Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch addresses the CSRF error when receiving in acquisitions.
To test:
1. Have at least one order to receive
2. Follow the steps to receive them
3. Have the logs open:
$ ktd --shell
k$ tail -f /var/log/koha/kohadev/*.log
4. Click to confirm receipt
=> FAIL: An error modal is displayed
=> FAIL: There's an error about missing CSRF token in POST
5. Apply this patch
6. Reload everything:
k$ restart_all
7. Repeat 1-4
=> SUCCESS: Receipt works :-D
=> SUCCESS: No error log
8. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
We retrieve a list of records for DT, it does not need to be a POST
request.
Test plan:
1. Try an item search
2. The page loads but pops an alert that says "403: Forbidden" and table stays empty
3. Apply patch
4. Try an item search again and the table loads results
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
We retrieve a list of records for DT, it does not need to be a POST
request.
Test plan:
1. Stage a batch
2. When it's done, click on "view batch"
=> Without this patch the page loads but pops an alert that says "403: Forbidden" and table stays empty
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
No idea why we are passing issue_escaped instead of the id, but this
patch fixes the regression.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
Run t/db_dependent/api/v1/acquisitions_orders.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Note: I had trouble with listing orders in API without
status, although formally not required according specs.
Test plan:
Run t/db_dependent/api/v1/acquisitions_orders.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] As Victor discovered, the test with status new in subtest
'delete' needed the authorised user now.
Test plan:
Run t/db_dependent/api/v1/acquisitions_orders.t
Without the follow-up patch this should FAIL.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Admin > Circ & fine rules
2. Select a library at the top of the forms ( #selectlibrary )
3. Try to change the 'Refund lost item replacement fee' to "Refund lost item charge (only if unpaid)".
4. Press save and let the page reload.
5. Look at the dropdown again, the value is now set to "Refund lost item charge and restore overdue fine".
6. APPLY PATCH
7. Try steps 2 - 5 again but this time the value in the dropdown should not change.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Make all bibliographic information fields filter do a contain match
rather than an exact match
Test plan:
1. Create a purchase suggestion with a multi-word title (e.g. one day in december)
1.1. Go to Acquisitions > Suggestions > New purchase suggestion
1.2. Enter a title (e.g. one day in december)
1.3. Click on Submit your suggestion
2. Search for one of the words in the title
2.1. In the "Filter by" section, click on Bibliographic information
2.2. In the title field, enter one of the words of the title (e.g. december)
2.3. Click Go
--> No results
3. Apply the patch
4. Redo step 2 and notice there is now a valid result
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This link is broken and doesn't make sense from a UI/UX perspective
and thus should be removed.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
There should be no change in beahavior. Following the test plan from Bug 35840.
To test:
1. APPLY PATCH, restart_all
2. Turn on RecordLocalUseOnReturn
3. Create a Statistical patron.
4. Check an item out to a regular patron.
5. Check the item out to a Statistical patron.
6. This should trigger a return and you will see 2 entries in the statistics table, one for localuse and one for a return.
7. Try checking out an item to the Stats patron that is NOT checked out.
8. You should only see 1 entry, localuse, in the statistics table.
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. APPLY PATCH, restart_all
2. Turn on RecordLocalUseOnReturn
3. Create a Statistical patron.
4. Check an item out to a regular patron.
5. Check the item out to a Statistical patron.
6. This should trigger a return and you will see 2 entries in the statistics table, one for localuse and one for a return.
7. Try checking out an item to the Stats patron that is NOT checked out.
8. You should only see 1 entry, localuse, in the statistics table.
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Remove archived suggestions in patron's account page
Test plan:
1. Go to a patron's account in the staff interface
2. Go to the Suggestions tab
3. Click New purchase suggestion and create a suggestion
4. In another browser tab, go to Acquisitions > Suggestions
5. Click the small arrow next to the edit button to the right of the suggestion, and choose Archive (alternatively, check the suggestion's box and click Archive selected)
--> Suggestion disappears from the suggestions management page (OK)
6. Go back to the tab with the patron's account and refresh
--> Suggestion is still visible
7. Apply the patch
8. Redo step 6 and notice the suggestion is not visible anymore
9. Redo step 4 and 5 but this time, unarchiving the suggestion
10. Redo step 6 and notice the suggestion is back
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Add some JS like this to any of the UserJS system preferences:
$(document).ready( function() {
let something = 1;
const another_thing = 2;
let an_arrow_function = (a, b) => a + b;
console.log( an_arrow_function(something, another_thing) );
});
2. Notice the icons and warnings to the left of the line numbers:
let is available in ES6
const is available in ES6
arrow_function_syntax is available in ES6
3. APPLY PATCH
4. Try steps 1 and 2 again, the warnings should be gone.
5. Check that the JavaScript still works, in my example it should console.log 3.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Turn on the syspref 'OpacCatalogConcerns'
2. Go to view a record in the OPAC and click on "Report a concern" in
the column located on the right-hand side.
3. Fill out the title on the form and leave everything else the same.
Click on submit and notice that the message on the screen says "Your
concern was sucessfully submitted."
4. Apply the patch.
5. Submit a new concern. Notice that the text now has "successfully"
spelled correctly.
6. Sign off and have a great day! :D
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Turn on the syspref 'CatalogConcerns'
2. Go to view a record in the staff intranet and click on "New catalog concern" which is located in the "+New" dropdown.
3. Fill out the title on the form and leave everything else the same. Click on submit and notice that the message on the screen says "Your concern was sucessfully submitted."
4. Apply the patch.
5. Refresh the page and submit a new concern. Notice that the message now has "successfully" spelled correctly.
6. Sign off and have a wonderful day! :D
Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
1) Enable UseRecalls
2) Checkout an item to a patron:
Top INTRA search bar: pick 'check out' and paste a patron
cardnumber:
23529000035676
press enter
3) Enter an item barcode:
39999000003154
Press checkout
4) As user koha/koha, visit OPAC page for this biblio:
opac-url/cgi-bin/koha/opac-detail.pl?biblionumber=76
5) Notice all sidebar actions on the right have hover effect except for
'Place recall'
Apply patch, repeat test plan.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
The "Next" pagination button in the OPAC result list has a double angle
whereas the "Previous" button only has a single angle. This patch fixes
that error.
To test:
1) Do a search in the OPAC with more than one page of results.
2) Observe that the "Next" button has a double angle whereas the
"Previous" button has only a single angle.
3) Apply the patch.
4) Repeat steps 1 and 2.
5) Verify that the "Next" button now has a single angle.
Sponsored-by: Karlsruhe Institute of Technology (KIT)
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch modifies opac-memberentry.pl so that the list of libraries is
sorted by library name instead of library code.
To test, apply the patch and restart services.
- If using the default testing data you'll have to go to Administration
-> Libraries and edit one or more libraries so that the library name
is alphabetically different than the library code. e.g. Centerville ->
Zanzibar.
- Go the OPAC and click "Create an account" (requires the
PatronSelfRegistration system preference).
- Under "Home library," the dropdown of libraries should be ordered by
library name.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds cy.wait() in two places where builds have been failing due to timeouts
Test plan:
1) cypress run --spec t/cypress/integration/InfiniteScrollSelect_spec.ts
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test Plan:
1) Place a hold on an item
2) Build the holds queue
3) Check out the item to a different patron than the one
targeted in the holds queue
4) Verify the holds queue viewer still shows that item and patron
5) Apply this patch
6) Repeat stepts 1 through 3
7) Verify the holds queue viewer no longer shows that patron and item!
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Working on bug 31791, I found myself wondering if our current recursive
code in C4::Auth::haspermission() would allow checking AND on
subpermissions.
As it is not documented in the POD or tested, I decided to write some
unit tests for it.
It turned out it was well supported, so I decided to submit the tests,
and a small tweak in the POD to reflect that.
To test:
1. Apply this patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/Auth/haspermission.t
=> SUCCESS: Tests pass! The code supports AND on subpermissions!
3. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds the manage_bookings subpermission check to the
biblios/{biblio_id}/checkouts endpoint and updates the corresponding
unit test too.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds the 'manage_bookings' permission to allow fetching of
checkouts on the API should the user have 'manage_bookings' but not have
'circulate_remaining_permissions'
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This quickly fixes the issue to allowing those who have the
manage_bookings subpermission to also search for users.
It's deliberately bare as I'm keen to subsequently remove it again in
bug 29509 where we will deal with this properly.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test Plan:
1) Set a patron's privacy to "Never"
2) Check out a few items to a patron
3) Check in one item
4) Note the "Print checkin slip" diplays
3) Apply this patch
4) Check in an item
5) Note the option is now missing
6) Set the patron's privacy to "Forever" or "Default"
7) Check in an item
8) Note the print checkins option is back!
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
If a patron anonymizes their checkins, the checkin slip cannot retrieve any info to print the checkin slip. We should not show the button in this scenario
Test Plan:
1) Set a patron's privacy to "Never"
2) Note the "Print checkin slip" option in the Print button on the
patrons toolbar displays
3) Apply this patch
4) Reload the page
5) Note the option is now missing
6) Set the patron's privacy to "Forever" or "Default"
7) Reload the page
8) Note the print checkins option is back!
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
When enabling Elasticsearch authentication in Koha using userinfo
parameter of Search::Elasticsearch, about.pl breaks and gives an
internal server error.
This patch reads the complete Elasticsearch configuration for
about.pl including userinfo causing about.pl to recover.
To test:
1. In Elasticsearch 7 settings, set "xpack.security.enabled: true"
2. Add <userinfo>elastic:password</userinfo> to KOHA_CONF elasticsearch
settings
3. Restart plack and navigate to about.pl
4. Observe internal server error
5. Apply patch
6. Refresh about.pl
7. Observe it working again
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
Add an item to your database that has no barcode.
Run t/db_dependent/Circulation.t
It will fail without this patch, pass with this patch.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
UT is failing in jenkins.
Change to use biblio.copyrightdate instead of bilio.medium
Run prove t/db_dependent/Items/AutomaticItemModificationByAge.t
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
1. APPLY PATCH
2. EnableItemGroups
3. Find a record and add some new item groups with display orders that are different from the order in which the groups were added
4. Check the checkbox next to one or more items and click the link to "Add/move to item group"
5. Ensure display order is correct
6. Now add a new item to the record and scroll down to the dropdown underneath "+ Add to item group"
7. Display order should be correct.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Previously this happened after the fact, automagically, if no price was included in the order record. We should
rather load the Marc price into the order form if we don't have a price form the '...ToOrder' system preferences
To test:
Setup -- Set systempreferences below
MarcFieldsToOrder:
price: 949$g
quantity: 949$k
budget_code: 949$l
discount: 949$m
sort1: 949$n
sort2: 949$q
MarcItemFieldsToOrder:
homebranch: 949$a
holdingbranch: 949$b
itype: 949$y
nonpublic_note: 949$x
public_note: 949$z
loc: 949$c
ccode: 949$8
notforloan: 949$7
uri: 949$u
copyno: 949$t
replacementprice: 949$v
itemcallnumber: 949$o
quantity: 949$k
budget_code: 949$l
Stage the attached bib-303.marcxml file
Add to basket from the staged file
Note that item prices are populated as '6.50' from 949$g
Cancel
Update MarcFieldsToOrder and map price to "020$c"
Add to basket from the staged file
Note the price is not populated, because 020$c contains a dollar sign
Cancel
Apply patch, restart all
Add to basket from the staged file
Note the price is now correctly populated from fallback to GetMarcPrice
Note: GetMarcPrice does some automatic munging, that's why 020$c on it's own doesn't work - this could be done to fields in MarcFieldsToOrder/MarcItemFieldsToOrder but this would be an enhancement.
This bug simply restores the previous behavious, but does it on the front end and is more obvious to the user
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Actually, the module is not even needed anymore here.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds a unit test for error precidence where autorenewals is
involved.
It is not comprehensive however, and I'm a little confused by the logic
around cron vs non-cron handling...
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch changes CanBookBeRenewed so that automatic renewal
errors pop up before other renewal errors. This means that a book
will be considered "auto_too_soon" before things like "too_many" or
"restricted". (Otherwise, you'll get an email saying you can't renew
a book the day after using your last auto renewal, even though the
earliest renewal isn't available until later.)
Test plan:
0. Apply patch
1. prove t/db_dependent/Circulation.t
2. prove t/db_dependent/Holds.t
3. prove t/db_dependent/Koha/Account/Line.t
4. prove t/db_dependent/Koha/Account.t
Additional tests:
5. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=RestrictionBlockRenewing
6. Change to "block"
7. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?tab=&op=search&searchfield=AutoRenewalNotices
8. Change to "according to patron messaging preferences"
9. Go to http://localhost:8081/cgi-bin/koha/admin/smart-rules.pl
10. Set "Automatic renewal" to "Yes" and "No renewal before" to 4
11. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
12. Checkout 39999000001310 with a due date 4 days in the future
13. Add a manual restriction
14. Run `perl ./misc/cronjobs/automatic_renewals.pl`
15. Note that it says something like the following:
Issue id: 1237 for borrower: 51 and item: 73 would not be renewed. (auto_too_soon)
Instead of something like the following:
Issue id: 1237 for borrower: 51 and item: 73 would not be renewed. (restriction)
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>