Signed-off-by: andrew.isherwood@ptfs-europe.com
Bug 18591: (QA follow-up) Fix merge error in kohastructure.sql
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
uk-UA was wrong.
We should use the same file for all languages
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
To test:
1 - Confirm if you do or do not have 'phone' transports defined in the
message_transports table
2 - Apply patch
3 - Run updatedatabase
4 - If you didn't have them you should now
5 - Run updatedatabase again, confirm it doesn't error
6 - sudo koha-mysql kohadev
7 - DELETE from message_transports WHERE message_transport_type =
'phone'
8 - Run updatedatabase again
9 - Confirm the message transports table is restored
10 - Drop your DB (or reset_all in kohadevbox)
11 - Ensure the table is fully populated including phone notices
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch adds a 'description' column to the creator_batches table. The
description for a batch can be added and updated using ajax.
To test:
1) Apply patch and update database (you will have to restart memcached)
2) Go to Tools -> Patron card creator -> Manage batches
3) There should now be a Description column next to Batch ID. This
will be empty (as none of the batches have descriptions yet)
4) Click Edit for any batch
5) Notice new Batch description text field. Enter a description for
the batch in here and click Save description. Some text should show
saying the description was saved.
6) If you go back to the manage batches page, the description should
now show under the Description column.
7) Go to Tools -> Label Creator -> Manage labels
8) Repeat steps 3 to 6
Sponsored-by: Catalyst IT
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch adds a new column __max_holds_per_day__ to the issuingrules table.
It's going to be used to set a daily limit for holds.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Test Plan:
1) Ensure dependancies are applied
2) Apply this patch
3) Update your CHECKIN notice to match the following:
The following items have been checked in:
----
[% biblio.title %]
----
Thank you.
3) Generate a CHECKIN notice for a patron
4) Note there is no change to the generated notice
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Test Plan:
1) Ensure dependancies are applied
2) Apply this patch
3) Update your CHECKOUT notice to match the following:
The following items have been checked out:
----
[% biblio.title %]
----
Thank you for visiting [% branch.branchname %].
3) Generate a CHECKOUT notice for a patron
4) Note there is not change to the generated notice
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This follow-up patch adds fr-CA translation for the SR_SLIP notice.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Warn from a test:
DBD::mysql::st execute failed: Data too long for column 'ccode' at row 1 [for Statement "INSERT INTO statistics
(datetime,
branch, type, value,
other, itemnumber, itemtype, location,
borrowernumber, proccode, ccode)
VALUES (now(),?,?,?,?,?,?,?,?,?,?)" with ParamValues: 0="z8LIyIV", 1='issue', 2=undef, 3='', 4='2584', 5='E_QkzaV5Ay', 6='oDnFRZyog2CS2_XoUB_MB2sBxyI3elbFPC_AekxLPrduGTXKnlNoLKEdQrXzpAw5zD1pGbZshV9ydZup', 7='2000005168', 8='', 9='j9ZDn74omZAoZrTOdC4a05SpWRSHPR2apfss7y5V6QJuQnBEk32XWXCfMp7'] at C4/Stats.pm line 138.
The dbrev 18.06.00.032 did not change it from 10 to 80 as in other tables.
We should either truncate to 10 chars in Stats.pm or increase to varchar(80). Since it is varchar and not char, we should not be afraid about size. I choose for the latter here.
Test plan:
Run db rev.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Carry out changes requested in commenbt #27
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a 'price_paid' column to 'illrequests'
Signed-off-by: Barry Cannon <bc@interleaf.ie>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a 'readonly' column to illrequestattributes. On a DB
upgrade it also populates all existing rows with 1, indicating 'read
only'
Signed-off-by: Barry Cannon <bc@interleaf.ie>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Remove the duplicate entry for RoutingListAddReserves
I guess it has been caused by a bad merge resolution conflict
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Test plan:
1) Ensure that you have four users:
a) A superlibrarian
b) A user with all `parameters` permissions (the toplevel `parameters`
box is checked).
c) A user with the `manage_circ_rules` permission (and, of course,
`catalogue`).
d) A user with the `manage_circ_rules`, `manage_circ_rules_restricted`
and `catalogue` permissions.
2) As all four users, load the "Circulation and fine rules"
administration page (admin/smart-rules.pl).
3) The page should be unchanged for the first three users. It should be
possible to view and edit the circ rules for all libraries.
4) The last (restricted) user should only be able to view and edit the
circ rules for their own library.
Amended by JD: In a second version of this patch
manage_circ_rules_restricted has been replaced by
manage_circ_rules_from_any_libraries and 'no_inherit' related code has
been removed
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
When clicking Create EDIFACT Order on /acqui/basket.pl, an EDIFACT message will not be generated if aqbasket.branch does not match edifact_ean.branchcode. This failure does not generate any sort of error message, it just fails to produce a message.
We should allow ean's to not require a branch to be set, then if we don't find a branch specific each, we can look for the default version of the ean.
Test Plan:
1) Apply this patch set
2) Run updatedatabase
3) Verify you can create a Library EAN without setting a branchcode for it
4) Verify you can use this EAN to send an EDI order where the basket has a branchcode set
Signed-off-by: Colin Campbell <colin.campbell@ptfs-europe.com>
Signed-off-by: Pierre-Marc Thibault <pierre-marc.thibault@inLibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Sandy Allgood <sandy.allgood@citruslibraries.org>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch adds an "IN" option to the AmazonLocale setting, allowing
Indian libraries to use their Amazon Affiliate ID in Koha's links to
Amazon.
To test, apply the patch and run updatedatabase.
- Go to Administration -> System preferences -> Enhanced content.
- Enable the OPACAmazonCoverImages preference.
- Enter a dummy ID in the AmazonAssocTag preference.
- Confirm that you can select "Indian" for the AmazonLocale preference.
- Select "Indian" and save.
- Open a record in the OPAC and confirm that the cover image links to
Amazon.in and includes the ID you entered in AmazonAssocTag.
- Do the same with a record in the staff client.
Signed-off-by: Pierre-Marc Thibault <pierre-marc.thibault@inLibro.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
RM update: Remove accidental tabs from updatedatabase.pl
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch introduces the required sysprefs and Koha::ExternalContent::RecordedBooks
Koha::ExternalContent::RecordedBooks - a wrapper around
WebService::ILS::RecordedBooks::PartnerPatron
RecordedBooks* sysprefs
Nothing functional to test with this patch yet.
But you can run the tests that come with it
t/db_dependent/Koha_ExternalContent_RecordedBooks.t
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch makes it possible to add an extra column to Z3950 search results.
The system preference AdditionalFieldsInZ3950ResultSearch decides which MARC field/subfields are displayed in the column.
Testing:
I Apply the patch
II Run updatedatabase.pl
ACQUISITIONS
0) Enter a field/subfield in the AdditionalFieldsInZ3950ResultSearch
1) Create a new basket or use an existing one
2) In -Add order to basket-, click "From an external source"
3) Select some search targets and enter a subject heading ex. house
4) Click Search bouton
5) Validate "Additional fields" column with the field/subfield value.
CATALOGUING
0) Shares same syspref as above
1) Go to cataloguing, click New from z3950
2) Fill to result in a successful search
3) Validate column Addition Fields
prove t/db_dependent/Breeding.t
Sponsored-by: CCSR (https://ccsr.qc.ca)
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
If the DB is on a remote machine, the web server and the
db server are different, but the SHOW GRANTS code in
installer/install.pl is trying to use the SAME machine.
And even if the permissions were allowed accessing from
both the web and db servers, MySQL won't return the
SHOW GRANTS without access to the mysql.user table. To
install *.* permissions became easiest to get working.
Unless the DB is set up with 'user'@'%', which is also a
potential security issue.
MySQL / MariaDB allow the current connected user to
check their own grants with CURRENT_USER.
There is no need for the installer to know the
IP address of the webserver.
This also removes the need to have permissions for
'koha_kohadev'@'%', because the only process to be
accessing the koha DB is from a known host/ip.
This tightens security too.
TEST PLAN
---------
Install 2 fresh VMs from a Debian ISO.
Make sure they are on the same network (192.168.50.x) as
the kohadevbox. You will need to remember one as DB_IPADDRESS.
On the DB VM & Third VM:
sudo apt-get install mariadb-server mariadb-client net-tools
-- the third vm just needs to be able to run mysql to access
the DB VM.
On DB VM:
sudo vi /etc/mysql/mariadb.conf.d/50-server.cnf
-- make sure the bind-address line is commented out with a #
sudo service mariadb restart
-- congratulations, your DB server is listening to remote
calls now.
sudo mysql -u root
CREATE DATABASE koha_kohadev;
GRANT ALL PRIVILEGES ON `koha_kohadev`.* TO 'koha_kohadev'@'localhost' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
-- now you have an empty DB ready to run a web install on.
However, because only koha_kohadev from localhost is
allowed, we expect failure when we try to run the web
installation step when we get there.
Let's confirm that everything is working as expected
before trying. It will also demonstrate the reason why
this patch is superior to the existing code.
On a kohadevbox:
mysql -u koha_kohadev -h DB_IPADDRESS -p
-- this should be denied
On DB VM:
DROP USER 'koha_kohadev'@'localhost';
GRANT ALL PRIVILEGES ON `koha_kohadev`.* TO 'koha_kohadev'@'%' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
On a kohadevbox:
mysql -u koha_kohadev -h DB_IPADDRESS -p
-- this should give you a SQL prompt
SHOW GRANTS FOR CURRENT_USER;
-- this should show two lines based on 'koha_kohadev'@'%';
SHOW GRANTS FOR 'koha_kohadev'@'192.168.50.10';
-- this should give an access denied error.
SHOW GRANTS FOR 'koha_kohadev'@'%';
-- this should show two lines based on 'koha_kohadev'@'%';
QUIT
-- This case requires the unless code currently in place,
because we aren't checking CURRENT_USER.
On DB VM:
DROP USER 'koha_kohadev'@'%';
GRANT ALL PRIVILEGES ON `koha_kohadev`.* TO 'koha_kohadev'@'192.168.50.10' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
On a kohadevbox:
mysql -u koha_kohadev -h DB_IPADDRESS -p
-- this should give you a SQL prompt
SHOW GRANTS FOR CURRENT_USER;
-- this should show two lines based on 'koha_kohadev'@'%';
SHOW GRANTS FOR 'koha_kohadev'@'192.168.50.10';
-- this should show two lines based on 'koha_kohadev'@'192.168.50.10';
SHOW GRANTS FOR 'koha_kohadev'@'%';
-- this should give an access denied error.
QUIT
-- This case demonstrates that we have two failure points:
1) The GRANT command by the DB Admin and
2) The koha-conf.xml setting.
This is why CURRENT_USER is superior: only (2) is the
failure point.
On DB VM:
GRANT ALL PRIVILEGES ON `koha_kohadev`.* TO 'koha_kohadev'@'%' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
SELECT host,user FROM mysql.user;
-- Should see both koha_kohadev for 192.168.50.10 and %.
On a kohadevbox:
mysql -u koha_kohadev -h DB_IPADDRESS -p
-- this should give you a SQL prompt
SHOW GRANTS FOR CURRENT_USER;
-- this should show two lines based on 'koha_kohadev'@'192.168.50.10';
SHOW GRANTS FOR 'koha_kohadev'@'192.168.50.10';
-- this should show two lines based on 'koha_kohadev'@'192.168.50.10';
SHOW GRANTS FOR 'koha_kohadev'@'%';
-- this should give an access denied error.
QUIT
-- This case doesn't need the unless. CURRENT_USER still
just works.
On an third VM on the same network:
mysql -u koha_kohadev -h DB_IPADDRESS -p
-- this should give you a SQL prompt
SHOW GRANTS FOR CURRENT_USER;
-- this should show two lines based on 'koha_kohadev'@'%';
SHOW GRANTS FOR 'koha_kohadev'@'192.168.50.10';
-- this should give an access denied error.
SHOW GRANTS FOR 'koha_kohadev'@'%';
-- this should show two lines based on 'koha_kohadev'@'%';
QUIT
-- This case demonstrates that it may be more open than a DB
administrator would prefer. And notice, CURRENT_USER still
just works.
On DB VM:
DROP USER 'koha_kohadev'@'192.168.50.10';
DROP USER 'koha_kohadev'@'%';
GRANT ALL PRIVILEGES ON *.* TO 'koha_kohadev'@'%' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
-- This basically give koha_kohadev free reign to do pretty
dangerous stuff.
On an third VM on the same network:
mysql -u koha_kohadev -h DB_IPADDRESS -p
-- this should give you a SQL prompt
SHOW GRANTS FOR CURRENT_USER;
-- this should show a line based on 'koha_kohadev'@'%';
SHOW GRANTS FOR 'koha_kohadev'@'192.168.50.10';
-- this should give a no such grant error.
SHOW GRANTS FOR 'koha_kohadev'@'%';
-- this should show two lines based on 'koha_kohadev'@'%';
QUIT
-- This case demonstrates that it may be more open than a DB
administrator would prefer. And notice, CURRENT_USER still
just works.
In the old code, both cases were literally checked.
This tweak is an optimization which doesn't require
setting permissions to the mysql.user table. Without it,
the code says the user doesn't have permissions to check
the show grants. This issue is not visible to the user,
because both cases are checked.
On DB VM:
SELECT host,user FROM mysql.user;
-- for each one do an appropriate DROP USER 'user'@'host';
GRANT ALL PRIVILEGES ON `koha_kohadev`.* TO 'koha_kohadev'@'192.168.50.10' IDENTIFIED BY 'password';
On kohadevbox:
-- Make sure the /etc/koha/sites/kohadev/koha-conf.xml
points to the DB VM.
-- Make sure a web install runs correctly
On third VM:
-- Make sure unable to connect as koha_kohadev/password.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
I have not followed the whole test plan but trusting author and SO
Changes make sense to me
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
