We allow for the user to add multiple users to this field, and the
search function expects and array. We have been treating it as a scalar
TO test:
1 - Have an open basket in acquisitions
2 - Add to basket - from an existing order (copy)
3 - Enter a name in the 'Basket created by' field and select a user
4 - Hit search
5 - ISE (Can't use string ("1") as an ARRAY ref while "strict refs" in use at /usr/share/koha/lib/C4/Acquisition.pm line 2482.)
6 - Apply patch
7 - Repeat 1-4
8 - Success!
9 - Test with mutiple 'created by' entries as well
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Default for 008 was not tested yet.
Only wondering if we should insert default values only when we meet an
undefined value. Or should we also add if we meet an empty string? Is the
latter not more realistic in MARC?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
When trying to add an order using the ACQ framework with a 008@ tag,
Koha explodes:
Control fields (generally, just tags below 010) do not have subfields,
use data() at /home/vagrant/kohaclone/C4/Acquisition.pm line 3272.
Test plan:
Set a default value for a control field in the ACQ framework
Turn on UseACQFrameworkForBiblioRecords
Create a new order from a new record
The default value should be displayed
Save
=> No crash
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Same change as the first patch, but for the staff detail page.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To test:
1 - Add an 830 to a record with a volume subfield separated by a semicolon
830$aThe series ;$vvol 8.
2 - View the record in the opac
3 - Click the series link, no results
4 - View the link url - the semicolon is not encoded
5 - Apply patch
6 - link works
7 - URL is corrrectly encoded
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This adds a check that the lang variable is defined before testing
against it. In normal operation this is likely a no-op, but it is
required for compiling templates during QA.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Fixes among others the invalid use of json_has() which caused broken tests to pass with older Mojolicious versions.
Signed-off-by: Mason James <mason@kohaaloha.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch allows tests to succeed with the following versions:
JSON::Validator 3.18
Mojolicious 8.32
Mojolicious::Plugin::OpenAPI 2.21
Also Mojolicious::Plugin::OpenAPI version 1.17 and later 1.x versions now work.
Calling valid_input in under() would cause ' Use of uninitialized value $_[2] ' in more recent OpenAPI plugins, so that was changed too. As far as I can see this does not affect authorization.
Signed-off-by: Mason James <mason@kohaaloha.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
When you enable options marked as unsafe, we hope that you know what
you are doing. You should, while having access to koha-conf.xml.
Test plan:
Verify that Security.t still passes.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Security.t does not pass anymore ;)
Due to bug 23290 the tests now trigger an additional runtime error that
we should also catch to let the tests pass again.
Test plan:
Run t/db_dependent/Koha/XSLT/Security.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Test plan:
Run t/db_dependent/Koha/XSLT/Security.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Test plan:
Run it!
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This follow-up refines the change made in the former patch.
See also
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838097https://rt.cpan.org/Public/Bug/Display.html?id=118032
We do not want to depend now on the exact LibXML version, so we will
disable expand_entities unless it is explicitly enabled via the config
variable koha_xslt_security. (Allowing us to test if bad things will be
caught.)
The options key is now always added to the Security object.
The return from set_parser_options has been removed to allow disabling when
there is no koha-conf entry (which probably is the normal situation).
Test plan:
[1] Test the first example patch with and without the other patches (excl.
the second example). Toggle expand_entities in koha-conf. Restart
Plack and flush the cache each time. Evaluate results with the
commit message of first example.
[2] Test both example patches with/without other patches.
Toggle expand_entities. Restart etc. Evaluate results with commit
message of second example (check tmp/breached.txt).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Since libxml2 disables it now by default, we need to enable it for testing.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Until now Base did not yet use Security. The security lines are removed
from Base here by calls to Security.
A new test must be added still.
Test plan:
Ensure that t/db_dependent/XSLT_Handler.t still passes.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Also adds a temporary stub for Koha::XSLT_Handler referring to Base.
This will be removed later.
Test plan:
Run t/db_dependent/XSLT_Handler.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This is just a git move. Cannot be tested. (Easier for QA.)
The next patch adjusts paths etc. in the module.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The problem is that administrators can provide XSLTs that
can read from the server and network and write to the server. The
This patch prevents the Koha::XSLT_Handler from running
XSLT stylesheets that call actions such as read_file, write_file,
read_net, and write_net as documented at
https://metacpan.org/pod/XML::LibXSLT#XML::LibXSLT::Security
(Previous tests suggested issues with XML external entities
causing read file like vulnerabilities but these were not
reproducible)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
File adjust to run tests and be executed on all our codebase.
Test plan:
- Apply this patch without the other one
- run the tests
=> Several failures
- apply the other patch
- run the tests
=> Should pass now
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 9978 should have fixed them all, but some were missing.
We want all the license statements part of Koha to be identical, and
using the GPLv3 statement.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Might be a rebase problem. Not sure if I look at the third patch.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To make qa tools happy again.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch changes the database update so that the system preference is
copied to news items in all installed languages, not just those enabled
in the OPAC.
Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This follow-up uses the updates introduced by Bug 23253 as a model for
improving the display of opacheader. Adding the OpacHeader variable
allows the template to check for its existence and display some
container markup around opacheader if it exists. This will help ease the
transition for libraries who depend on the #opacheader id for styling.
To test, apply the patch and test the OPAC with an 'opacheader' item
defined. The content should be displayed on the page inside '<div
id="opacheader"></div>.'
Delete the 'opacheader' news item and reload the OPAC page. There should
no longer be an #opacheader div.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes a number of improvements and ties up some loose ends
where the old system preference usage wasn't getting replaced.
- Removes news-specific code for defining the language of news
items queried for the OPAC home page. An identical language variable
is already defined globally.
Previous to this patch an 'opacheader' news item would only appear on
the OPAC home page. Now it should appear on all OPAC pages.
- Changes the database update so that 'opacheader' news
items will be inserted with a default title, matching the interface's
requirement that the title field be populated.
- The database update will also now insert the old opacheader system
preference contents into the news item for all active languages as
defined in the 'opaclanguages' system preference. This helps match
the previous behavior in which the opacheader contents were the same
for all languages.
- Adds support for the new opacheader news item to the self checkout,
self check-in, and OPAC maintenance pages.
- Updates sysprefs.t which was using the opacheader preference to test
on. I've changed it to use URLLinkText instead.
- Removes the addition of the opacheader system preference from the
installation SQL file.
Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch builds on Bug 22318 to move the opacheader system preference
into the Koha news system, making it possible to have language- and
library-specific content.
It extends the original patch by adding an option to the template plugin
specifying whether the content title should be shown (probably should be
a flag in opac_news). It also adds a wrapper div with the content
location as the ID (e.g. 'opacheader'). This will make it slightly more
backwards-compatible with CSS customizations.
To test you should have some content in the opacheader system
preference. Apply the patch and run the database update process.
- Go to the OPAC and confirm that the content which was previously in
the opacheader system preference now displays correctly where it was
before.
- In the staff client, go to Tools -> News and verify that the content
from opacheader is now stored in a news item with the location
'opacheader_en.'
- Go to Administration -> System preferences and confirm that the
opacheader preference has been removed.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 15497 introduced the ability to limit item types by library.
However, the text next to the 'Library limitation' selection field on
the item type form mentions authorized values and is confusing.
The current text reads: "Select 'All libraries' if this authorized value
must be displayed all the time. Otherwise select libraries you want to
associate with this value."
This patch updates the text on the item type add or edit form for the
'Library limitation' field to something more understandable.
To test:
1) Apply the patch
2) Go to Administration > Basic parameters > Item types
3) Click 'Edit' for any item type
4) The text next to the 'Library limitation' field should now show
"Select 'All libraries' if all libraries use this item type. Otherwise,
select the specific libraries that use this item type."
5) Sign off
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes the Koha::Object(s) derived classes expose information
about prefetch-able relations. This is then used by a new helper to
generate the prefetch information for the DBIC query.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Object* \
t/db_dependent/Koha/REST/Plugin/Objects.t \
t/Koha/REST/Plugin/Query.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds tests for the introduced methods.
To test:
1. Run the tests :-D
=> SUCCESS: They pass!
2. Sign off :-D
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the ability to compress/uncompress
translations files.
On update/install the files are uncompressed first
The only gain is to use less space.
To test:
1) Apply the patch
2) Go to misc/translator
3) Try it
$ ./translate compress fr-FR (check po/*.gz)
$ ./translate uncompress fr-FR ( check normal files)
4) Try again with verbose mode
$ ./translate compress fr-FR -v (list compressed files)
$ ./translate uncompress fr-FR -v (list uncompressed files)
5) Try update compressed files
$ ./translate compress fr-FR
$ ./translate update fr-FR (result is uncompressed)
6) Try install compressed files
$ ./translate compress fr-FR
$ ./translate install fr-FR
7) Try compress all
$ ./translate compress (add '-v' for verbose output)
8) Try uncompress all
$ ./translate uncompress (add '-v' for verbose output)
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
$patron->{items} contains the borrowers checkouts as an array of hashes
{ barcode => $item->barcode }
When printing to log we assumed these were only barcodes
This patch pushes the current checkout as a hash and maps the values retrieved to a string
To test:
1 - Enable SIP debug mode
2 - Perform multiple checkouts for a patron
3 - Note the messages like:
koha koha_sip_koha[13575]: ILS::Checkout: patron 123 has checked out HASH(0x55a5b187f858), HASH(0x55a5b1896ad0), HASH(0x55a5b18a6cf0), 7826832
4 - Apply patch
5 - Restart all the things
6 - Do some checkouts via SIP
6 - Messages should now have barcodes
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Without it, catalogue/detail.pl dies (and probably other scripts too)
Test plan:
1. Uninstall GD, reload starman
2. Go to catalogue/detail.pl. Confirm that it dies
3. Reinstall GD, reload starman
4. Go to catalogue/detail.pl. Confirm that it work normally
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Since these operations impact on the resultset, the counts should be
saved before.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Argument "" isn't numeric in subtraction (-) at /usr/share/koha/Koha/Patrons.pm line 290.
Coming from an empty or undefined FailedLoginAttempts.
Test plan:
Verify that Koha/Patrons.t still passes.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The warn must be done in the cronjob.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Followed this test plan (with two follow-ups applied):
[1] Prefs: UnsubscribeReflectionDelay=1, PatronAnonymizeDelay=2, PatronRemovalDelay=3, FailedLoginAttempts was undef
[2] Pick borrower and set expiry to NOW-2, and lock him (login_attempts=-1) Could be achieved too by settings FailedLoginAttempts and trying wrong passwords. Run cleanup job:
Locked 0 patrons
Anonymized 1 patrons
Deleted 0 patrons
[3] Pick borrower, set expiry to NOW-3. Run cleanup job:
Locked 0 patrons
Anonymized 0 patrons
Deleted 1 patrons
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To prevent invalid values in this pref (and so on the server), we should
make this input readonly on the syspref page.
The sysprefs related to Hea should be edited from the dedicated page, so
also adding a note about that.
Test plan:
Search syspref with "UsageStats"
Notice the note about the admin page
Notice the UsageStatsGeolocation input is now readonly (and resized, to
display the whole value when filled)
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
misc/cronjobs/update_totalissues.pl when issuing statistics table, no-incremental, has a problem for biblio with multiple items.
The first SQL query gets the biblios linked to items with issues in statistics :
SELECT
biblio.biblionumber, COUNT(statistics.itemnumber)
FROM
biblio
LEFT JOIN
items
ON
(biblio.biblionumber=items.biblionumber)
LEFT JOIN
statistics
ON
(items.itemnumber=statistics.itemnumber)
WHERE
statistics.type = 'issue'
$limit
GROUP BY
biblio.biblionumber
The second SQL query is :
SELECT
biblio.biblionumber, 0
FROM
biblio
LEFT JOIN
items
ON
(biblio.biblionumber=items.biblionumber)
LEFT JOIN
statistics
ON
(items.itemnumber=statistics.itemnumber)
WHERE
statistics.itemnumber IS NULL
GROUP BY
biblio.biblionumber
The problem is that this second query will set to 0 where ANY item has no entry in statistics table.
So when running it sets 0 to the biblio that had a value from first
query.
I think the best fix is to use "WHERE statistics.type = 'issue'" inside que JOIN :
LEFT JOIN statistics ON (items.itemnumber=statistics.itemnumber AND statistics.type = 'issue')
Test plan :
1) Begin with an empty database
2) Create a biblio 1 with no items
3) Create a biblio 2 with 3 items
4) Create a biblio 3 with 2 items
5) Checkout and checkin all items of biblio 2
6) Checkout and checkin the firt item of biblio 3
7) run misc/cronjobs/update_totalissues.pl --use-stats -v
8) Check biblio 1 has biblioitems.totalissues = 0
9) Check biblio 2 has biblioitems.totalissues = 3
10) Without patch the biblio 3 has biblioitems.totalissues = 0
11) With patch the biblio 3 has biblioitems.totalissues = 1
12) Check misc/cronjobs/update_totalissues.pl --incremental is OK
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
