We should not cast undefined values to 0.
Signed-off-by: Andrew Isherwood <andrew.isherwood@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This was a bug I introduced. I think the fix is right, and if something
gets broken for this, it means it was making the wrong assumptions on
the data.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
After review of the code it turns out that the management permission
that has been marked as deprecated a long time ago, does not have
any function.
The patch removes all remaining code related to it.
To test:
- Make sure you have a patron with the management permission
- Apply patch
- Run database update
- Check everything still works as expected
Bonus:
borrowers.flags is recalculated for patrons with management
permission.
To check:
- Create some 'permission twins' with and without management
permission
- Note the value in borrowers.flags
- Apply patch, don't run database update
- Save permissions from GUI for one of the twins
- Note the newly calculated value
- Run database update
- Now both twins should have the same borrowers.flags value
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Test plan:
0/ Do not apply the patch
1/ Confirm the new test fails
2/ Apply the patch
3/ Confirm the new test passes
4/ Test the installation process
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
[1] passing unsafe has no use since it is a scalar, removed it to unconfuse
[2] remove caching when pref is disabled
[3] caching userid removes the need for calling Patron->find each time
[4] subsequent changes in unit test
[5] cosmetic renames to move from session to daily basis (changed dev angle)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
First call going thru Koha::Patron takes about 0.0150 sec.
Subsequent calls only use caching and take about 0.0006 sec.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Test Plan:
1) Apply this patch
2) Start a new session ( a private browser window works well )
3) Note the lastseen column in the borrowers table is updated
4) Browse a few pages, not the lastseen column is not updated again
5) Close the browser window and repeat steps 2-4
6) prove t/db_dependent/Auth.t
Signed-off-by: Charles Farmer <charles.farmer@inLibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The unique constraint on userid is handled in TestBuilder. So let's use it.
The two tests if count==$count do not make much sense anymore when we
call ->count a few lines before. The check with search_limited is enough.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Previous patch from Marcel removed the data from article_requests, I do
not think it is a good idea to remove existing data, it could hide bugs.
This patch moves the count inside the subtest block in order to have the
correct value when these tests are executed.
Previous code was broken: Koha::Patron->store does not generate a
userid, and ->search_limited did not work correctly
(Koha::Patron->has_permission returned early because of the non-existing
userid, 'return unless $self->userid;');
Test plan:
[1] Create an article request.
[2] Run t/db_dependent/ArticleRequests.t
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch fixes a regression after bug 14695.
This patch adds itemnumber and barcode as optional params in ReserveSlip used
by hold-transfer-slip.pl to generate HOLD_SLIP. This is for ReserveSlip to be
able to generate correct slips when items in multi-item holds are checked in.
Test plan:
1) activate a circulation rule with multi-item holds
2) Place two holds on same biblio for patron
3) for debugging, either use browser console to observe POST request and responses
or use info from reserves, e.g. reserve_id in the HOLD_SLIP
4) checkin two items from same biblio on pickup branch
5) note that both holds are effectuated, but reserve_id is the same on both slips
6) also note that there is no itemnumber or barcode in the requests from returns.pl
7) Apply this patch
8) repeat 2-4
9) note that reserve_id is now different on the two slips
and/or:
Run tests:
t/db_dependent/Reserves/ReserveSlip.t
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Maksim Sen <maksim.sen@inlibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Both biblionumber and biblioitemnumber for item were set to
biblionumber, when they don't line up tests fail
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
When a method is not allowed yet (not covered by tests), developers get
an error the is not really useful: "The method XXX is not covered by
tests!"
It would be more useful to have a stack trace in order to know where
this error come from.
Test plan:
Modify some code to display this stack trace and confirm it makes sense
to have it, i.e. it will make debug easier
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This reverts commit f489d2034b.
This commit breaks the install process when using debian packages.
Reverting as we are very close to the 18.05.00 release
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Hmm. I would have liked the opac parameter even better ;)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This is the alternative patch of Kyle's
"""
If a hold is 'waiting' for the patron to collect then the patron should
be prevented from cancelling the hold via their account in the opac.
If a patron tries to cancel the hold, Koha will give an 'are you sure'
alert and when you click Yes the page just refreshes and the hold
remains.
Staff can cancel the hold from the staff interface but they can then
action the waiting hold.
I think therefore that it is correct behaviour that a patron cannot
cancel a hold when it reaches waiting state via the opac but it would be
useful to either have a warning to prevent the cancellation or a useful
message when they attempt to do so.
The template was using a method that tells Koha if *staff* can cancel a
hold,
instead of patron.
Test Plan:
1) Set up a waiting hold
2) Try to cancel it from the opac
3) Note you cannot
4) Apply this patch
5) Reload the page
6) Note the cancel button has disappeared for found holds
"""
It sounds better to keep the ->is_cancelable method, for readability
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
t/Koha_Template_Plugin_KohaPlugins.t is DB dependent.
This patch moves it to t/db_dependent/
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Easy change, should be able to verify with code review or testing with
dummy values
To test:
1 - Put some values in baker and taylor prefs (don't need to be valid)
2 - Do a search on the opac (and have some items with isbns)
3 - Inspect the cover images links to ensure they are formed correctly
4 - prove -v t/External/BakerTaylor.t
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch reuses the method newly added to Selenium.pm and improve
existing tests.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The kohadevbox has admin/admin set, so for testing when
creating the initial superuser, if you wish to minimize
effort, use admin/admin. Otherwise, make sure to:
export KOHA_USER={whatever your user is}
export KOHA_PASS={whatever your password is}
before attempting to run the test.
Also, this test was failing because of a validation check on
the passwords requiring uppercase letters, lowercase letters,
and numbers. Changed the sample data passwords to fix.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This selenium test goes through the process of creating a category and
patron user (as is completed in the basic_workflow.t test) then the
superlibrarian used to create them is logged out and the newly created
patron user authenticates into the OPAC and staff intranet therefore testing the
authenitcation of both.
Test plan (this test plan includes how to install Selenium as well as
how to run this test, for the benefit of people who have not got
Selenium installed on their machines):
1. wget https://selenium-release.storage.googleapis.com/2.53/selenium-server-standalone-2.53.0.jar
2. vim /etc/apt/sources.list.d/firefox.list
3. Paste into the file:
deb http://packages.linuxmint.com debian import
4. sudo apt-get update
5. sudo apt-get install firefox
6. sudo apt-get install xvfb
7. Set the SELENIUM_PATH vartiable:
SELENIUM_PATH=/home/vagrant/kohaclone/selenium-server-standalone-2.53.0.jar
8. Xvfb :1 -screen 0 1024x768x24 2>&1 >/dev/null &
9. DISPLAY=:1 java -jar $SELENIUM_PATH
Note: This will start up the selenium server. Everytime you want to shut
down this terminal window and want to restart Selenium just run the step
9 command to restart the Selenium server
10. Open a new terminal window and write in:
git clone https://github.com/gempesaw/Selenium-Remote-Driver --branch
build/master --single-branch --depth 1
11. cd Selenium-Remote-Driver
12. perl Makefile.PL
13. make
14. make test
15. sudo make install
16. Now everything is installed and you can et up for running the selenium tests
17. Create a superlibrarian user with the username koha and password
koha
18. If your usual port configuration for the intranet and OPAC is 8081
and 8080 respectively then set the staffClientBaseURL and OPACBaseURL
system preferences to localhost:8080 and localhost:80 respectively
19. sudo koha-shell <instancename>
20. perl t/db_dependent/selenium/authenticate.t
21. The test should pass.
Note: The time_diff comments in the test output showing what the test is
doing
Note: If you have issues with installing Selenium and
Selenium::Remote::Driver please write a comment on the bug report and I
will be more than happy to create a screencapture video showing all the
steps
Sponsored-By: Catalyst IT
https://bugs.koha-community.org/show_bug.cgi?id=19181
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
Run t/db_dependent/Virtualshelves.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
While we get packaging sorted, Net::OAuth2::AuthorizationServer is not a
hard dependency for Koha and the feature requiring it is disabled by
default.
This patch:
- Makes the dependency optional
- Makes the unit tests for the OAuth2 client credentials flow skip if
the dependency is not met.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch tests the situation in which Net::OAuth2::AuthorizationServer
is missing. It mocks Module::Load::Conditional::can_load and expects the
/token endpoint answers 'Unimplemented grant type' to all requests, and
the 'authenticate_api_request' in 'under' exit with unauthorized (403)
to requests in which the Authorization header is passed containing a
Bearer token, but OAuth2 is not really available.
To test:
- Apply this patch
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests fail because our REST endpoints don't support this
behaviour.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds tests to verify that disabling the RESTOAuth2ClientCredentials syspref
makes any request on the /api/v1/oauth/token using the
'client_credentials' grant fail with 'grant not implemented'.
To test:
- Apply this patch
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests fail because the change is not implemented!
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the oauth.t tests leverage on the new Koha::ApiKey(s)
classes. It adds tests for expired tokens too.
To test:
- Apply this patch
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests should fail without the rest of the patches.
Sponsored-by: ByWater Solutions
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds unit tests for the introduced classes: Koha::ApiKey(s).
To test:
- Apply this patch
- Run
$ kshell
k$ prove t/db_dependent/Koha/ApiKeys.t
=> FAIL: Tests fail because the feature is not implemented.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
GET /patrons now requires { "borrowers": 1 } instead of
{ "borrowers": "edit_borrowers" }
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It implements only the "client credentials" flow with no scopes
support. API clients are tied to an existing patron and have the same
permissions as the patron they are tied to.
API Clients are defined in $KOHA_CONF.
Test plan:
0. Install Net::OAuth2::AuthorizationServer 0.16
1. In $KOHA_CONF, add an <api_client> element under <config>:
<api_client>
<client_id>$CLIENT_ID</client_id>
<client_secret>$CLIENT_SECRET</client_secret>
<patron_id>X</patron_id> <!-- X is an existing borrowernumber -->
</api_client>
2. Apply patch, run updatedatabase.pl and reload starman
3. Install Firefox extension RESTer [1]
4. In RESTer, go to "Authorization" tab and create a new OAuth2
configuration:
- OAuth flow: Client credentials
- Access Token Request Method: POST
- Access Token Request Endpoint: http://$KOHA_URL/api/v1/oauth/token
- Access Token Request Client Authentication: Credentials in request
body
- Client ID: $CLIENT_ID
- Client Secret: $CLIENT_SECRET
5. Click on the newly created configuration to generate a new token
(which will be valid only for an hour)
6. In RESTer, set HTTP method to GET and url to
http://$KOHA_URL/api/v1/patrons then click on SEND
If patron X has permission 'borrowers', it should return 200 OK
with the list of patrons
Otherwise it should return 403 with the list of required permissions
(Please test both cases)
7. Wait an hour (or run the following SQL query:
UPDATE oauth_access_tokens SET expires = 0) and repeat step 6.
You should have a 403 Forbidden status, and the token must have been
removed from the database.
8. Create a bunch of tokens using RESTer, make some of them expires
using the previous SQL query, and run the following command:
misc/cronjobs/cleanup_database.pl --oauth-tokens
Verify that expired tokens were removed, and that the others are
still there
9. prove t/db_dependent/api/v1/oauth.t
[1] https://addons.mozilla.org/en-US/firefox/addon/rester/
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If items.restricted == 1, CanBookBeIssued will not returned what we are
testing.
The easiest and global fix is to define a default value at TestBuilder
package level
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
0) Apply this patch
1) prove t/db_dependent/Members/Attributes.t
should return green
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
TEST PLAN
---------
apply this test patch
prove t/db_dependent/OAI/Server.t
-- should fail
apply the other patch
prove t/db_dependent/OAI/Server.t
-- should pass
run koha qa test tools
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
