverts commit 811c4e8402.
Revert "Bug 13618: followup to remove tabs"
This reverts commit ca8e8c397c.
Revert "Bug 13618: Fix last occurrences recently introduced to master"
This reverts commit bb417b256b.
Revert "Bug 13618: Fix for news"
This reverts commit ae5b98020a.
Revert "Bug 13618: Fix escape on sending baskets or shelves by email"
This reverts commit a7731ffe25.
Revert "Bug 13618: Specific for XSLTBloc"
This reverts commit 11fa38dc29.
Revert "Bug 13618: Specific for Salutation on editing a patron"
This reverts commit 36c07ad6d3.
Revert "Bug 13618: Specific for other prefs"
This reverts commit e6ea281a3b.
Revert "Bug 13618 - memberentrygen.tt errors Not a GLOB reference"
This reverts commit 7824874557.
Revert "Bug 13618: Specific for ColumnsSettings"
This reverts commit 1834da3da3.
Revert "Bug 13618: Specific for IntranetUser* and OPACUser* prefs"
This reverts commit 21ae62b253.
Revert "Bug 13618: Fix error 'Not a GLOB reference'"
This reverts commit 602bdbab4c.
Revert "Bug 13618: Specific for the ISBD view"
This reverts commit d254362435.
Revert "Bug 13618: Specific for pagination_bar"
This reverts commit 8837a8ae68.
Revert "Bug 13618: Specific places where we don't need to escape variables - intra"
This reverts commit 00eff140b3.
Revert "Bug 13618: Remove html filters at the intranet"
This reverts commit 7db851ff03.
Revert "Bug 13618: Specific places where we don't need to escape variables"
This reverts commit 49a3738b8d.
Revert "Bug 13618: Remove html filters at the OPAC"
This reverts commit cedaa0e23e.
Revert "Bug 13618: Use Template::Stash::AutoEscaping to use the html filter"
This reverts commit 01b38d3b13.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Test plan:
Send baskets and shelves by email.
With or without this patch, you should not see any changes.
Signed-off-by: Signed-off-by: Joonas Kylmälä <j.kylmala@gmail.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Same icons don't appear to exist for Font awesome.
Replaced with fa-folder and fa-folder-open for now.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Noticed that an icon was missing in the templates.
Replaced fa-remove-sign with same-looking fa-times-circle.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>