As shown in the comments on the bug, it appears that Unicode::Normalize
is the most reliable way to strip accents from strings for this use
case.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Net::Netmask is used in the new Plack::Middleware::RealIP module, which
is in turn used in the psgi plack startup script. We don't have access
to C4::Context inside the startup script and as such don't have access
to the config to work out if loading this module should be optional.
As such, I'm taking the easy route and just making the dependancy a
required one. It's small and already packaged for debian and as such
should not cause anyone any issues.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Koha has a number of features that rely on knowing the IP address of the connecting client. If that server is behind a proxy these features do not work.
This patch adds a module to automatically convert the X-Forwarded-For header into the REMOTE_ADDR environment variable for both CGI and Plack processes.
TEST PLAN:
1) Apply this patch set
2) Install Plack::Middleware::RealIP via cpanm or your favorite utility
3) Update your plack.psgi with the changes you find in this patch set ( this process differs based on your testing environment )
4) Restart plack
5) Tail the plack error log for your instance
6) Use curl to access the OPAC, adding an X-Forwarded-For header: curl --header "X-Forwarded-For: 32.32.32.32" http://127.0.0.1:8080
7) Note the logs output this address if you are unproxied
8) If you are proxied, restart plack using a command like below, where the ip you see in the logs ("REAL IP) is what you put in the koha conf:
<koha_trusted_proxies>172.22.0.1 1.1.1.1</koha_trusted_proxies>
9) Restart all the things!
10) Repeat step 6
11) You should now see "REAL IP: 32.32.32.32" in the plack logs as the remote address in your plack-error.log logs!
12) Disable plack so you are running in cgi mode, repeat step 6 again
13) You should see "REAL IP: 32.32.32.32" as the remove address in your opac-error.log logs!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Ed Veal <eveal@mckinneytexas.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This creates a new daemon, misc/z3950_responder.pl, which can respond to
Z39.50 requests. By default, it just proxies searches to Zebra.
If desired, however, it can also add a subfield to the item tags on
outgoing records with a textual description of the item's status
(checked out, lost, etc.). This is useful for certain ILL systems. These
strings can be translated using the 'Z3950_STATUS' authorized value.
Test plan:
1) Start the Z39.50 server using `perl misc/z3950_responder.pl`.
2) Connect to the server using `yaz-client 127.0.0.1:9999/biblios`.
3) Run a search, such as `find @attr 1=1016 book`.
4) Fetch the results both one at a time with `show 1` and in a batch
using `show 1+5`.
5) Turn on MARCXML using `format xml` and `elements marcxml`, and
verify that the records are still correctly fetched.
6) Enable the item status subfield by restarting the server with the
option `--add-item-status=k`.
7) Search for and fetch records, and verify that a $k subfield is
added to the item tags as appropriate. It should show some
combination of "Checked Out", "Lost", "Not For Loan", "Damaged",
"Withdrawn", "In Transit", or "On Hold" as appropriate, or
"Available".
8) Add an authorized value named "Z3950_STATUS" with any of the keys
"AVAILABLE", "CHECKED_OUT", "LOST", "NOT_FOR_LOAN", "DAMAGED",
"WITHDRAWN", "IN_TRANSIT" or "ON_HOLD", and verify that their
descriptions are used instead of the default values above.
Signed-off-by: George Williams <george@nekls.org>
Signed-off-by: Stefan Berndtsson <stefan.berndtsson@ub.gu.se>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Arthur Suzuki <arthur.suzuki@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
When a high enough number of forks try to access for example system
preferences with Koha::Cache using memcached as backend the results of
different cache requests get mixed up.
The problem is fixed by using Cache::Memcached::Fast::Safe that is a
fork safe version of Cache::Memcached::Fast.
Sponsored-by: The National Library of Finland
Signed-off-by: David Cook <dcook@prosentient.com.au>
Works as described, and solves an insidious difficult to debug
problem in Koha.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Converted this to actual applicable patches.
I think the test plan is comment #28. -- Mark Tompsett
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Test plain:
1. Reindex both authorities and biblios with the -d flag to recreate the index, e.g. "perl misc/search_tools/rebuild_elastic_search.pl -v -d"
2. Check that authorities only contains authority-specific fields in Elasticsearch e.g. by fetching http://localhost:9200/koha_dev_authorities/_mappings
3. Reindex both without the -d flag and verify it works, e.g. "perl misc/search_tools/rebuild_elastic_search.pl -v"
Signed-off-by: Björn Nylén <bjorn.nylen@ub.lu.se>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
If Plack is running with several workers we must not use Cache::Memory
as L2 cache.
If a value is set from a worker, it will not be available from other
workers as the Cache::Memory instance is not shared (of course!)
Moreover we now have Koha::Cache::Memory::Lite that does the same job,
so we should not expect performance regressions by removing it.
See also the email sent to koha-devel for more info
http://lists.koha-community.org/pipermail/koha-devel/2018-December/045004.html
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Locale::Maketext does not allow correct handling of plural translation
for languages that have more than one plural forms.
Locale::Messages does.
So Koha::I18N is now a wrapper around Locale::Messages, just like
Locale::TextDomain, and export the same symbols as Locale::TextDomain.
You can refer to documentation of Locale::TextDomain to know how to use
exported subroutines.
Example usage:
__("Hi")
__x("Hi {name}", name => 'Bob')
__n("item", "items", $num_items)
__nx("one item", "{count} items", $num_items, count => $num_items)
__p("Bibliographic record", "item")
This patch also brings Koha::I18N power to Template::Toolkit templates
by adding a TT plugin.
This plugin can be used like this:
[%# USE the plugin and define some macros %]
[% PROCESS 'i18n.inc' %]
[%# tn is the equivalent of __n %]
[%# macro names can't start with underscore, t is for "translate" %]
[% tn('item', 'items', num_items) %]
Extraction of strings from templates is a bit complicated and use
Template::Parser and PPI. Template is compiled into Perl code and then
analyzed by PPI. It is slow, but should be correct even with complex
constructions.
Remove dependency to Locale::Maketext and Locale::Maketext::Lexicon
Add dependency to Locale::Messages and PPI
Test plan for translation in Perl code:
1. Open a .pl script or .pm module with your favorite text editor
2. Add 'use Koha::I18N;' in the beginning of file
3. Use one of the subroutines exported by Koha::I18N and be sure to have
a way to visualize the result (pass result to the template for
example, or simply warn and watch the log file)
4. cd misc/translator && ./translate update fr-FR # try other languages
5. Open misc/translator/po/fr-FR-messages.po and translate your
string(s)
You may need to change the "Plural-Forms" header. See
https://localization-guide.readthedocs.org/en/latest/l10n/pluralforms.html
6. ./translate install fr-FR
7. Use your web browser to go to the page that should display the
translation, change language and verify the translation is correct
8. prove t/Koha/I18N.t
Test plan for translation in templates:
1. Open a template file (.tt or .inc) with your favorite text editor
2. Add the PROCESS directive mentioned above in the beginning of file
3. Use one of the t* macros defined in i18n.inc. They are used like
their "__" equivalent, with one difference: the 'x' variants take a
hashref instead of a hash as last parameter
4. cd misc/translator && ./translate update fr-FR
5. Open misc/translator/po/fr-FR-messages.po and translate your
string(s)
6. ./translate install fr-FR
7. Use your web browser to go to the page that should display the
translation, change language and verify the translation is
correct
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This dependency is missing from the PerlDependencies.pm file.
This patch adds it.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 11401 introduced code to support Norwegian national library card.
This code is too specific to be part of Koha as it, it should be a
plugin instead.
Moreover nobody uses it, but a modified version (see comment 3).
Test plan:
Add/edit/delete patron and make sure there are no regressions introduced
by these patches
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Clone was not declared a dependency before. It used to be a dependency
of Hash::Merge but isn't in the recent version.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Add CGI::Emulate::PSGI to PerlDependencies.pm
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
While we get packaging sorted, Net::OAuth2::AuthorizationServer is not a
hard dependency for Koha and the feature requiring it is disabled by
default.
This patch:
- Makes the dependency optional
- Makes the unit tests for the OAuth2 client credentials flow skip if
the dependency is not met.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It implements only the "client credentials" flow with no scopes
support. API clients are tied to an existing patron and have the same
permissions as the patron they are tied to.
API Clients are defined in $KOHA_CONF.
Test plan:
0. Install Net::OAuth2::AuthorizationServer 0.16
1. In $KOHA_CONF, add an <api_client> element under <config>:
<api_client>
<client_id>$CLIENT_ID</client_id>
<client_secret>$CLIENT_SECRET</client_secret>
<patron_id>X</patron_id> <!-- X is an existing borrowernumber -->
</api_client>
2. Apply patch, run updatedatabase.pl and reload starman
3. Install Firefox extension RESTer [1]
4. In RESTer, go to "Authorization" tab and create a new OAuth2
configuration:
- OAuth flow: Client credentials
- Access Token Request Method: POST
- Access Token Request Endpoint: http://$KOHA_URL/api/v1/oauth/token
- Access Token Request Client Authentication: Credentials in request
body
- Client ID: $CLIENT_ID
- Client Secret: $CLIENT_SECRET
5. Click on the newly created configuration to generate a new token
(which will be valid only for an hour)
6. In RESTer, set HTTP method to GET and url to
http://$KOHA_URL/api/v1/patrons then click on SEND
If patron X has permission 'borrowers', it should return 200 OK
with the list of patrons
Otherwise it should return 403 with the list of required permissions
(Please test both cases)
7. Wait an hour (or run the following SQL query:
UPDATE oauth_access_tokens SET expires = 0) and repeat step 6.
You should have a 403 Forbidden status, and the token must have been
removed from the database.
8. Create a bunch of tokens using RESTer, make some of them expires
using the previous SQL query, and run the following command:
misc/cronjobs/cleanup_database.pl --oauth-tokens
Verify that expired tokens were removed, and that the others are
still there
9. prove t/db_dependent/api/v1/oauth.t
[1] https://addons.mozilla.org/en-US/firefox/addon/rester/
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The problem is the calls to HTTP::OAI::Header, etc.
may reference gmtime which is continually changing by
the second. By forcing time to lock for all the tests,
except the last one, we can be assured things should
not fail.
TEST PLAN
---------
install libtest-mocktime-perl
apply the patch
restart_all
in kshell, prove t/db_dependent/OAI/Server.t
run koha qa test tools
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Adds Search::Elasticsearch to Perldependencies.pm
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Edit (tcohen): I've changed the version numbers to match those Mirko has already
successfully packaged and are known to work for this patchset.
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
For testing I went in Staff client to Home > About Koha > tab Perl modules
and verified that both Mojolicious (6.0) and Swagger2 (0.59) are marked
as mandatory.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Test::Exception is available on Jessie and already installed when
koha-common gets installed
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Not optional since we are 'using' it in updatedatabase.pl.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This reverts commit 7ac1bc3537.
On a kohadevbox:
Error flock (1) on
'/home/vagrant/kohaclone/installer/data/mysql/atomicupdate/bug_xxxx.perl':
No locks available at installer/data/mysql/updatedatabase.pl line 13637.
This is because Path::Tiny->slurp[_utf8] uses flocks which does not work
with NFS
Test plan:
Execute a .perl atomic update file on a kohadevbox
=> Without this patch you should get the flock error
=> With this patch the update should work fine
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds a syspref "AggressiveMatchOnISSN" allowing for a match
of ISSNs with or without hyphens. It uses Business::ISSN in order to
follow the use of Business::ISBN and allow for validation of ISSNs
To test:
1 - Find a record in your system with an ISSN (or add one)
2 - Stage a record containing the same ISSN but lacking a hyphen
3 - Matching on ISSN should find 0 matches
4 - Repeat with no hyphen ISSN in system and hyphen ISSN in import
5 - Matching should find 0
6 - Apply patch
7 - Update datbase and install Business::ISSN
8 - Leave AggressiveMatchOnISSN as don't and repeat original tests- no
change
9 - Set AggressiveMatchOnISSN as do and repeat original test
10 - You should find a match
11 - prove t/Koha.t - all tests pass
Sponsored by North Central Regional Library System (NCRL) www.ncrl.org
Signed-off-by: Chad Roseburg <croseburg@ncrl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch just introduces Try::Tiny as a core Koha dependency.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Path::Tiny::slurp is considered better to use than File::Slurp.
RM Note: The package version in wheezy is too old, the package version
in jessie is just fine and should be added to the community
repo if wheezy will be supported for the coming release.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Test plan:
Check about page, perl modules.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Marc <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This was set to a version that is not available in Wheezy or Jessie.
The version is not required, the only change to 1.42 (packaged for
Wheezy and Jessie) is a fix for Windows, see
http://cpansearch.perl.org/src/PETDANCE/Test-WWW-Mechanize-1.44/Changes
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This module is already used in opac-password-recovery.pl.
It is loaded in Acquisition, but not used (anymore?).
It is not yet listed in PerlDependencies.
Note: The module is packaged for Debian Wheezy and Jessie.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Sereal is not packaged for jessie, so let's use Sereal::Encoder and
Sereal::Decoder instead.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This manages to eke out a bit more performance on my machine.
Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This module is no longer in use and can be removed.
Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl>
This part involves some changes in a bunch of mysterious debian|ubuntu
related files, not quite sure if I know what I'm doing
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If an attacker can get an authenticated Koha user to visit their page
with the code below, they can update the victim's details to arbitrary
values.
Test plan:
Trigger
/cgi-bin/koha/opac-memberentry.pl?action=update&borrower_B_city=HACKED&borrower_firstname=KOHA&borrower_surname=test
=> Without this patch, the update will be done (or modification
request)
=> With this patch applied you will get a crash "Wrong CSRF token" (no
need to stylish)
Do some regression tests with this patch applied (Update patron infos)
QA note: I am not sure it's useful to create a digest of the DB pass,
but just in case...
Reported by Alex Middleton at Dionach.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>