Commit graph

8941 commits

Author SHA1 Message Date
834bff6317
Bug 35950: Move AddReturn call into circulation.pl
There should be no change in beahavior. Following the test plan from Bug 35840.

To test:
1. APPLY PATCH, restart_all
2. Turn on RecordLocalUseOnReturn
3. Create a Statistical patron.
4. Check an item out to a regular patron.
5. Check the item out to a Statistical patron.
6. This should trigger a return and you will see 2 entries in the statistics table, one for localuse and one for a return.
7. Try checking out an item to the Stats patron that is NOT checked out.
8. You should only see 1 entry, localuse, in the statistics table.

Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-08 18:58:25 +01:00
e0554260c7
Bug 35840: (QA follow-up) Tidy and critic fix
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-08 18:58:25 +01:00
ffc722554e
Bug 35840: Add option to AddReturn to skip recording of localuse
To test:
1. APPLY PATCH, restart_all
2. Turn on RecordLocalUseOnReturn
3. Create a Statistical patron.
4. Check an item out to a regular patron.
5. Check the item out to a Statistical patron.
6. This should trigger a return and you will see 2 entries in the statistics table, one for localuse and one for a return.
7. Try checking out an item to the Stats patron that is NOT checked out.
8. You should only see 1 entry, localuse, in the statistics table.

Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-08 18:58:24 +01:00
0eced80866
Bug 35357: Remove item from holds queue when it is checked out
Test Plan:
1) Place a hold on an item
2) Build the holds queue
3) Check out the item to a different patron than the one
   targeted in the holds queue
4) Verify the holds queue viewer still shows that item and patron
5) Apply this patch
6) Repeat stepts 1 through 3
7) Verify the holds queue viewer no longer shows that patron and item!

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-07 17:35:41 +01:00
aa1049fdd3
Bug 36056: Clarify subpermissions AND behavior
Working on bug 31791, I found myself wondering if our current recursive
code in C4::Auth::haspermission() would allow checking AND on
subpermissions.

As it is not documented in the POD or tested, I decided to write some
unit tests for it.

It turned out it was well supported, so I decided to submit the tests,
and a small tweak in the POD to reflect that.

To test:
1. Apply this patch
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/Auth/haspermission.t
=> SUCCESS: Tests pass! The code supports AND on subpermissions!
3. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-07 17:35:40 +01:00
8413b37679
Bug 36212: Add check on barcode before searching items
Test plan:
Add an item to your database that has no barcode.
Run t/db_dependent/Circulation.t
It will fail without this patch, pass with this patch.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-07 17:35:35 +01:00
5d7a9395fb
Bug 31427: Get auto renewal errors before other renewal errors
This patch changes CanBookBeRenewed so that automatic renewal
errors pop up before other renewal errors. This means that a book
will be considered "auto_too_soon" before things like "too_many" or
"restricted". (Otherwise, you'll get an email saying you can't renew
a book the day after using your last auto renewal, even though the
earliest renewal isn't available until later.)

Test plan:
0. Apply patch
1. prove t/db_dependent/Circulation.t
2. prove t/db_dependent/Holds.t
3. prove t/db_dependent/Koha/Account/Line.t
4. prove t/db_dependent/Koha/Account.t

Additional tests:
5. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=RestrictionBlockRenewing
6. Change to "block"
7. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?tab=&op=search&searchfield=AutoRenewalNotices
8. Change to "according to patron messaging preferences"
9. Go to http://localhost:8081/cgi-bin/koha/admin/smart-rules.pl
10. Set "Automatic renewal" to "Yes" and "No renewal before" to 4
11. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
12. Checkout 39999000001310 with a due date 4 days in the future
13. Add a manual restriction
14. Run `perl ./misc/cronjobs/automatic_renewals.pl`
15. Note that it says something like the following:
Issue id: 1237 for borrower: 51 and item: 73 would not be renewed. (auto_too_soon)

Instead of something like the following:
Issue id: 1237 for borrower: 51 and item: 73 would not be renewed. (restriction)

Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-03-07 16:36:43 +01:00
92d7b5e86c
Bug 36148: Do not deal with CSRF error in get_template_and_user
We deal with that in the middleware, we don't want 403.pl to early exit.
If we notice that we actually need it (for other scripts), we could
eventually add a new flag to get_template_and_user to skip the CSRF check,
or build the template without using get_template_and_user for errors/*
scripts.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:01:07 +01:00
462d170c8e
Bug 36148: Improve error handling and restore programming errors
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:01:06 +01:00
4bd4b367dd
Bug 36148: Move CSRF check to a Plack middleware
The easiest here is to not empty 'op' but instead redirect to an error
page.

Minor changes: to keep the patch simple it removed the 'dev only' error and
display the error for non-dev installs. It should not be a problem
anyway and will prevent errors to be hidden in the log.
We could make KOHA_ERROR an arrayref, but later (we don't need it now
anyway).

Note that the OPAC still not benefit from a friendly specific error for
invalid token.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:01:03 +01:00
0fe82b601b
Bug 36084: Add CSRF token support to svc/authentication
GET svc/authentication will return a CSRF token in a response header

POST svc/authentication requires a CSRF token which can be sourced
from the response header of GET svc/authentication or some other
place like the meta element on a HTML page

Note: misc/migration_tools/koha-svc.pl is a simple script which
can be used to practically evaluate svc/authentication and svc/bib

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:51 +01:00
c6c8b66b74
Bug 36084: C4::Auth+plack.psgi for svc?
Suggestion to move the CSRF check to CGI->new so that we will check it
for every request, and it will cover svc scripts as well (they are not
using get_template_and_user).

The token will be retrieve from the param list *or the csrf_token
header* (do we want to name it x-koha-csrf-token instead?).

This will be done for *every* request that are not GET: CSRF token is now
required everywhere CGI is used (side-effects possible?).

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:39 +01:00
a44a01aaf3
Bug 36102: Fix expired session on the login page of the installer (?)
I *think* this change fixes a bug when starting the installer with an
expired session. I am no longer able to reproduce the problem however.

Just skip if it does not make sense.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:35 +01:00
919d0d4c02
Bug 36102: Generate a new sessionID if the existing one is invalid
If the cookie contain an expired sessionID we need to create another
one to correctly generate the CSRF token.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:33 +01:00
5b82d61477
Bug 36102: (follow-up) Add cud-login to the login form
Hum this didn't make sense. We are not checking credentials after
checkauth.

This patch is suggesting to rename "userid" and "password" parameters
from login forms to "login_userid" and "login_password" to not interfere
with other parameters with the same name.

This looks quite correct, however I am seeing
  "The form submission failed (Wrong CSRF token)."
in the log after a successful login. Which feels wrong, what's
happening?

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:31 +01:00
8f5782cf70
Bug 36102: Do not keep op and csrf_token in param list after login - OPAC
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:30 +01:00
fabbd8f940
Bug 36102: Use Koha::Session from C4::InstallAuth
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:28 +01:00
88797c54b0
Bug 36102: Add cud-login to the login form
TODO This needs to be covered by tests.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:27 +01:00
ff4b63d5c5
Bug 34478: Add cud to updatestructure
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 11:00:22 +01:00
e4c7f15c3f
Bug 34478: Log if CSRF is wrong (debug)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:51 +01:00
918fbc24f7
Bug 34478: Display programming errors in case plack.psgi caught something suspicious
It will help developpers to debug the problematic places.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:16 +01:00
4e1372b77c
Bug 34478: op =~ ^cud-
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:05 +01:00
bf9830d354
Bug 34478: op-cud - Trick CGI directly
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:04 +01:00
77e3b58eee
Bug 34478: op-cud - Adjust C4::Auth code
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:02 +01:00
348dbb1594
Bug 34478: Move C4::Auth check
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:02 +01:00
314fe71ff8
Bug 34478: Remove check_csrf from pl files
We should no longer need to check CSRF token from pl files

TODO - there is a change for some files where we returned 403

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:01 +01:00
a0dcce9ce1
Bug 34478: Check CSRF in get_template_and_user
Not sure this is the right place in get_template_and_user
Will have to test login and 2FA

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:56:00 +01:00
0e6537d199
Bug 36098: Add Koha::Session module to ease session handling
This patch adds a Koha::Session module that makes it easier
to work with Koha sessions without needing the full C4::Auth module.

Test plan:
0. Apply the patch
1. Run the following unit tests:
prove ./t/db_dependent/Auth.t
prove ./t/db_dependent/Auth_with_cas.t
prove ./t/db_dependent/Koha/Session.t
2. Observe that they all pass

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:55:30 +01:00
7d95c64048
Bug 36092: Pass sessionID at the end of get_template_and_user
It seems safer to pass the logged in user and session info at the end of
the sub.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:55:28 +01:00
3a053ebdf9
Bug 36092: Pass the sessionID from checkauth if we hit auth
If we hit the auth page we were not passing sessionID to the template

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:55:27 +01:00
c0d5013f2e
Bug 35918: Fix auto library connect (AutoLocation)
This code is a bit weird, its purpose it to auto select the library depending on the IP.
A problem appears if the same IP is used, then the user's choice will
might be overwritten randomly by another library.

To recreate the problem:
Turn on AutoLocation
Use koha/koha @CPL for test
And the following config:
*************************** 1. row ***************************
branchcode: CPL
branchname: Centerville
  branchip: 172.18.0.1
*************************** 2. row ***************************
branchcode: FFL
branchname: Fairfield
  branchip: 172.18.0.1
*************************** 3. row ***************************
branchcode: FPL
branchname: Fairview
  branchip: 172.18.0.4

Connect and select CPL. Randomly FFL will be picked instead.

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested this on top of 35890 and 35904 because git bz said they were required dependencies.
Figured out the IP Koha was seeing me as coming from in /var/log/koha/kohadev/plack.log.
Added that IP to the branchip for Centerville, Fairfield and Fairview. Set AutoLocation = Yes.
After this I could recreate the problem: If i left the "Library" field in the login screen
at "My Library" I got logged into a random library selected from the three i had set
branchip for. Applying the patches fixed this, as expected.
Tests pass, with AutoLocation off.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:55:26 +01:00
e59623bfc2
Bug 35890: Reject login if IP is not valid
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:55:23 +01:00
8fb9b814aa
Bug 35904: (QA follow-up): tidy up code
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:55:22 +01:00
a82772d7ec
Bug 35904: Make C4::Auth::checkauth testable easily
This patch suggests to add a new flag do_not_print to
C4::Auth::checkauth to not print the headers and allow to test this
subroutine more easily.

We do no longer need to mock safe_exit and redirect STDOUT to test its
return values.

There are still 3 left:
1.
733         # checkauth will redirect and safe_exit if not authenticated and not authorized
=> Better to keep this one, not trivial to replace

2.
806         # This will fail on permissions
This should be replaced but testing $template->{VARS}->{nopermission}
fails, I dont' think the comment is better.

3.
828         # Patron does not have the borrowers permission
Same as 2.

2. and 3. should be investigated a bit more.

This patch also move duplicated code to set patron's password to a
subroutine set_weak_password.

Test plan:
Read the code and confirm that everything makes sense.
QA: Do you have a better way for this? Yes it's dirty!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:55:21 +01:00
16a648e9ca
Bug 35904: Remove var loggedin
It is never used and add confusion

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-03-01 10:55:21 +01:00
Andreas Jonsson
5f9e9e5df2
Bug 36034: (bug 34893 follow-up) fix capture of return values from checkpw
Adapt code to the change of return value type of checkpw
introduced in bug 34893

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-02-14 10:27:47 +00:00
12b6c0e67d
Bug 34893: Unit tests for C4::Auth::checkpw
This patch introduces some tests on the current (and new) behavior for
the `checkpw` function.

I needed it to better understand if an edge case was actually possible
(it wasn't).

Found a really minor annoyance for the internal check with expired
password not returning the $patron object for consistency with the other
use cases.

I think this method deserves (at least) changing the return value to a
sane data structure. But that's not target for backporting to stable
releases. So a separate bug.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-02-02 17:31:48 +01:00
2b54d3c82b
Bug 34893: (QA follow-up) Tidy code for qa script
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-02-02 17:31:47 +01:00
c1b94fc011
Bug 34893: ILS-DI can return the wrong patron for AuthenticatePatron
Imagine we have a set of users. Some of those users have a NULL userid. We then call AuthenticatePatron from ILS-DI for a patron with a NULL userid, but a valid cardnumber. We call checkpw, which returns the cardnumber and userid. We then call Koha::Patrons->find on the userid *which is null*, meaning the borrowernumber returned is not the correct one, but instead the earliest patron inserted into the database that has a NULL userid.

Test Plan:
1) Give three patrons a userid and a password
2) From the database cli, set all patrons's userid to null
   Run this query: update borrowers set userid = null;
3) Call AuthenticatePatron with username being the 1st patron cardnumber,
   and password being the password you set for that patron
   http://localhost:8080/cgi-bin/koha/ilsdi.pl?service=AuthenticatePatron&username=kohacard&password=koha
4) Note you get back a borrowernumber for a different patron. Refresh the page and the number is correct.
5) Do the same with the 2nd patron. Same issue at 1st and correct number after.
6) Apply this patch
7) Restart all the things!
8) Do the same with the 3rd patron.
9) Note you get the correct borrowernumber! :D
10) prove t/Auth.t t/db_dependent/Auth_with_ldap.t t/Auth_with_shibboleth.t t/db_dependent/Auth_with_cas.t

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-02-02 17:31:46 +01:00
137376ab4b
Bug 18397: Add message delivery details to the notices tab
This patch adds further delivery details to the notices tab in patron
details in the staff client.

Once a message is sent, we display the 'from:', 'to:' and 'cc:'
addresses in the 'Delivery note' column when they exist.

Test plan
1. Enable KTD to send email [1] (without email configured the
   delivery note displayed "Unhandled email failure, check the logs for
   further details").

2. Add email addresses to two patrons and to KohaAdminEmailAddress,
   and run misc/cronjobs/process_message_queue.pl after generating
   notices.

3. For the two patrons with email addresses, make one a guarantor.

4. Sent Welcome messages (Patron account > More > Send welcome email) -
   nothing in delivery note column.

5. Checkout out an item to the guarantee (item checkout email enabled) -
   nothing in delivery note column.

6. Send the notices by running misc/cronjobs/process_message_queue.pl
   again.

7. Now the 'Delivery note' columns should contain from:, to: and cc:
   address details.

[1] Option 1 - smpt-sink (aka the sandboxes way)
    - Install the postfix package inside ktd (sudo apt install postfix)
      When asked in the wizard, I named mine 'local'
    - Start smpt-sink with
      `nohup smtp-sink -u root -D mail 127.0.0.1:25 100 </dev/null >/dev/null 2>&1 &`

    Option 2 - To test sending emails using a Google account:
    - Set up an App password for your Google Account
    - Edit /etc/koha/sites/kohadev/koha-conf.xml file and add this
      configuration near the end (where <user_name> = your Google email
      address; <password> = your APP password, not your Google account
      password):

      <smtp_server>
        <host>smtp.gmail.com</host>
        <port>587</port>
        <timeout>5</timeout>
        <ssl_mode>STARTTLS</ssl_mode>
        <user_name>GOOGLEACCOUNTUSER</user_name>
        <password>GOOGLEAPPPASSWORD</password>
        <debug>1</debug>
      </smtp_server>

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-31 14:44:42 +01:00
3385142d7c
Bug 35490: Remove GetMarcItem from C4::Biblio module
Test plan:
Compile module, run qa tools.
Search for the use of C4::Items in C4/Biblio.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-31 14:44:40 +01:00
cb7921d8d0
Bug 35833: Silence few warnings from searching
Resolve:
[2024/01/18 11:31:24] [WARN] Use of uninitialized value $hits in numeric eq (==) at /usr/share/koha/opac/opac-search.pl line 612.
[2024/01/18 11:31:24] [WARN] Use of uninitialized value $times in subtraction (-) at /usr/share/koha/C4/Search.pm line 1715.

Test plan:
Look for a few search expressions without results.
Check log without and with patch.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-29 12:24:58 +01:00
857d8f4d82
Bug 35833: Fix warnings from C4/Koha
[2024/01/18 11:52:40] [WARN] Argument " " isn't numeric in numeric eq (==) at /usr/share/koha/C4/Koha.pm line 600.
[2024/01/18 11:52:40] [WARN] Argument " " isn't numeric in numeric eq (==) at /usr/share/koha/C4/Koha.pm line 659.

Note: According to the code in MARC::Field the indicator returned cannot be undef. So we do not return new
uninitialized warnings.

Test plan:
Check your log before and after patch.
Possibly you may need to create a record with spaces as field indicators.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-29 12:24:58 +01:00
0c96e57b0c
Bug 34913: Fix perlcritic for VirtualShelves.pm
C4/Utils/DataTables/VirtualShelves.pm: "@order_by" is declared but not used at line 86, column 9.  Unused variables clutter code and make it harder to read.  (Severity: 3)

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-29 12:24:54 +01:00
bb7fc5025b
Bug 35461: Fix function call parameters causing the HASH to show in the renew all responses
"Renew All" -function aka. 65-66-messages work like this: 66-return messages has renewed items in BM-fields and non-renewables go into BN-fields.

If all items were renewable, then the reply message looks like:

Reply:
13.07.2022 10:06:17:530 OUTESTI1 6610005000020220713 100616AOOUPK|BM564N15977171|BM564N09203960|BM564N23261720|BM564N25161958|BM564N23455012|C4::SIP::SIPServer=HASHC4::SIP::SIPServer=HASHAY6AZCEFE

If items include renewables and non-renewables, the response includes the renewed  items first, then a HASH mixed into the first BN-field, then rest of the renewed ones like they should show in BN-fields and after that, anohter HASH:

13.07.2022 14:41:32:610 OUTESTI1 6610003000420220713 144130AOOUPK|BM564N23455012|BM564N23261720|BM564N25161958|C4::SIP::SIPServer=HASHBN564N09203960|BN564N04191259|BN564N15977171|BN564N13788332|C4::SIP::SIPServer=HASHAY8AZC7C5

If all loans were unrenewable (this test included just one item), you first get a HASH in a BN-field, and another at the end.

13.07.2022 14:49:00:037 OUTESTI1 6610000000120220713 144858AOOUPK|C4::SIP::SIPServer=HASHBN564N19874533|C4::SIP::SIPServer=HASHAY9AZDD3B

Our self checkout/checkin machine can handle/parse these reply messages correctly, but this might not be the case with all self checkout/checkin devices.

Test Plan:
1) Unit test patch
2) prove t/db_dependent/SIP/Message.t
3) Note failures
4) Apply this patch
5) prove t/db_dependent/SIP/Message.t
6) Tests pass!

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: lmstrand <lmstrand@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-26 15:13:57 +01:00
4e480d48f6
Bug 32029: Automatic item modifications by age add biblio table
In automatic item modifications by age missing,
conditions can be on columns of tables items or biblioitems.
Table biblio is missing.

Test plan :
1) Create an automatic item modifications by age with a condition on a column of biblio table
2) Create a record and item matching the rule
3) Run misc/cronjobs/automatic_item_modification_by_age.pl -c -v
=> Check only matching items are impacted

Signed-off-by: Philip Orr <philip.orr@lmscloud.de>

Bug 32029: (follow-up) unit test

Signed-off-by: matthias le gac <matthias.le-gac@inlibro.com>

Bug 32029: (follow-up) tidy

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-26 15:13:50 +01:00
Janik Hilser
6341d520ac
Bug 29930: Cardnumber incorrectly set to userid on LDAP auth if cardnumber not mapped
In the sub the userId was given, but the cardnumber was expected, therefore at every login the cardnumber changed to the userId.

To test:
1. Login to the OPAC with an LDAP account that has a cardnumber which is different to the userId
2. Check the patron record's cardnumber.
3. The cardnumber should equal to the userId
4. Apply the patch.
5. Login to the OPAC with an LDAP account that has a cardnumber which is different to the userId
6. Check the patron record's cardnumber.
7. The cardnumber should be the same as before

Signed-off-by: Alexander Wagner <alexander.wagner@desy.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Extra test plan:
1. Apply the regression tests
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/Auth_with_ldap.t
=> FAIL: Tests fail! 'cardnumber' incorrectly overwritten
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests now pass!
5. Sign off :-D

Signed-off-by: Alexander Wagner <alexander.wagner@desy.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-26 15:13:49 +01:00
99eb44c6c3
Bug 34913: Adjust C4::Utils::DataTables::VirtualShelves
And remove C4::Utils::DataTables, which should no longer be reused
anyway.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-26 15:13:42 +01:00
9b10f69ee3
Bug 35322: Fix the logic for checking for holds in CanBookBeIssued
We are having reports that AllowItemsOnHoldCheckoutSCO and AllowItemsOnHoldCheckoutSIP no longer work. It appreas that in CanBookBeIssued, the ignore reserves check was changed from "check reserves unless the ignore reserves flag was passed" to "check reserves unless the ignore reserves flag was passed *and* we have a recall". I think this was a logic mistake and we want to check reserves unless we have an ignore flag *or* there is a recall.

Test Plan:
1) Enable AllowItemsOnHoldCheckoutSCO
2) Place a hold on an item
3) Attempt to check that item out to another patron
4) Note the checkout is blocked
5) Apply this patch
6) Restart all the things!
7) Attempt the checkout again
8) The checkout now succeeds!

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-16 12:06:13 +01:00
Laura Escamilla
122f29cd8f
Bug 34950: Add availability statuses for in transit and on hold items.
To test:
1. Enable the ILS-DI system preference.
2. Place a hold for a patron and put it in transit.
   Place another hold for a patron that is available for pickup at the local branch.
   And then select an item that is available for checkout but don’t change the status for it.
3. Go to your testing OPAC and make an ILS-DI “Get Availability” call using
   the item ids of the three items you worked with in step 2.
   (i.e. http://localhost:8080/cgi-bin/koha/ilsdi.pl?service=GetAvailability&id=321+323+214&id_type=item)
4. Notice that the availability status for all three items is showing as available.
   The item in transit and the item with a local hold should have a status
   of not available and a message of why they are not available.
5. Apply the patch
6. Use restart_all.
7. Refresh the page and notice that the statuses are now correct.
   The item in transit has a status of not available and an availability
   message of “In transit”.
   The item with the local hold has an availability status of not
   available with an availability message of “On hold”.
   Finally the available item is correctly showing up as available.
8. Sign off and have a wonderful day. :)

Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-01-16 12:06:12 +01:00