This patch makes a number of changes in order to improve the way the
staff client's header menu adjusts at narrower browser widths:
- Updated version of Bootstrap 3.3.7 which includes the "collapse"
JavaScript plugin.
- Modified default Bootstrap CSS using Bootstrap's customization tool.
These changes facilitate the removal of some custom CSS (overriding
Bootstrap) from staff-global.scss.
- Added Bootstrap config file for loading customizations at
https://getbootstrap.com/docs/3.3/customize/
- Revised button classes for buttons in Bootstrap-styled toolbars.
The modified default CSS resets the base font size in Bootstrap to
better match our global CSS. A side-effect of this is that toolbar
buttons ended up looking smaller than they should. Changing the
button class solves this.
- Restructure the header menu in order to allow different rules to
govern the appearance of the navigational part of the menu
(Circulation, Search, etc) and the user menu (Set library, My
account, Log out).
- Modify the cart JS to so that the popup works well at narrow widths.
To test, apply the patch, regenerate the staff client CSS, and clear
your browser cache.
- Log in to the staff client and observe the layout of the header menu
as you adjust the browser to various widths.
- Confirm that sections of the menu "collapse" as the window gets
narrower.
- Confirm that dropdown menus behave correctly and that links work.
- Confirm that the Cart link works as expected when the cart empty
and when it has items.
- Install and enable multiple translations, including at least one
set of sub-languages (e.g. fr-FR and fr-CA).
- Test the appearance of the language menus in the footer at
various browser widths.
- View pages with button toolbars and confirm that they appear unchanged
(e.g. biblio detail page, patron detail page).
NOTE: While this patch is intended to make improvements to staff client
responsiveness, it does so within a limited scope. There are still many
pages which do not work well at narrower browser widths.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch modifies several acquisitions templates to use the Bootstrap
grid instead of YUI.
This patch also removes obsolete "text/javascript" attributes from
<script> tags in the modified templates.
To test, apply the patch and view the following pages, confirming that
they look correct at various browser widths:
- Administration -> Budgets
- View budgets list, view and edit budgets
- View budget -> Planning -> Plan by months
- Administration -> Funds
- View funds list, view and edit funds
- Acquisitions -> Vendor -> Contracts
- View contracts list, view and edit contracts
- Administration -> Audio alerts
- Administration -> Authorized values
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
mechanism, it will be tedious
This patch:
- adds a Template::Toolkit plugin that generates <script> and
<link> tags for JS and CSS files, and inserts automatically the Koha
version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable
Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
checking your browser's dev tools (there should be no 404 for JS and
CSS files, and the Koha version should appear in filenames) and the
server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the staff client "additional parameters"
administration templates so that JavaScript is included in the footer
instead of the header.
To test, apply the patch and test the JavaScript-driven features of
each page: All button controls, DataTables functionality, tabs, etc.
Signed-off-by: Simon Pouchol <simon.pouchol@biblibre.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a hint to page Home > Administration > Audio alerts
and related help page about where to enable the sound system
(syspref 'AudioAlerts').
To test:
- Apply patch
- Disable syspref 'AudioAlerts'
- Go to Home > Administration > Audio alerts
- Note hint below title 'Audio alerts'
- Enable syspref 'AudioAlerts'
- Go to Home > Administration > Audio alerts
- Hint is no longer visible (since audios are enabled)
- Open Help page (top right)
- Verify that hint on help page makes sense.
Amended to add alert class as requested by comment #2 2017-02-21 mv
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch is amended to use the sysprefs search on all Administration
pages that do not have their own custom search.
To test:
1) Go to Administration
2) Notice Catalogue search at the top - seems out of place.
3) Apply patch and refresh page.
4) Notice admin / sysprefs search now shows and is more appropriate.
5) Confirm searching for sysprefs still works
This patch affects the following pages:
- admin-home.pl
- audio_alerts.pl
- authtypes.pl
- auth_tag_structure.pl
- authorised_values.pl
- biblio_framework.pl
- marctagstructure.pl
- branch_transfer_limits.pl
- branches.pl
- checkmarc.pl
- classsources.pl
- columns_settings.pl
- didyoumean.pl
- edi_accounts.pl
- edi_ean_accounts.pl
- fieldmapping.pl
- item_circulation_alerts.pl
- items_search_fields.pl
- items_search_field.pl
- item_types.pl
- koha2marklinks.pl
- matching-rules.pl
- oai_sets.pl
- oai_set_mappings.pl
- patron-attr-types.pl
- smart-rules.pl
- transport-cost-matrix.pl
- sms_providers.pl
Sponsored-by: Catalyst IT
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch removes one use of "onclick" in favor of defining events in
the JavaScript.
This patch also makes changes to the style of some buttons to make the
interface a little more consistent with current practices.
To test, apply the patch and go to Administration -> Audio alerts.
- In the list of existing audio alerts, click the "Edit" button for any
alert. The correct data should be loaded in the edit form.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This changes fit with bug 16148 for marc modification template management
To test
-Apply patch
-Goto Admin->Audio alerts
-Verify that green arrows have disappeared now
in blue Awesome Icons
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
https://bugs.koha-community.org/show_bug.cgi?id=16794
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch moves the JavaScript files in prog/en/js to prog/js.
JavaScript files do not need to be in the directory which is processed
by the translator.
To test, apply the patch and visit various pages in the staff client to
confirm that JavaScript files are still loading correctly.
Revised: I intended for this to be built on top of Bug 15883 as well as
Bug 16242. Now it is.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
On top of 15883 and 16241
All seems to work, js files pulled from new dir.
No errors
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The audio alerts management page uses Glyphicons in a few places. This
patch replaces them with Font Awesome icons.
To test, apply the patch for Bug 15886 if necessary and enable
the AudioAlerts system preference.
- Go to Administration -> Audio alerts
- Confirm that icons for "Edit" and "Delete selected" look correct.
- Edit an existing alert and confirm that the "play" button looks
correct and works correctly.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This patch changes the behavior of the audio alerts management page so
that sections of the page are shown or hidden based on what the current
task is. Other changes include:
- Moving JavaScript to a separate file
- Adding a toolbar with a "New alert" button.
- Enabling or disabling the "play sound" button based on the value of
the sound file field.
- Enabling or disabling the "delete" button based on whether there are
checkboxes checked.
- Switching the patron category administration header search form for
the "generic" catalog search one.
- Adding "Required" classes to required fields so that the staff
client's built-in JS validation library can be used.
- Styling the add/edit form in a way which is consistent with other
interfaces in Koha.
- Removing the invalid "border" attribute from images.
- Adding better alt attributes to images.
To test, the AudioAlerts system preference must be enabled. Apply the
patch and go to Administration -> Audio alerts.
- Confirm that the add/edit form is hidden initially. A toolbar with a
"New" button should appear with existing audio alerts in a table
below.
- Confirm that the "New alert" button works:
- The table should be hidden and an empty "add" form displayed.
- Confirm that an empty form cannot be submitted.
- Confirm that typing or selecting a sound enables the "Play sound"
button and that it works to play the sound.
- Confirm that adding valid data works.
- Confirm that clicking the "Cancel" button hides the form and
redisplays the table.
- Test the "edit" button for an existing sound:
- Confirm that the edit form is displayed and populated with the
correct data.
- Confirm that edits are saved correctly.
- When viewing the table of existing alerts, confirm that checking one
of the checkboxes "enables" the delete button.
- With one or more checkboxes checked, test that clicking the delete
button triggers a deletion confirmation. Test both confirm and cancel
operations.
- With no checkboxes checked, test that clicking the delete button
triggers an alert that checkboxes must be checked.
- Ponder whether all this is an improvement or not.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Single quotes audio selector break ability to edit an alert
Test Plan:
1) Enable audio alerts
2) Add new a alert with a select containing single quotes such as: input[name*='test']
3) Note you cannot edit the alert
4) Apply this patch
5) Reload the page
6) You should now be able to edit the alert
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Bug 15734 applied on top. Works as advertised
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
The sounds directory is no longer available for listing for security.
It is better and safer to hard code the list of sounds.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
This patch set replaces and extends Koha's current sound options.
This is implemented be removing the existing sound system, and
re-engineering using a table of selector/sound combinations such that
the highest precedence selector that is found in the DOM will trigger
and audio alert. The existing audio behaviors are implemented as a set
of default audio alerts.
Test Plan:
1) Apply this patch set
2) Run updatedatabase.pl
3) Enable the AudioAlerts system preference
4) Test existing sounds
5) Enter the new alerts editor in the admin section
6) Add a new audo alert with the following selector:
"body:contains('Check in message')",
choose any sound alert you wish, make sure it's not one of the 3
sounds already used! Make this selector precedence 1
4) Browse to the checkins page, you should hear the default sound
5) Attempt to return an invalid barcode, you should hear your custom sound!
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>