Commit graph

55057 commits

Author SHA1 Message Date
Phil Ringnalda
66eabead5f
Bug 37979: Toggling item circulation alerts table cells needs to send csrf_token
When you click on a cell in the Item circulation alerts table, the page sends
a POST to /cgi-bin/koha/admin/item_circulation_alerts.pl without including a
csrf_token, which gets back a 403 error because that's sketchy behavior. It
needs to include the token.

Test plan:
1. Administration - Item circulation alerts
2. Open the browser devtools to the console
3. Click on any green table cell
4. It should have turned red, but instead your console turned red with a 403
5. Apply patch, reload
6. Click on any green table cell, it will turn red

Sponsored-by: Chetco Community Public Library

https://bugs.koha-community.org/show_bug.cgi?id=37959
Signed-off-by: Jan Kissig <jkissig@th-wildau.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 18:00:31 +02:00
4c89e69821
Bug 23685: Capitalization fixes in system preference descriptions
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 18:00:31 +02:00
18c889c402
Bug 23685: DBRev 24.06.00.031
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 18:00:30 +02:00
46506c755d
Bug 23685: (follow-up) Control ODS exporting
The pref ReportsExportFormatODS should be true for exporting
to ODS in Reporting.

Test plan:
Set pref to false value.
Check if option is no longer available on report's Download menu.
Manipulate URL with op=export&format=ods. No data expected.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 18:00:29 +02:00
323863ba14
Bug 23685: (follow-up) Add export limit for guided reports
Test plan:
Set pref ReportsExportLimit to some positive integer.
Test if exporting a report respects that limit.
Run t/db_dependent/Koha/Reports.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 18:00:29 +02:00
e95b32a21a
Bug 23685: (follow-up) Add prefs to Administration form
Test plan:
Edit both prefs.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 18:00:28 +02:00
073de2c2ea
Bug 23685: (follow-up) Dbrev for new preferences
Test plan:
Run updatedatabase.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 18:00:28 +02:00
Aleisha Amohia
2bf41eb65d
Bug 23685: Don't store ODS content in a variable to save memory
Just attaching this to start.

Sponsored-by: Waikato Institute of Technology

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 18:00:27 +02:00
c8869aea1c
Bug 37824: remove references to non-existent files in Makefile.PL
to test...

0/ install debhelper tool

1/ run 'DEB_BUILD_OPTIONS=nocheck dh build', observe failure
    make: *** No rule to make target 'koha-tmpl/intranet-tmpl/prog/js/vue/dist/erm.js.LICENSE.txt', needed by 'pm_to_blib'.  Stop.
    dh_auto_build: error: make -j1 returned exit code 2

2/ apply patch

3/ run 'DEB_BUILD_OPTIONS=nocheck dh build', observe success

Signed-off-by: Blou <blou@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-27 15:58:35 +02:00
b4054dbb15
Bug 37812: (QA follow-up) Add watchers for warning and confirmation prop and initialise modals with bootstrap methods on changes in Dialog.vue
- Use more targeted selectors in cypress tests Trains.ts, WaitingList.ts.
- Await result of accept_callback, then close modal.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-20 09:16:04 +01:00
d09ef98b85
Bug 37812: (QA follow-up) Prevent cypress test failures by correcting modal selector, removing ambiguity of contains calls, replace by get with respective ids
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-20 09:15:54 +01:00
a5702bb71a
Bug 37812: (QA follow-up) Prevent cypress test failure by adjusting selector in DataProviders_spec.ts
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-20 09:15:51 +01:00
97facdd001
Bug 37812: (QA follow-up) Prevent lots of cypress test failures by reinserting 'confirmation' class on modal header
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-20 09:15:45 +01:00
fa1b95ebf6
Bug 37955: Fix table's 'configure' button to open correct column settings
This patch updates markup and JS code on the table settings page so that
clicking a table's "configure" button will open the right panel and
scroll you to the correct table.

The patch also overrides Bootstrap's default table caption positioning
so that captions are above the table instead of below them.
Unfortunately this property isn't in Bootstrap's _variables.

To test, apply the patch and rebuild the staff interface CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_interface).

- Find a table in the staff interface which has a "Configure" button,
  e.g. Administration -> Libraries.
- Click the "Configure" button.
- When you arrive at the table settings page the correct panel should be
  expanded (in this example, Administration), and the page should scroll
  to the correct table (in this example, libraries).
  - The table caption ("Table id: libraries") should appear before the
    table instead of after.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:50:50 +01:00
7cd31e98e0
Bug 37898: Wrap some ERM api tests inside a transaction
Trivial ones.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:50:20 +01:00
979d1cb2c5
Bug 37898: Wrap Patroncards.t inside a transaction
This tests leave data on the DB and need to be fixed. This patch does
that.

To test:
1. Run:
   $ ktd --shell
  k$ echo "SELECT COUNT(*) FROM creator_layouts \G" | koha-mysql kohadev
2. Run:
  k$ prove t/db_dependent/Patroncards.t
=> SUCCESS: Tests pass
3. Repeat 1
=> FAIL: Numbers don't match the original ones!
4. Apply this patch
5. Repeat 2 and 3
=> SUCCESS: Tests still pass!
=> SUCCESS: Numbers match!
6. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:50:20 +01:00
be0931fdf7
Bug 37898: Wrap Relationships.t inside a transaction
This tests leave data on the DB and need to be fixed. This patch does
that.

To test:
1. Run:
   $ ktd --shell
  k$ echo "SELECT COUNT(*) FROM borrowers \G" | koha-mysql kohadev
  k$ echo "SELECT COUNT(*) FROM borrower_relationships \G" | koha-mysql kohadev
2. Run:
  k$ prove t/db_dependent/Patron/Relationships.t
=> SUCCESS: Tests pass
3. Repeat 1
=> FAIL: Numbers don't match the original ones!
4. Apply this patch
5. Repeat 2 and 3
=> SUCCESS: Tests still pass!
=> SUCCESS: Numbers match!
6. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:50:20 +01:00
e052614d7f
Bug 37898: Wrap labels tests inside transactions
This tests are written in a way that the cleanup is done explicitly. So
I found no evidence of them leaving the database dirty. But it felt
worth wrapping anyway, because any dev adding something could easily
introduce new data inadvertedly.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:50:19 +01:00
b41fa9b487
Bug 37898: Wrap Indexer.t inside a transaction
This tests leave new data on the DB. This patch fixes it.

To test:
1. Run:
   $ ktd --shell
  k$ echo "SELECT COUNT(*) FROM biblio \G" | koha-mysql kohadev
2. Run:
  k$ prove t/db_dependent/Koha/SearchEngine/Elasticsearch/Indexer.t
=> SUCCESS: Tests pass
3. Repeat 1
=> FAIL: Biblio count raised
4. Apply this patch
5. Repeat 2 and 3
=> SUCCESS: Tests pass
=> SUCCESS: Biblio count remains
6. Sign off :-D

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:50:19 +01:00
1e3d24e058
Bug 37330: (bug 33526 follow-up) Fix display of cover images for items
The id has been modified by bug 33526. We can simply pass the table
element however.

Test plan:
Have some cover images at item level and notice that they are correctly
displayed on the bibliographic record detail page.

Note that the slider does not work correctly. If you click on the dot
(so if you have several images for an item) the scrollbar is going to
hit the top of the page and the image won't change.
Could be reported separately if not done yet.

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:45:07 +01:00
Adolfo Rodríguez
326c0156f4
Bug 37840: Fix item status in the Intranet detail page when the item has a item type not for loan
When the item type is not for loan, the item status must be "Not for loan". Now in the Intranet status is Available while in the OPAC it's Not for loan.

Test plan:
1 Define an item type as "Not for loan"
2 Add or edit an item so that its item type is "Not for loan"
3 Check that the status in the Intranet detail page shows Available while the OPAC detail page shows "Not for loan"
4 Apply patch, restart services
5 Check that the status is now "Not for loan" in both Intranet and OPAC

Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:44:12 +01:00
3615baf92f
Bug 35100: (follow-up) Tidy
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:41:58 +01:00
edf978668a
Bug 35100: (follow-up) Fix test
Previous patches changed the return values, just needed to update expectations

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:41:55 +01:00
bcb4ac59d4
Bug 35100: Revert change to request_transfer
This patch reverts the change to request_transfer, opting to tackle the
StockRotationAdvance requirement to stay in place in ModItemTransfer
itself.

We also add a FIXME to RotatingCollections.. I'll look to removing that
on another bug to reduce the scope of this one.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:41:53 +01:00
d64a206a25
Bug 35100: Various fixes
1) Don't automagically always set a transfer to in transit on checkin..
   wait for the user to actually confirm that's the case
2) New transfers triggered by a hold should take precidence, so hide
   transfers for any other reason from display
3) Update get_transfer and get_transfers to ensure ordering isn't lost
   when prefetch is used and add tests for this

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:41:50 +01:00
118bd153e2
Bug 35100: Prevent StockrotationAdvance transfers from being cancelled
ModItemTransfer is still very heavy handed and outright overrules
existing transfers in the queue.

For StockrotationAdvance transfers it's important that they remain in
the queue to get actioned later, even if a higher precident transfer is
actions in the interim.

This patch adds a clause to the cancellation call within
request_transfer such that StockrationAdvance transfers are left in tact
for the next time the item is checked in.

Test plan
1) Item is added to stock rotation
2) The cronjob creates a 'StockRotationAdvance' transfer
3) The item is checked in, which initiates the transfer, however, a hold is triggered
4) The hold is confirmed, which replaces the StockRotationAdvance
5) The item is checked out
6) The item is checked in, which initiates the transfer again
7) The item is checked in at it's destination and the StockrotationAdvance transfer
   has the proper date arrived date set.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:41:47 +01:00
08cecd6c6f
Bug 35100: Unit tests
This patch adds a unit test to ensure StockrotationAdvance transfers are
not cancelled from request_transfer when called with 'replace'.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:41:42 +01:00
5b8cb21fb9
Bug 37812: Fix a modal in the ERM module
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:40:11 +01:00
3ecfeeb3e9
Bug 37812: Prevent initialisation failure by using modal methods, not plain show, hide
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:40:11 +01:00
b28201d7f8
Bug 37812: Prevent non-functional close buttons by using vue event handlers
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:40:11 +01:00
951ad25ac8
Bug 37812: Improve consistency of modal styling in Dialog.vue
- Use modal-header for content, modal-footer for acknowledgement in alert type modal.
- Conditionally render modal-body if message or inputs available.
- Use modal footer for interactions and hide top border if body wasn't rendered.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:40:10 +01:00
4000890c88
Bug 37812: Prevent "underflow" when using comboboxes in bootstrap modals
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:40:10 +01:00
f2f2ecaeef
Bug 37812: Adjust Dialog.vue component
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:40:10 +01:00
a2782f9146
Bug 37812: Adjust modals from the Preservation module - bootstrap5
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:40:10 +01:00
d785fb1c1e
Bug 37775: Spelling and tidy
Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:39:14 +01:00
dba9dd4053
Bug 37775: Remove delayed commits from update_totalissues.pl and add progress option
This patch removes setting AutoCommit to 0 and commiting only every X records.
Instead we commit as we go and report progress using a parameter.

Bug 36474 reduced the numebr of changes that are being committed, so this should be a reasonable change. The
use of commits without transactions was causing problems if the library was active while the script ran.

To test:
1 - perl misc/cronjobs/update_totalissues.pl -c
2 - Script runs, but with unknown parameter
3 - perl misc/cronjobs/update_totalissues.pl -p 10
4 - Script runs and reports every 10 records
5 - per; misc/cronjobs/update_totalissues.pl
6 - Script runs and reports every 100 records by default

Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:39:14 +01:00
d7b36d7f69
Bug 36474: Don't update records when total issues has not changed
This patch adds a new check in UpdateTotalIssues to check that we are changing the number
of total issues before calling ModBiblio

To test:
0 - Enable CataloguingLog
1 - Checkout an item
2 - Run : misc/cronjobs/update_totalissues.pl --use-stats --commit=1000 -v
3 - In report, note all biblios were updated
4 - Check action_logs - note a new entry for every biblio
5 - Apply patch
6 - Repeat
7 - Note no biblios reported updated
8 - Note no new cataloguing log entries
9 - Checkout the item again
10 - Run again
11 - Note biblionumber has updated count in verbose output
12 - Note report only rpeort 1 biblio modified, the rest only processed
13 - Only one line added to action_logs
14 - Run it again
15 - Confirm no updates

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:39:14 +01:00
1c875b0157
Bug 36474: Unit tests
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-19 12:39:13 +01:00
e991c03119
Bug 37601: (follow-up) DBIC schema update
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-09-18 11:02:29 +02:00
d742e7066d
Bug 37601: (QA follow-up) Adjust kohastructure.sql
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2024-09-18 11:02:28 +02:00
90ba1c1bfe
Bug 37592: (QA follow-up) Fetch database fields for api return
Creation and Modification times are maintained by the database, but on
add/update we were not fetching the updated fields from the database for
the api response.

This patch corrects that and also updates the api schema to reflect that
these are readOnly fields.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2024-09-18 05:01:10 +01:00
40d9f2cf18
Bug 37601: DBIC schema update
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-17 12:35:02 +02:00
1c82782759
Bug 37857: Add callnumber and geo_point for new search fields
It is missing "Geo point" and "Call Number" from the options of
"Type" when creating a new search field.

Test plan:
Go to the elastic mapping config page, bottom of the page.
Notice that after this patch you see the 2 options in the dropdown list.

Signed-off-by: Chloe Zermatten <chloe.zermatten@ptfs-europe.com>
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-17 10:48:42 +02:00
Phil Ringnalda
e21419b733
Bug 37914: Forms for budget planning filters and export should GET rather than POST
Because of the bug 36192 CSRF protection, we intend not to have forms that
POST without a param named 'op' with a value starting with 'cud-'. Because
of bug 37728, a few were missed, including the 'Filters' form that lets you
switch between planning budgets by month or by itemtype or by library, and
the 'Export' form that lets you save your planning as a .csv file. Neither
one has any need to POST, they can just be the GET they naturally are.

Alas, the default data won't let you exercise everything, so there's a lot of
setup before the actual testing.

Test plan:
 1. Patrons - search for Acevedo - More-> Set permissions - check
    Acquisitions management and Save
 2. Administration - Authorized values - Asort1 - New authorized value for
    Asort1 - value Q1, description First Quarter, then repeat for Q2, Q3, Q4
 3. Administration - Budgets - New budget - give it a start date of today,
    end date of a year from today, a description, a total amount of
    100000.00, for Statistic 1 done on choose Asort1
 4. Click the name of your new budget - New-> New fund for (name) - give it
    the code my, name My money, amount 75000.00 and Submit
 5. New-> New fund for (name) - give it the code his, name Henry's money,
    amount 25000.00, and click Select owner, find Henry and Select, then
    Submit
 6. Acquisitions - click Search on an empty search box to find the only
    vendor - New-> Basket - Give it a name and Save
 7. Add to basket - From an existing record (search for something like Perl)
    click any bib record - Add order - set the required item type and click
    Add item
 8. Scroll down to the Accounting details form, change Fund to My money, and
    enter 20.00 for the Vendor price and click Save. You just made that
    fund "active" in the eyes of the Filter form, by spending some of it.
 9. Finally set up. Administration - Budgets - click the name of your budget
10. Planning-> Plan by months
11. In the upper left Filter box, check Show my funds only and Submit - you
    should see Henry's money disappear
12. Uncheck Show my funds only and check Show active funds only and Submit -
    you should see Henry's money disappear
13. Check Show actual/estimated values and Submit, you should see text for
    the actual (only in this month, since that's all you spent) and wee
    little shrunken text boxes for the planning numbers
14. Uncheck all the boxes and change the dropdown from by months to by Asort1
    (either one of it, there being two is bug 34159) and Submit, you should
    have four columns for Q1 - Q4 and only for My money, since Henry doesn't
    use Asort1
15. Click the Auto-fill row button, and Save
16. In the Export form (which isn't much of a form, since you only have a
    choice for the filename) click Submit
17. You should have downloaded a .csv file, and if you open it it should
    have the info from your current planning form.
18. Apply patch, restart_all
19. Repeat steps 9-17, getting the same results you did without the patch

Sponsored-by: Chetco Community Public Library
Signed-off-by: Sukhmandeep Benipal <sukhmandeep.benipal@inLibro.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-17 10:48:41 +02:00
Phil Ringnalda
9e43658e6f
Bug 37887: OPAC password recovery needs to use a cud- op while POSTing new password
To pass xt/find-missing-op-in-forms.t after bug 37728 updates it to notice
that there can be more than one form in a template, opac-password-recovery.tt
needs to have a param named 'op' which starts with 'cud-' for the form that
POSTs the new password.

Luckily, testing this doesn't require that you set Koha up to actually send
email (though you can), because you can get the link to reset the password
by looking at the list of notices sent to the patron in the staff interface:
the failure to send notice works just fine.

Test plan:
 1. There's no behavior change to test, you just need to see that resetting
    the password still works, so start with the patch applied.
 2. Administration - System preferences - change OpacResetPassword to allowed
 3. Set a patron so you can use them, which requires that you know the
    username, and they have an email address. I give Acosta, Edna one of
    my email addresses, and copy her cardnumber.
 4. Open the OPAC, and below the login form click the "Forgot your password?"
    link
 5. Enter the cardnumber for Login and the email you used for Email and
    click Submit. If you didn't set up sending email, you'll get an error
    message, but ignore it, not a problem
 6. Back in the staff interface, check out to the patron you are using, and
    on the left sidebar choose Notices and find the Koha password recovery
    notice and click that linked phrase
 7. In the popup with the notice text, open the recovery link in a new tab
 8. Following the instructions for the content of a new password, enter one
    in both fields and click Submit
 9  In the success message, click the link to Log in to your account and
    log in with the new password

Sponsored-by: Chetco Community Public Library
Signed-off-by: Olivier V <olivier.vezina@inLibro.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-17 10:48:41 +02:00
Phil Ringnalda
81bc750e00
Bug 37769: Fix forms that POST without an op in currency administration
We intend not to have forms with method="post" without an op variable (so we
can check that the op starts with "cud-" as part of the CSRF protection), but
because of bug 37728 some were missed.

This patch changes the form around the OK button when you are told you can't
delete a currency which is in use, and the No, do not delete button when you
could delete a currency and decide not to, from a POST to a GET because all
they need to do is show the list of currencies again.

The only visible change from the patch is that the URL will end with a "?"
from having done a GET without any params. Someone who wants to decide
which of our link-as-cancel-button styles to use is welcome to switch them
to links, in a bug not blocking an RM_priority bug.

Test plan:
1. No changes to see, so apply the patch first
2. Administration - Currencies and exchange rates
3. You need one currency in use and one not in use. Luckily, ktd gave you
   USD for in use, and GBP for not in use. For USD, click the Deleete button
4. On the page telling you that you can't delete it because it's in use,
   click the OK button and verify that you are back at the list of currencies
5. Click the Delete button for GBP, then the No, do not delete button
6. Verify that you are back at the list of currencies

Sponsored-by: Chetco Community Public Library
Signed-off-by: Sukhmandeep Benipal <sukhmandeep.benipal@inLibro.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-17 10:48:40 +02:00
Phil Ringnalda
e03aecfd50
Bug 37767: Fix forms that POST without an op in Authority types
We intend not to have forms with method="post" without an op variable (so we
can check that the op starts with "cud-" as part of the CSRF protection), but
because of bug 37728 some were missed.

In Authority types, that's dead code in the template that expects to show a
"Data deleted" confirmation page, but it never shows because rather than
setting the variable delete_confirmed and outputting the template, the op
cud-delete_confirmed just does a print $input->redirect() and exits, and, the
search for tags form that should be a GET so it can be bookmarked and linked
to.

Test plan:
 1. Without the patch, Administration - Authority types - choose one other
    than default, so you can see the code rather than "" in the URL -
    Actions - MARC structure
 2. For any tag (you *are* testing in a throwaway database, right?) click
    Actions - Delete then Yes, delete
 3. Note that you don't get a confirmation page, just redirected back to a
    search for your tag which no longer exists, with the searchfield and
    authtypecode nicely in the URL
 4. Click the Search button for the Search for tag form, without changing
    anything
 5. Note that your URL lost the searchfield and authtypecode
 6. Apply patch, restart_all
 7. Repeat steps 1, 2, and 3, with identical results like they should be
 8. Repeat step 4, but this time note that the searchfield and authtypecode
    stay in the URL.
 9. Change the select menu for In framework and click Search, note that
    the searchfield and frameworkcode are still in the URL and still correct
    and that the correct results show
10. Change the tag number and hit Enter, and verify that the URL and the
    page show the correct results

Sponsored-by: Chetco Community Public Library
Signed-off-by: Sukhmandeep Benipal <sukhmandeep.benipal@inLibro.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-17 10:48:40 +02:00
26de0bfaa0
Bug 34088: Move the 'needs update' test to a separate script
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-17 10:48:39 +02:00
954215d6f9
Bug 37929: Remove it.only from Agreements_spec
Test plan:
1) Run the cypress tests for Agreements_spec.ts
yarn cypress run --spec t/cypress/integration/ERM/Agreements_spec.ts
2) Only the Delete test will run
3) Apply patch and yarn build
4) Run test again, all tests should run

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-17 10:48:38 +02:00
db4f151be5
Bug 37824: (QA follow-up) Fix improper handling of jQuery and DataTables libraries by marking them as externals
This commit addresses an issue where jQuery and DataTables libraries (datatables.net and related extensions) were not functioning correctly when bundled with rspack. These libraries expect to be loaded in the global scope rather than as bundled modules, leading to initialization issues.

To resolve this, jQuery and all related DataTables libraries (datatables.net, datatables.net-buttons, datatables.net-buttons/js/buttons.html5, etc.) are marked as externals in the rspack configuration. This ensures they are treated as global dependencies, preventing conflicts and allowing proper initialization.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
2024-09-16 18:41:17 +02:00