Commit graph

152 commits

Author SHA1 Message Date
c7ea3cb0c9
Bug 14759: Replace Text::Unaccent with Unicode::Normalize
As shown in the comments on the bug, it appears that Unicode::Normalize
is the most reliable way to strip accents from strings for this use
case.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-01-10 10:44:35 +00:00
b8a5194d24
Bug 23068: (RM follow-up) Make Net::Netmask required
Net::Netmask is used in the new Plack::Middleware::RealIP module, which
is in turn used in the psgi plack startup script.  We don't have access
to C4::Context inside the startup script and as such don't have access
to the config to work out if loading this module should be optional.

As such, I'm taking the easy route and just making the dependancy a
required one. It's small and already packaged for debian and as such
should not cause anyone any issues.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-11-06 12:12:09 +00:00
a6838a3e35
Bug 23068: Add ability for Koha to handle X-Forwarded-For headers so REMOTE_ADDR features work behind a proxy
Koha has a number of features that rely on knowing the IP address of the connecting client. If that server is behind a proxy these features do not work.
This patch adds a module to automatically convert the X-Forwarded-For header into the REMOTE_ADDR environment variable for both CGI and Plack processes.

TEST PLAN:
1) Apply this patch set
2) Install Plack::Middleware::RealIP via cpanm or your favorite utility
3) Update your plack.psgi with the changes you find in this patch set ( this process differs based on your testing environment )
4) Restart plack
5) Tail the plack error log for your instance
6) Use curl to access the OPAC, adding an X-Forwarded-For header: curl --header "X-Forwarded-For: 32.32.32.32" http://127.0.0.1:8080
7) Note the logs output this address if you are unproxied
8) If you are proxied, restart plack using a command like below, where the ip you see in the logs ("REAL IP) is what you put in the koha conf:
    <koha_trusted_proxies>172.22.0.1 1.1.1.1</koha_trusted_proxies>
9) Restart all the things!
10) Repeat step 6
11) You should now see "REAL IP: 32.32.32.32" in the plack logs as the remote address in your plack-error.log logs!
12) Disable plack so you are running in cgi mode, repeat step 6 again
13) You should see "REAL IP: 32.32.32.32" as the remove address in your opac-error.log logs!

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Ed Veal <eveal@mckinneytexas.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-31 16:10:17 +00:00
Ere Maijala
925db0baef
Bug 13937: Fix issues found in QA
Signed-off-by: Stefan Berndtsson <stefan.berndtsson@ub.gu.se>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-08 14:39:50 +01:00
Jesse Weaver
f089d393dc
Bug 13937: Add a Z39.50 daemon that can inject item status MARC subfields
This creates a new daemon, misc/z3950_responder.pl, which can respond to
Z39.50 requests. By default, it just proxies searches to Zebra.

If desired, however, it can also add a subfield to the item tags on
outgoing records with a textual description of the item's status
(checked out, lost, etc.). This is useful for certain ILL systems. These
strings can be translated using the 'Z3950_STATUS' authorized value.

Test plan:
  1) Start the Z39.50 server using `perl misc/z3950_responder.pl`.
  2) Connect to the server using `yaz-client 127.0.0.1:9999/biblios`.
  3) Run a search, such as `find @attr 1=1016 book`.
  4) Fetch the results both one at a time with `show 1` and in a batch
     using `show 1+5`.
  5) Turn on MARCXML using `format xml` and `elements marcxml`, and
     verify that the records are still correctly fetched.
  6) Enable the item status subfield by restarting the server with the
     option `--add-item-status=k`.
  7) Search for and fetch records, and verify that a $k subfield is
     added to the item tags as appropriate. It should show some
     combination of "Checked Out", "Lost", "Not For Loan", "Damaged",
     "Withdrawn", "In Transit", or "On Hold" as appropriate, or
     "Available".
  8) Add an authorized value named "Z3950_STATUS" with any of the keys
     "AVAILABLE", "CHECKED_OUT", "LOST", "NOT_FOR_LOAN", "DAMAGED",
     "WITHDRAWN", "IN_TRANSIT" or "ON_HOLD", and verify that their
     descriptions are used instead of the default values above.

Signed-off-by: George Williams <george@nekls.org>
Signed-off-by: Stefan Berndtsson <stefan.berndtsson@ub.gu.se>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-08 14:39:30 +01:00
f67e23c2c2
Bug 23677: Controller method and dependencies tweak
Signed-off-by: Arthur Suzuki <arthur.suzuki@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-08 14:33:34 +01:00
6c92612c15
Bug 13193: (RM revert) Make Memcached usage fork safe
This reverts commit f7a5466c52. We need
the new dependancy packaged first.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-01 15:34:57 +01:00
Joonas Kylmälä
f7a5466c52
Bug 13193: Make Memcached usage fork safe
When a high enough number of forks try to access for example system
preferences with Koha::Cache using memcached as backend the results of
different cache requests get mixed up.

The problem is fixed by using Cache::Memcached::Fast::Safe that is a
fork safe version of Cache::Memcached::Fast.

Sponsored-by: The National Library of Finland
Signed-off-by: David Cook <dcook@prosentient.com.au>

Works as described, and solves an insidious difficult to debug
problem in Koha.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-01 15:14:31 +01:00
f380a06cb9
Bug 21073: (follow-up) Add Class::Inspector to PerlDependencies
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-06-18 17:30:14 +01:00
9388401f88 Bug 14407: (RM follow-up) bump version number
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-10 11:44:45 +00:00
Nicholas can Oudtshoorn
30f0e7fec9 Bug 14407: Allow restricting SCO to IP or IP range
Converted this to actual applicable patches.
I think the test plan is comment #28. -- Mark Tompsett

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-10 11:39:50 +00:00
Ere Maijala
118f685dbf Bug 22474: Clone field config before adding fields to it
Test plain:

1. Reindex both authorities and biblios with the -d flag to recreate the index, e.g. "perl misc/search_tools/rebuild_elastic_search.pl -v -d"
2. Check that authorities only contains authority-specific fields in Elasticsearch e.g. by fetching  http://localhost:9200/koha_dev_authorities/_mappings
3. Reindex both without the -d flag and verify it works, e.g. "perl misc/search_tools/rebuild_elastic_search.pl -v"

Signed-off-by: Björn Nylén <bjorn.nylen@ub.lu.se>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-16 13:17:32 +00:00
4bf033c6d6 Bug 21955: Remove Cache::Memory as fallback for L2 cache
If Plack is running with several workers we must not use Cache::Memory
as L2 cache.

If a value is set from a worker, it will not be available from other
workers as the Cache::Memory instance is not shared (of course!)

Moreover we now have Koha::Cache::Memory::Lite that does the same job,
so we should not expect performance regressions by removing it.

See also the email sent to koha-devel for more info
http://lists.koha-community.org/pipermail/koha-devel/2018-December/045004.html

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-12-11 19:10:46 +00:00
Julian Maurice
d708255c7a Bug 15395: Allow correct handling of plural translation
Locale::Maketext does not allow correct handling of plural translation
for languages that have more than one plural forms.
Locale::Messages does.

So Koha::I18N is now a wrapper around Locale::Messages, just like
Locale::TextDomain, and export the same symbols as Locale::TextDomain.
You can refer to documentation of Locale::TextDomain to know how to use
exported subroutines.

Example usage:
  __("Hi")
  __x("Hi {name}", name => 'Bob')
  __n("item", "items", $num_items)
  __nx("one item", "{count} items", $num_items, count => $num_items)
  __p("Bibliographic record", "item")

This patch also brings Koha::I18N power to Template::Toolkit templates
by adding a TT plugin.
This plugin can be used like this:

[%# USE the plugin and define some macros %]
[% PROCESS 'i18n.inc' %]

[%# tn is the equivalent of __n %]
[%# macro names can't start with underscore, t is for "translate" %]
[% tn('item', 'items', num_items) %]
Extraction of strings from templates is a bit complicated and use
Template::Parser and PPI. Template is compiled into Perl code and then
analyzed by PPI. It is slow, but should be correct even with complex
constructions.

Remove dependency to Locale::Maketext and Locale::Maketext::Lexicon
Add dependency to Locale::Messages and PPI

Test plan for translation in Perl code:
1. Open a .pl script or .pm module with your favorite text editor
2. Add 'use Koha::I18N;' in the beginning of file
3. Use one of the subroutines exported by Koha::I18N and be sure to have
   a way to visualize the result (pass result to the template for
   example, or simply warn and watch the log file)
4. cd misc/translator && ./translate update fr-FR # try other languages
5. Open misc/translator/po/fr-FR-messages.po and translate your
   string(s)
   You may need to change the "Plural-Forms" header. See
   https://localization-guide.readthedocs.org/en/latest/l10n/pluralforms.html
6. ./translate install fr-FR
7. Use your web browser to go to the page that should display the
   translation, change language and verify the translation is correct
8. prove t/Koha/I18N.t

Test plan for translation in templates:
1. Open a template file (.tt or .inc) with your favorite text editor
2. Add the PROCESS directive mentioned above in the beginning of file
3. Use one of the t* macros defined in i18n.inc. They are used like
   their "__" equivalent, with one difference: the 'x' variants take a
   hashref instead of a hash as last parameter
4. cd misc/translator && ./translate update fr-FR
5. Open misc/translator/po/fr-FR-messages.po and translate your
   string(s)
6. ./translate install fr-FR
7. Use your web browser to go to the page that should display the
   translation, change language and verify the translation is
   correct

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-11-08 15:55:50 +00:00
eb3f78f82e Bug 18959: Text::CSV::Unicode missing from dependencies
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-10-19 16:37:21 +00:00
418c65d2e2 Bug 20776: Add Selenium::Remote::Driver to the dependency list
This dependency is missing from the PerlDependencies.pm file.
This patch adds it.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-09-07 13:33:18 +00:00
7c05f4fbe4 Bug 21068: Remove NorwegianPatronDB related code
Bug 11401 introduced code to support Norwegian national library card.
This code is too specific to be part of Koha as it, it should be a
plugin instead.
Moreover nobody uses it, but a modified version (see comment 3).

Test plan:
Add/edit/delete patron and make sure there are no regressions introduced
by these patches

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:29 +00:00
Mirko Tietgen
4b8bcd9be9 Bug 20949: Koha depends on Clone
Clone was not declared a dependency before. It used to be a dependency
of Hash::Merge but isn't in the recent version.

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-12 13:39:40 +00:00
Jérôme Charaoui
f99a1daf25 Bug 20920: Add missing dependency on CGI::Compile
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-02 11:24:10 +00:00
Mirko Tietgen
f9e06c3849 Bug 20693: Plack fails, because 'libcgi-emulate-psgi-perl' package is not installed
Add CGI::Emulate::PSGI to PerlDependencies.pm

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-15 14:59:37 -03:00
17e8acad70 Bug 20624: Net::OAuth2::AuthorizationServer is not a hard dependency
While we get packaging sorted, Net::OAuth2::AuthorizationServer is not a
hard dependency for Koha and the feature requiring it is disabled by
default.

This patch:
- Makes the dependency optional
- Makes the unit tests for the OAuth2 client credentials flow skip if
  the dependency is not met.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-09 12:56:03 -03:00
Julian Maurice
5c7d12e4e0 Bug 20402: Remove dependency on Mojo::Plugin::OAuth2::Server
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:42 -03:00
Julian Maurice
43a4b3c22c Bug 20402: Implement OAuth2 authentication for REST API
It implements only the "client credentials" flow with no scopes
support. API clients are tied to an existing patron and have the same
permissions as the patron they are tied to.
API Clients are defined in $KOHA_CONF.

Test plan:
0. Install Net::OAuth2::AuthorizationServer 0.16
1. In $KOHA_CONF, add an <api_client> element under <config>:
     <api_client>
       <client_id>$CLIENT_ID</client_id>
       <client_secret>$CLIENT_SECRET</client_secret>
       <patron_id>X</patron_id> <!-- X is an existing borrowernumber -->
     </api_client>
2. Apply patch, run updatedatabase.pl and reload starman
3. Install Firefox extension RESTer [1]
4. In RESTer, go to "Authorization" tab and create a new OAuth2
   configuration:
   - OAuth flow: Client credentials
   - Access Token Request Method: POST
   - Access Token Request Endpoint: http://$KOHA_URL/api/v1/oauth/token
   - Access Token Request Client Authentication: Credentials in request
     body
   - Client ID: $CLIENT_ID
   - Client Secret: $CLIENT_SECRET
5. Click on the newly created configuration to generate a new token
   (which will be valid only for an hour)
6. In RESTer, set HTTP method to GET and url to
   http://$KOHA_URL/api/v1/patrons then click on SEND
   If patron X has permission 'borrowers', it should return 200 OK
   with the list of patrons
   Otherwise it should return 403 with the list of required permissions
   (Please test both cases)
7. Wait an hour (or run the following SQL query:
   UPDATE oauth_access_tokens SET expires = 0) and repeat step 6.
   You should have a 403 Forbidden status, and the token must have been
   removed from the database.
8. Create a bunch of tokens using RESTer, make some of them expires
   using the previous SQL query, and run the following command:
     misc/cronjobs/cleanup_database.pl --oauth-tokens
   Verify that expired tokens were removed, and that the others are
   still there
9. prove t/db_dependent/api/v1/oauth.t

[1] https://addons.mozilla.org/en-US/firefox/addon/rester/

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-08 15:55:42 -03:00
d6f3e1fbe6 Bug 18342: Mark Cache::Memcached as mandatory
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-05-03 12:47:07 -03:00
aaea465942 Bug 20191: (QA follow-up) Require Jessie's Test::MockTime
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-05 10:10:04 -03:00
Mark Tompsett
b76ad51b9d Bug 20191: Use Test::MockTime to hold time still
The problem is the calls to HTTP::OAI::Header, etc.
may reference gmtime which is continually changing by
the second. By forcing time to lock for all the tests,
except the last one, we can be assured things should
not fail.

TEST PLAN
---------
install libtest-mocktime-perl
apply the patch
restart_all
in kshell, prove t/db_dependent/OAI/Server.t
run koha qa test tools

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-05 10:09:04 -03:00
e2869cb014 Bug 18055: The 2 new deps are used for testing purpose
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-28 15:54:56 -03:00
ac38492107 Bug 18055: Speed up '00-strict.t' test, with Parallel::ForkManager
to test...

1/ run 00-strict.t test, (16.5 mins on a 4xcpu system)

$ time prove t/db_dependent/00-strict.t
...
Files=1, Tests=654, 994 wallclock secs ( 0.19 usr  0.04 sys + 873.40 cusr 116.20 csys = 989.83 CPU)
Result: PASS
real    16m34.104s

2/ apply patch

3/ install Parallel::ForkManager package
$ sudo apt-get install libparallel-forkmanager-perl libsys-cpu-perl

4/ run 00-strict.t test again, (now 6 mins.. much faster)

$ time prove t/db_dependent/00-strict.t
...
Files=1, Tests=654, 364 wallclock secs ( 0.07 usr  0.01 sys + 1159.20 cusr 153.41 csys = 1312.69 CPU)
Result: PASS
real    6m4.355s

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Edit: removed debian/control changes as the file is generated

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-28 15:53:05 -03:00
Mirko Tietgen
78cd06a0f6 Bug 20061: koha-common is not pulling libsearch-elasticsearch-perl
Adds Search::Elasticsearch to Perldependencies.pm

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-23 10:49:42 -03:00
Srdjan
79c2848b14 Bug 19450: Fixed WebService::ILS bug upstream (0.17)
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-21 13:09:17 -03:00
db68a2f432 Bug 18993: Allow Test::More version 1.302073
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-07 10:09:51 -03:00
8e61e6ee2c Bug 18993: Bump Test::More to 1.302075
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-12-07 10:09:51 -03:00
Lari Taskula
47b6026c6a Bug 18137: List Mojolicious::Plugin::OpenAPI and JSON::Validator as dependencies
Edit (tcohen): I've changed the version numbers to match those Mirko has already
successfully packaged and are known to work for this patchset.

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
a900a434d5 Bug 17190 - Marked REST API as mandatory (require = 1) in PerlDependencies.pm
For testing I went in Staff client to Home > About Koha > tab  Perl modules
and verified that both Mojolicious (6.0) and Swagger2 (0.59) are marked
as mandatory.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-05-08 09:06:30 -04:00
5d6ee0c7a0 Bug 17828: (followup) Add Test::Exception as dependency
Test::Exception is available on Jessie and already installed when
koha-common gets installed

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-03-31 14:36:48 +00:00
Srdjan
e7aff8ea0d Bug 16034 follow-up: added WebService::ILS to PerlDependencies
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2017-02-21 19:58:21 +00:00
6b67f635b1 Bug 17666: [QA Follow-up] Mark File::Slurp as required
Not optional since we are 'using' it in updatedatabase.pl.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-12-16 11:14:49 +00:00
c9e95aa22e Bug 17666: Revert "Bug 16685 [QA Followup] - Use Path::Tiny::slurp instead of File::Slurp"
This reverts commit 7ac1bc3537.

On a kohadevbox:
Error flock (1) on
'/home/vagrant/kohaclone/installer/data/mysql/atomicupdate/bug_xxxx.perl':
No locks available at installer/data/mysql/updatedatabase.pl line 13637.

This is because Path::Tiny->slurp[_utf8] uses flocks which does not work
with NFS

Test plan:
Execute a .perl atomic update file on a kohadevbox
=> Without this patch you should get the flock error
=> With this patch the update should work fine

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-12-16 11:14:49 +00:00
68ced964fd Bug 14629 - Add aggressive ISSN matching feature equivalent to the aggressive ISBN matcher
This patch adds a syspref "AggressiveMatchOnISSN" allowing for a match
of ISSNs with or without hyphens. It uses Business::ISSN in order to
follow the use of Business::ISBN and allow for validation of ISSNs

To test:
1 - Find a record in your system with an ISSN (or add one)
2 - Stage a record containing the same ISSN but lacking a hyphen
3 - Matching on ISSN should find 0 matches
4 - Repeat with no hyphen ISSN in system and hyphen ISSN in import
5 - Matching should find 0
6 - Apply patch
7 - Update datbase and install Business::ISSN
8 - Leave AggressiveMatchOnISSN as don't and repeat original tests- no
change
9 - Set AggressiveMatchOnISSN as do and repeat original test
10 - You should find a match
11 - prove t/Koha.t - all tests pass

Sponsored by North Central Regional Library System (NCRL) www.ncrl.org

Signed-off-by: Chad Roseburg <croseburg@ncrl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-10-28 11:58:14 +00:00
60fc63ef4d Bug 17425: Add Try::Tiny dependency
This patch just introduces Try::Tiny as a core Koha dependency.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-10-21 17:37:54 +00:00
7ac1bc3537 Bug 16685 [QA Followup] - Use Path::Tiny::slurp instead of File::Slurp
Path::Tiny::slurp is considered better to use than File::Slurp.

RM Note: The package version in wheezy is too old, the package version
         in jessie is just fine and should be added to the community
         repo if wheezy will be supported for the coming release.

Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-09-09 12:53:07 +00:00
2be60d395f Bug 17223: Add Cache::Memcached to PerlDependencies
Test plan:
Check about page, perl modules.

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-09-02 13:58:04 +00:00
86144a65e0 Bug 16929: [QA Follow-up] Add dependency for Bytes::Random::Secure
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Marc <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-10 13:26:00 +00:00
Mirko Tietgen
893f6cc263 Bug 17087 - Set Test::WWW::Mechanize version to 1.42
This was set to a version that is not available in Wheezy or Jessie.
The version is not required, the only change to 1.42 (packaged for
Wheezy and Jessie) is a fix for Windows, see
http://cpansearch.perl.org/src/PETDANCE/Test-WWW-Mechanize-1.44/Changes

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-10 13:23:43 +00:00
Mirko Tietgen
3c9eace41a Bug 17043 - Readonly deps
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-08 14:26:34 +00:00
92626f55c8 Bug 16971: Missing dependency for HTML::Entities
This module is already used in opac-password-recovery.pl.
It is loaded in Acquisition, but not used (anymore?).
It is not yet listed in PerlDependencies.

Note: The module is packaged for Debian Wheezy and Jessie.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
2016-08-04 19:44:03 +00:00
c6d3e5a50b Bug 16715: Use Sereal::Decoder and Sereal::Encoder instead of Sereal
Sereal is not packaged for jessie, so let's use Sereal::Encoder and
Sereal::Decoder instead.

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-08-02 14:29:02 +00:00
Jesse Weaver
66a8c96550 Bug 16715: Proposed followup to use Sereal for serialization
This manages to eke out a bit more performance on my machine.

Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-07-22 17:17:28 +00:00
67e6efab5d Bug 16770: Remove Memoize::Memcached dependency
This module is no longer in use and can be removed.

Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl>

This part involves some changes in a bunch of mysterious debian|ubuntu
related files, not quite sure if I know what I'm doing
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-06-24 14:05:56 +00:00
779fa7c6da Bug 16591: Fix CSRF in opac-memberentry
If an attacker can get an authenticated Koha user to visit their page
with the code below, they can update the victim's details to arbitrary
values.

Test plan:

Trigger
/cgi-bin/koha/opac-memberentry.pl?action=update&borrower_B_city=HACKED&borrower_firstname=KOHA&borrower_surname=test

=> Without this patch, the update will be done (or modification
request)
=> With this patch applied you will get a crash "Wrong CSRF token" (no
need to stylish)

Do some regression tests with this patch applied (Update patron infos)

QA note: I am not sure it's useful to create a digest of the DB pass,
but just in case...

Reported by Alex Middleton at Dionach.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
2016-06-24 11:55:15 +00:00