The login page should not be displayed if the page is displayed in a
frame.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
This patch reverts the changes made at the OPAC from the following
patches:
Do not include the antiClickjack legacy browser trick for greybox"
Revert "Bug 15111: Do not include the antiClickjack legacy browser trick for greybox"
This reverts commit fc640d2a86.
Revert "Bug 15111: Change X-Frame-Options with SAMEORIGIN"
This reverts commit fb167c0e4b.
Revert "Bug 15111 - Koha is vulnerable to Cross-Frame Scripting (XFS) attacks"
This reverts commit dc03bca76c.
Setting X-Frame-Options to SAMEORIGIN is enough for mordern browsers:
https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
The antiClickjack trick should be removed at the OPAC as we want to keep
the OPAC usable even if the user has disabled JS.
That means the OPAC will be vulnerable to XFS if a user is navigating
with a prehistoric browser:
Firefox 3.6.9 September 2010
IE 8 March 2008
Opera 10.5 March 2010
Safari 4 February 2009
Chrome 4.1.… somewhen 2010
Test plan:
Confirm that there are no regression of bug 15111 with modern browsers
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
This patch enables the indexer daemon by default on packages installs.
It does so by setting USE_INDEXER_DAEMON=yes on the /etc/default/koha-common
file. It does remove now irrelevant comments from that file.
This patch is straightforward to review. If is just a matter of choosing
to enable or not to enable by default.
Kind regards
PS: Let end users rejoice this so far hidden feature :-D
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
This patch changes the behaviour of the koha-rebuild-zebra script in the following way:
USE_INDEXER_DAEMON=no
- Keeps the current behaviour
USE_INDEXER_DAEMON=yes
- It skips incremental indexing to avoid races.
Caveats:
- A --force option is introduced for useing in a specific situtation that might need it
(i.e. the administrator knows what he's doing).
- If --full is passed, the reindexing is not skipped.
The documentation files and messages are adjusted accordingly.
This patch should help users that want to use the indexing daemon, in which case they wouldn't need
to change their default 5 min cronjob (it will be just skipped). Ultimately, koha-common could have
USE_INDEXER_DAEMON = yes by default, but that's subject for another bug report.
To test:
- Play with the different option switches and USE_INDEXER_DAEMON
- Things work as expected
- Sign off
Regards
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as expected
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Your Full Name <your_email>
changed ocurrences of 'lex' to 'lexile-number' in record.abs
Edits were made to the deprecated file record.abs *solely* to quiet
warnings in tests -- this makes sense until GRS-1 code is removed
from Koha.
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Added the following indexes:
Interest-age-level | 591$a ind1=1
Interest-grade-level | 591$a ind1=2
lexile-number | 591$a ind1=8
Reading-grade-level | 591$a ind1=0
Moved 'lex' from a zebra index to a ccl alias to lexile-number.
Changed the handling of st-numeric in C4/Search.pm to allow for search ranges.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Add sysprefs.sql changes for new installations
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
1 - Apply patch
2 - run updatedatabase.pl
3 - Add some html to the two new prefs IntranetReportsHomeHTML and
IntranetCirculationHomeHTML
4 - View the reports and circulation homepages and confirm your changes
show
Sponsored by Northeast Kansas Library System, NEKLS (http://nekls.org/)
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
EDIT: Making sure the messages and the buttons show the same text, as per Comment 6.
To test:
MODIFICATION
1) Go to a biblio record page (ie http://localhost:8081/cgi-bin/koha/catalogue/detail.pl?biblionumber=1)
2) Click edit -> Edit items in a batch
3) Click Save (you don't need to make any changes)
4) Validate 'Done' button. Confirm that there is now a link in dialog message box which takes you back to the record detail page.
5) Go to a biblio record page
6) Select one or some or all items in the record
7) Click modify selected items
8) Click Save
9) Validate 'Done' button. Confirm that there is now a link in dialog message box which takes you back to the record detail page.
10) Go to batch item modification (http://localhost:8081/cgi-bin/koha/tools/batchMod.pl)
11) Write some barcodes into the barcode list and click Continue
12) Click Save
13) Validate 'Done' button. Confirm that there is now a link in dialog message box which takes you back to the batch item mod page.
DELETION
14) Go to a biblio record page (ie http://localhost:8081/cgi-bin/koha/catalogue/detail.pl?biblionumber=1)
15) Click edit -> Delete items in a batch
16) Unselect all the items so you don't actually delete them, then click Delete selected items
17) Validate 'Done' button. Confirm that there is now a link in dialog message box which takes you back to the record detail page.
18) Go to a biblio record page
19) Select one or some or all items in the record
20) Click Delete selected items
21) Unselect all the items so you don't actually delete them, then click Delete selected items
22) Validate 'Done' button. Confirm that there is now a link in dialog message box which takes you back to the record detail page.
23) Go to batch item deletion (http://localhost:8081/cgi-bin/koha/tools/batchMod.pl?del=1)
24) Write some barcodes into the barcode list and click Continue
25) Unselect all the items so you don't actually delete them, then click Delete selected items
26) Validate 'Done' button. Confirm that there is now a link in dialog message box which takes you back to the batch item deletion page.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This patch alters the MySQL query to remove a max statement which
incorrectly groups full annual barcodes with numeric values.
Signed-off-by: Srdjan <srdjan@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
* Koha/OldIssue.pm: New file.
* Koha/OldIssues.pm: New file.
https://bugs.koha-community.org/show_bug.cgi?id=16087
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Nothing to test, new files.
No errors
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
From C4::Koha::GetAuthorisedValues
# TODO: the "selected" feature should be replaced by a utility function
# somewhere else, it doesn't belong in here. For starters it makes
# caching much more complicated. Or just let the UI logic handle it, it's
# what it's for.
Indeed, it's not a job for a subroutine, the template should take care of that.
Note that a perf gain could be won with this patch \o/
Test plan:
- Edit an itemtype and check the value of the "Search category" dropdown list
- Edit a patron attribute type and check the value of the "Class" dropdown list
- Detail for a catalogue record, the Status column should be correctly
populated if items are damaged and/or lost
- Item details for a catalogue record, the lost, damaged and withdrawn
value should be correctly displayed
- Edit a patron, the "street type" should be correctly selected
- Create a patron attribute type linked to an authorised value list.
- Edit a patron, set a value for this attribute, edit it again. The
correct value should be selected.
- Search for subscriptions. The 'Location' dropdown list should behave
correctly (select the entry you have choosen before, etc.)
- Edit a subscription, the location dropdown list should select the
correct value.
- Edit and view a suggestion with a 'reason for suggestion' set (you
should have at least 1 OPAC_SUG AV defined)
Followed test plan, works as expected
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
EDIT: This patch should have gotten rid of those tabs
EDIT2: Will now apply with patch on Bug 16161
To test:
1) Apply Bug 16161 first
2) Go to Reports -> View dictionary
3) Confirm that the 'Delete definition' button now just says 'Delete' and is styled as a font awesome button.
4) Confirm that the button does not wrap on narrower browsers.
5) Confirm that column heading is now 'Action'.
6) Confirm that button deletes as expected. (If you're wondering about the missing confirm message upon delete, see Bug 16161.)
Sponsored-by: Catalyst IT
Tested on top of Bug 16161
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
1) Go to Reports -> View dictionary
2) Attempt to delete definiton. Confirm that a confirm messages comes up and works as expected.
Sponsored-by: Catalyst IT
NOTE: confirmation message didn't exist before patch.
confirmation message appeared after patch.
both options worked as expected.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
EDIT: Using same font awesome icon for 'Renew' as in other places
To test:
1) Go to Serials -> Check expiration
2) Put in a date where one or more subscriptions will expire prior to this date
3) Confirm that column heading is now 'Actions'
4) Confirm that Edit and Renew now show as font awesome buttons
5) Confirm that the buttons don't wrap on narrower browsers
6) Confirm the buttons still work as expected
Sponsored-by: Catalyst IT
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
subroutines should not take $dbh in parameter.
C4::Biblio::TransformMarcToKoha has it and does not use it.
Test plan:
Look at the patch and confirm that all occurrences of
TransformMarcToKoha have been modified.
Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Right now, ->dbh calls are actually quite expensive (they involve
DB connection health checks, each and every time). Some speed-sensitive
subroutines inside C4/Biblio.pm (GetMarcStructure, GetAuthorisedValueDesc)
have this statement
my $dbh = C4::Context->dbh;
on top of the code, but they don't always/don't usually need DB
handle - not at that stage at least. This trivial patch eliminates
unneeded ->dbh calls in those subroutines. With it, average
GetMarcStructure() running time goes down from 14 miliseconds
to 9 miliseconds (on top of Bug 16166), it also makes catalogue
search profiling a bit easier.
Test plan:
1) apply patch
2) ensure that catalogue searches are still working
3) run t/*Biblio* tests
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
1) Go to a patron circulation page and add a message
2) Click '[Delete]'
3) Confirm that a confirm dialog shows up and 'Cancel' and 'OK' do what
is expected.
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
1) Go to Tools -> Automatic item modifications by age
2) Click Edit
3) Add a rule if you have none, otherwise notice button 'Submit theses
rules' and typo (theses)
4) Apply patch, refresh page
5) Confirm button now says 'Submit these rules' (typo is fixed)
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This subroutine always returns what has been sent in parameter.
It is unecessary and can be removed.
Test plan:
prove t/Ris.t
should not be noisy
Export a catalogue record in Ris should generate the same file with and
without this patch
NOTE: With/Without were identical in my testing.
t/Ris.t is nicely silenced.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
When I added the MARC editor settings menu in Bug 15859 I accidentally
used a Glyphicon. This patch corrects it to use a Font Awesome icon.
To test, apply the patch and open the basic cataloging editor. The
"Settings" menu should use a Font Awesome icon instead of a Glyphicon.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Icons changed
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
Works as expected, no qa errors
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
To test:
1 - Add guarantor data to patron account by typing it in but do not 'Set to patron'
2 - Note it is not displayed on patron details
3 - Apply patch
4 - Note the info is displayed
5 - Test that linked guarantors show as expected
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amended-patch: Correct some indents/spaces
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
TEST PLAN
---------
1) prove t/Ris.t
-- very noisy
2) apply patch
3) prove t/Ris.t
-- just one confusing noise.
4) run koha qa test tools
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
TEST PLAN
---------
1) Have at least 6 patrons with checkouts and some checkins.
2) Reports -> Patrons with the most checkouts
3) Click 'Submit' (default is 5)
-- more than 5 entries listed.
4) Apply patch
5) Refresh page
-- only 5 entries listed.
6) Run koha qa test tools
NOTE: While this works, I'd be much happier with a refactor
as it would also speed up the report. See comment #5.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Bug 15722 introduces a regression in serials patron search results,
causing the surname to not be displayed
To reproduce:
1. Create a routing list for a subscription
2. Click on "Add recipients" button
3. Run a search
4. Check that surname is not displayed
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
msg_invoice is not used merged into patch in error
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Introduced by
commit d564d3732d
Bug 15629: Koha::Libraries - Remove GetBranchInfo
If the branchcodesuggestedby is not defined, the find won't return
anything and ->branchname on an undefined value will raise
Can't call method "branchname" on an undefined value at
/home/katrin/kohaclone/opac/opac-suggestions.pl line 153.
Test plan:
-Staff
Create a patron
Use this patron to create a suggestion
Delete the patron
-OPAC
Logout and trigger opac/opac-suggestions.pl
Without this patch, you will get an error
With this patch applied, everything should be ok
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Works ok following test plan
No errors
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
This patch adds a missing closing quote to the circulation template.
To see the affect of this bug:
- Log in to Koha with an account which does not have the
'force_checkout' permission.
- Locate a barcode which is checked out to a patron.
- Open a different patron account for checkout.
- Try to check out the barcode to that different patron.
You see a "Cannot check out" dialog which breaks the structure of the
rest of the page.
To test, apply the patch and repeat the steps above. The issue should be
fixed.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as advertised
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Bug 15527 add an xslt dir, LangInstaller.pm must ingnore that dir.
To test:
1) Verify the problem on current master
Update translation for any lang, will see errors
2) Apply the patch
3) Update again, no errors
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Works as expected.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
The other attachment was not a patch which could be applied by
'git bz'. This corrects that.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
debian/update-control will need to be run after this is applied, but
it works well
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
From commit 581759e985
Bug 14133: Print notices should be generated with the print
template
"""
IMPORTANT NOTE: This test plan does not take into account the notices
generated for the staff ("These messages were not sent directly to the
patrons."). However the behavior will also change, the print template
will be used in all cases. Is it what we want?
"""
Yes, it is what we want. But if the print template does not exist, the
notice is not generated, we'd like to get the email template instead.
Test plan:
- Remove the print template for the letter you use for overdues
- Define an overdue rule to send an email
- Remove the email address for the patron which has overdues
- Execute the overdue_notices script
The staff should get an email notice and a print notice (using the
email template) should be generated for the patron
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Regression introduced by bug 14133, see but 14133 comment 13.
Test plan:
Without this patch applied, if a patron cannot be notified (no email
address or sms number), the print notice generated for the library was
not.
With this patch applied, the print notice should be generated using the
print template
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Koha's EDIFACT module works great for many European vendors,
but does not work will for US vendors, which have a much different
interpretation of 'standard'. In fact, each vendor may require
different arrangements of values in EDIFACT messages. It would be
impossible to encompass all these requirements within Koha's EDIFACT
module itself. Instead, we should allow the module to be pluggable, so
versions of the module can be developed for vendors that require EDIFACT
messages that don't conform to the standard set by Koha's EDIFACT
module.
Test Plan:
1) Apply this patch
2) Run updatedatabase
3) Enable Koha plugins
4) Install the Edifact stub plugin available at
https://github.com/bywatersolutions/koha-plugin-edifact-stub
5) Edit the EDI Vendor account, assign the plugin to a Vendor EDI account
6) Test EDI functionality ( ORDER, INVOICE ), there should be no errors
or changes to the EDIFACT message input or output
Signed-off-by: Jason DeShaw <JDeShaw@cityoffargo.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Bug 9006 changed the api for retrieving config values
from C4::Context after the removal of Autoload
This changes the syntax used to retrieve logdir to reflect
the correct syntax
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>