Installer scripts cannot be run from the UI:
debian/templates/apache-shared-intranet.conf:RewriteRule ^/cgi-bin/koha/(C4|debian|etc|installer/data|install_misc|Koha|misc|selenium|t|test|tmp|xt)/|\.PL$ /notfound [PT]
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
It is not used, if we need it back it must be moved to misc.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
http://localhost:8081/cgi-bin/koha/docs/CAS/CASProxy/examples/proxy_cas.pl
Test plan:
Hit the link
=> Erk
Copy the apache config to /etc/koha/apache-shared-intranet-git.conf
restart_all
Hit the link
=> 404
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
1. Log out
2. Go to /cgi-bin/koha/mainpage.pl#somestring"with<html>char
3. Open the brower's inspector and find "auth_forwarded_hash" input
4. Make sure the value attribute is there and corresponds to the URL's
fragment. It should be URI-encoded.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Fixed some typos in bug numbers and text.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To avoid injection of template toolkit code
from database fields that are controlled by
untrusted sources.
Test plan:
* review subtest 'Template toolkit syntax in
parameters' in t/db_dependent/Letters.t
* Run the unit test:
prove t/db_dependent/Letters.t
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
defer_loading is now a patron_search_js BLOCK param - default on
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
It seems that we loop all categories and item types to build the circ
matrix. We should only loop over values that have actually been used
in circulation rules.
Test Plan:
1) Create 1000 itemtypes and category codes. You can use the following
script:
use t::lib::TestBuilder;
my $builder = t::lib::TestBuilder->new();
$builder->build( { source => 'Category' } ) for 0..1000;
$builder->build( { source => 'Itemtype' } ) for 0..1000;
2) Note the lengthy load time for smart-rules.pl
3) Apply this patch
4) Restart all the things!
5) Reload the page
6) Note the much faster load time!
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
When importing patrons we assume a default of '' for borrower columns not supplied in the file.
When saving we compare the new object we built to the one form the database - for columns are that are not text type we get undef from the db and '' in the object we make. This means we see a difference and log into the BorrowersLog:
"date_renewed" : {
"after" : "",
"before" : null
},
"dateofbirth" : {
"after" : "",
"before" : null
},
"debarred" : {
"after" : "",
"before" : null
},
"flags" : {
"after" : "",
"before" : null
},
"gonenoaddress" : {
"after" : "",
"before" : null
},
"lost" : {
"after" : "",
"before" : null
},
"password_expiration_date" : {
"after" : "",
"before" : null
},
"sms_provider_id" : {
"after" : "",
"before" : null
}
}
This can mean a lot of useless logging in sites that do automated imports
Test Plan:
1) Enable 'BorrowersLog' system preference
2) Import the borrowers file attach do this bug report file, matchig on cardnuber, and overwriting
Contents of the borrowers file are :
surname,firstname,branchcode,categorycode,cardnumber,dateenrolled,patron_attributes,lastseen
Acosta,Ednb,CPL,PT,23529001000463,02/01/2013,,
3) Check the logs, note the modification of columns that have no date
4) Import the file again with the same settings
5) Note the new action log
6) Apply this patch
7) Restart all the things!
8) Import the file again with the same settings
9) Note no new action log was created!
Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
As Emmy stated on comment9, this line is indeed unneeded (and wrong).
A successful cud-insert/cud-save does not come here.
And it is set for add_form, edit_form and duplicate later on.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
If an error occurs while adding new patron, after fixing the error and
hitting save, patron entry page reloads to "Modify patron" section
and error "Patron not found. Return to search" is displayed. But no
patron is saved.
This happens because we declare template param op too early in the
code and it receives value "cud-insert" instead of "add_form" as it should.
To test:
1. Add new patron and cause an error (wrong age etc.).
2. Attempt to save patron, error message is displayed.
3. Fix your errors and attempt to save again.
=> Error message "Patron not found. Return to search" is displayed and new
patron is not saved to database.
4. Apply this patch.
5. Repeat steps from 1 to 3.
=> Saving patron should now work.
=> To be save, test if modifying patron also works as it should.
Sponsored-by: Koha-Suomi Oy
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
These tests highlight the fact that the 'place hold' button visibility in the
search results page **does not** match the 'place hold' button visibility in
the detail page, given the same conditions.
Since that this is a known behavior, these tests should be commented out as they
are failing by design.
prove t/db_dependent/selenium/opac_holds.t
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Tests added to cover different use cases and combinations of circulation rules values for authenticated and unauthenticated users
At the moment, 2 tests are failing, documented on the [DO NOT PUSH] commit.
These 2 failing tests fail for the search results page but pass on the detail page counterpart. Ideally they should match, for consistency sake.
But this may be the use case "details page should be more correct, results page is always an approximation" mentioned by Nick.
More test combinations may be added in the future.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Same chanegs as before, but for MARC and ISBD details pages
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch tries to simplify some of the logic here to match that on the search results. When we don't have a patron, we fallback to determining if an item can be held buy determining whether there are any items that don't have holds disallowed at the all libraries level. We also remove items with non-holdable statuses like withdrawn etc (and check some system preferences)
If we don't have a patron, then we are done, however, if we do, then we need to check each item against the policies related to that patron.
This patch also removes two checks at the end:
CountItemsIssued($biblionumber)
$biblio->has_items_waiting_or_intransit
These seem to be from bug 4319 - however, those rules are checked by IsAvailableForItemLevelRequest and are only relevant when we have a patron. These checks essentially assumed 'onshelfholds' policy of 'If any unavailable' For consistency sake I think we should follow the same logic as the results page.
To test:
1 - Find a record with two items, of different types, set a 'Default checkout, hold and return policy' of 'No holds allowed'
2 - Search opac, not logged in, and verify neither the results page or details page shows the place hold button
3 - Delete that rule, make both items withdrawn
4 - Search opac, not logged in, and verify neither the results page or details page shows the place hold button
5 - Mark one item as not withdrawn
6 - Search opac, not logged in, and verify both the results page or details page shows the place hold button
7 - Log in to opac
8 - Search opac, logged in, and verify both the results page or details page shows the place hold button
9 - Place an 'On shelf holds policy' rule for that patron category of 'If any unavailable'
10 - Search opac, logged in, and verify the results and details page shows the place hold button
11 - Set the other item to not withdrawn
12 - Search opac, logged in, and verify the results page shows the place hold button, but details does not
13 - Try various other scenarios - details page should be more correct, results page is always an approximation
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
We need to set the content type to application/json for the svc scripts
returning json
Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Add some checkouts and load the issues-table
2. Select 'Check in' checkbox for that item and click "Check in selected items"
3. The row becomes read and reads "Unable to check in"
4. Reload the page, the item has actually checked in
5. Try the 'Renew' checkbox and click "Renew selected items"
6. It just spins and spins.
7. Reload the page, the item has actually renewed.
8. APPLY PATCH and restart_all
9. Try the steps again and this time everything should work properly.
10. tests these URLs
http://localhost:8081/cgi-bin/koha/svc/recallhttp://localhost:8080/cgi-bin/koha/svc/club/enrollhttp://localhost:8081/cgi-bin/koha/svc/mana/increment : empty response
Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch updates the cookie consent template logic to always display
the 'Accept essential cookies' button and only expose the 'Accept all
cookies' button when there are additional cookies to accept, i.e. when
JSConsents is populated.
Test plan
1) Enable CookieConsent
2) Note you see 'Accept essential cookies' in both OPAC and Staff client
until you have accepted them
3) Add a cookie to ConsentJS
4) Note that you will now see 'Accept all cookies' as well as the 'Accept
essential cookies' button.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch moves the "More informatin" button outside of the JSConsents
block so that you are able to access the information modal regardless of
whether you have tracking cookies added to your configuration or not.
Test plan
1) Enable CookieConsent
2) Note that the 'More information' button now appears in the footer on
both staff and opac until you have accepted cookies.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds the appropriate table classes to the Popup html
customisation block. This ensure we have proper table display formatting
in the modal on the OPAC.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
The modal is not always about consent, but rather about displaying the
libraries cookie policy. It makes sense to update the heading to reflect
that.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds some default html customisation content for the cookie
consent feature.
Test plan
1) Run through the installer and pick to import the sample news items
2) Confirm that after enabling the CookieConsent preference that the
default content appears in the cookie bar at the bottom of the page
and in the modal that appears after clicking 'More information'
Mentored-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch updates the notices template so that Bootstrap
accordion markup for the notice edit view is generated by WRAPPERs.
To test, apply the patch and go to Tools -> Notices.
- Edit any notice.
- The list of message transport types (Email, Print, SMS) should be
displayed as before: Collapsible panels where clicking the transport
type heading expands the corresponding information.
- Confirm that changes to notices are correctly saved.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch updates the table settings administration page so that
Bootstrap accordion markup is generated by WRAPPERs.
This patch also makes some changes to fix the automatic scroll when a
table configuration button was clicked.
To test, apply the patch and go to Administration -> Table settings.
- The list of modules should be displayed as before: Collapsible panels
where clicking the module name heading expands the corresponding
panel of settings.
- Test that direct links to configurable tables still work correctly:
- Go to Administration -> Libraries.
- Click the "Configure" button at the top of the table of libraries.
- You should be taken to the table settings page.
- The "Administration" panel should be expanded by default.
- You should be scrolled down automatically to the "Libraries"
table.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch updates the patrons requesting modification page so that
Bootstrap accordion markup is generated by WRAPPERs.
To test, apply the patch and make sure you have the OPACPatronDetails
system preference enabled.
- Create at least two different patron modification requests:
- Log in to the OPAC using two different patron accounts, each time
following the sidebar link for "Personal details."
- Make some changes to the patron records and submit them.
- In the staff interface, from the home page, click the "Patrons
requesting modifications" link.
- You should see the list of updates in the same format as before:
Collapsible panels where clicking the patron name heading expands the
corresponding information.
- View the detail or checkout page for one of your updated patrons.
- Click the "Review pending modifications" link.
- The modifications page should open with that patron's information
exapanded.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds Template::Toolkit WRAPPER blocks to html_helpers.inc so
that templates can build Bootstrap accordion components while keeping
the Bootstrap structural markup separate.
Each individual component of a Bootstrap accordion interface is defined:
- Group container
- Collapsible item
- Item heading
- Item content
Included is a usage example:
[ WRAPPER accordion id="accordion container id" ]
[ WRAPPER accordion_item ]
[ WRAPPER accordion_heading panel_id = "panel id" ]
[Clickable panel heading ]
[ END ]
[ WRAPPER accordion_panel panel_id = "panel id" ]
[Expanding content panel]
[ END ]
[ END ]
[ END ]
To test, apply this patch and one of the dependent patches.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
The issue is caused by these lines in circulation.js:
$("#finesholdsissues a[data-toggle='tab']").on("shown.bs.tab", function(e){
$(this).click();
});
When the user clicks on a hidden tab, 'shown.bs.tab' is triggered and
then another click event is triggered. And because the table was loaded
on tab click, it was loaded twice.
Visually it could have caused the rows to be duplicated (it was random,
probably due to timing, network latency, ...)
I don't know why we need to trigger a click in this case, but removing
this will probably break something else, so the fix here is to load the
table on 'shown.bs.tab' event instead of 'click'
This patch also contains a small fix in refreshReturnClaimsTable which
was reloading the table right after the table initialization.
Test plan:
1. Check out an item, and in the checkouts table, click "Claim returned"
2. Open the network tab of your browser's developer tools
3. Click on the "Claims" tab, verify that only one call is made to
svc/return_claims
4. Verify that the claims table is displayed correctly
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch updates the "Order staged MARC records" page so that the
class which is added upon selection is more unique to avoid a collision
with some default DataTables styles. These classes are used in
JavaScript selectors, not for visual style.
The patch also adds some custom CSS variables to global.scss to override
the defaults for the DataTables "selected" style, in case this issue
crops up again.
To test, apply the patch and rebuild the staff interface CSS. Follow the
test plan from the bug report:
1) In system preferences, click Search and then select the Acquisitions
option from the left hand menu
2) Paste the following into MarcFieldsToOrder
price: 975$p
quantity: 975$q
budget_code: 975$h
3) Paste the following into MarcItemFieldsToOrder
homebranch: 949$a
holdingbranch: 949$b
itype: 949$y
nonpublic_note: 949$x
public_note: 949$z
loc: 949$c
ccode: 949$8
notforloan: 949$7
uri: 949$u
copyno: 949$t
price: 949$g
replacementprice: 949$v
itemcallnumber: 949$o
quantity: 949$k
budget_code: 949$l
4) Save the sysprefs
5) Navigate to acquisitions and go into a basket
6) Click "Add to basket" and select "From a new file"
7) Download the file attached to this bug
8) Import the file and when the job is complete click "Add staged files
to basket"
9) Click the checkbox next to the record to display the items.
- The expanded form should look correct.
10) Add one or more items to the order and confirm that submitting the
form works correctly.
To test the new default "selected" DataTables style, view a page with a
DataTable, e.g. Administration -> Libraries.
- Right-click on one of the table rows and choose "Inspect"
- Click the table row element, e.g. '<tr class="odd">'
- Double-click the class name and replace it with "selected."
- The row you inspected should now have a pale green background and text
colors should remain the same.
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Addressing the warning:
illrequestattributes is DEPRECATED in favor of extended_attributes
No functional behaviour change here
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan, k-t-d:
1) Install FreeForm and BLDSS backends, run:
bash <(curl -s https://raw.githubusercontent.com/ammopt/koha-ill-dev/master/start-ill-dev-plus.sh)
2) Set ILLModuleDisclaimerByType system preference , visit:
/cgi-bin/koha/admin/preferences.pl?tab=interlibrary_loans#interlibrary_loans_Workflow
3) Copy the example code, click the 'Click to edit' link to open the text area, and paste the example yaml:
all:
text: |
<h2>HTML title</h2>
<p>This is an HTML paragraph</p>
<p>This is another HTML paragraph</p>
av_category_code: YES_NO
article:
text: copyright text for all article type requests
av_category_code: YES_NO
bypass: 1
4) Create a new FreeForm request, visit:
/cgi-bin/koha/ill/ill-requests.pl?method=create&backend=FreeForm
5) Set type 'Book', put'9780822370451' in ISBN, put '42' in the cardnumber, and pick a library
6) You should now be in the type disclaimer stage, click 'Submit'
7) Notice the disclaimer value and date are displayed under 'Details from supplier'
8) Click the top 'Switch provider' button and pick BLDSS
9) You should get one result, click the 'Request BLL01018665793' link to finish the migration
10) You should now be in the ILL table, click the request that was just migrated to BLDSS
11) Notice the type disclaimer information is no longer visible
12) Apply patch, restart plack: koha-plack --restart kohadev
13) Refresh the BLDSS request, the information should now be visible in the 'Request details' section
Signed-off-by: Richard Bridgen <richard.bridgen@nhs.net>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
In commit f1078daf8f
Bug 34219: Allow getAll to receive additional URL parameters
We needed to call getAll instead of get to fetch all the vendors
Test plan:
Have more than 20 vendors and create/edit an agreement.
Notice that the vendor list contains all the vendors
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Matthias Le Gac <matthias.le-gac@inlibro.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>