Test plan:
Run t/db_dependent/Koha/Auth/TwoFactorAuth.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended to reflect requested changes.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The unit tests highlighted my original patch didn't cover the full
preference description.
We now replace the 'standard' option with the fields from the preference
and we also add those fields as options to the field selection in
advanced searches.
This patch also adjusts the tests to test for that and reflects the
expected changes to the number of options displayed in the select boxes.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When building Koha::Holds object,
do not let 'found' random otherwise it may take a valid value indicating
hold is found.
See other holds unit tests.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
because of updated_on
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
t/db_dependent/selenium/update_child_to_adult.t .. # Looks like you planned 3 tests but ran 2.
# Failed test 'Update child to adult'
# at t/db_dependent/selenium/update_child_to_adult.t line 132.
# Looks like you planned 3 tests but ran 2.
# Looks like you failed 1 test of 2 run.
t/db_dependent/selenium/update_child_to_adult.t .. 1/1
# Failed test 'Update child to patron'
# at t/db_dependent/selenium/update_child_to_adult.t line 153.
Cannot wait more for element '//input[@type="submit"]' to be visible at /kohadevbox/koha/t/lib/Selenium.pm line 189.
It happens when there are too many patron's categories and the submit
button is not in the viewport.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Moved from obsoleted bug 2222 on its own.
Test plan:
Run t/db_dependent/AuthoritiesMarc_GetTagsLabels.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patchset introduces the Two-factor authentication (2FA) idea in
Koha.
It is far for complete, and only implement one way of doing it, but at
least it's a first step.
The idea here is to offer the librarian user the ability to
enable/disable 2FA when logging in to Koha.
It will use time-based, one-time passwords (TOTP) as the second factor,
an application to handle that will be required.
https://en.wikipedia.org/wiki/Time-based_One-Time_Password
More developements are possible on top of this:
* Send a notice (sms or email) with the code
* Force 2FA for librarians
* Implementation for OPAC
* WebAuthn, FIDO2, etc. - https://fidoalliance.org/category/intro-fido/
Test plan:
0.
a. % apt install -y libauth-googleauth-perl && updatedatabase && restart_all
b. To test this you will need an app to generate the TOTP token, you can
use FreeOTP that is open source and easy to use.
1. Turn on TwoFactorAuthentication
2. Go to your account, click 'More' > 'Manage Two-Factor authentication'
3. Click Enable, scan the QR code with the app, insert the pin code and
register
4. Your account now requires 2FA to login!
5. Notice that you can browse until you logout
6. Logout
7. Enter the credential and the pincode provided by the app
8. Logout
9. Enter the credential, no pincode
10. Confirm that you are stuck on the second auth form (ie. you cannot
access other Koha pages)
11. Click logout => First login form
12. Enter the credential and the pincode provided by the app
Sponsored-by: Orex Digital
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Some libraries have certain patron categories that can only do in house checkouts via SIP self check machines.
In these cases, the items should not be demagnetized since the items cannot leave the library.
Test Plan:
1) Apply this patch
2) prove t/db_dependent/SIP/Message.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch replaces the AutoEmailOpacUser system preference with a new
AutoEmailNewUser preference. This makes the functionof the preference
clearer.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Add a unit test for the additional functionality of sending welcome
emails from Koha::Patrons::Import.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Currently, on SIP checkout, Koha only returns "Patron Blocked" when there is
a problem with the patron.
This patch adds more specific informations, with the following messages:
- "Patron expired"
- "Patron debarred"
- "Patron has fines" (see system preference "noissuescharge")
- "Patron blocked" (see system preference "OverduesBlockCirc")
Test plan:
- Try to do a SIP checkout with a patron that is in one of the above situations.
- Check that the displayed message matches the patron's situation.
Signed-off-by: Sonia <sonia.bouis@univ-lyon3.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds tests for checking the output_pref method against
a timezone and datetime that would cause an Invalid local time failure
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/DateUtils.t
=> FAIL: The feature is not implemented, tests fail to complete
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a few tests to cover more cases, and to highlight current functionality.
The script only allows renewal if all outstanding holds can be filled by available items.
This means we can return as soon as we have determined that not all holds can be filled.
I add FIXME and some explanatory comments - I will file a follow-up bug for those, but
I feel we can accept these improvements to the performance and deal with the issues
of how it 'should' work versus how it does work on another report.
To test:
1 - prove -v t/db_dependent/Circulation.t
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the AllowRenewalIfOtherItemsAvailable tests to
remove deletion of all data, and create specific circ rules for this
test. It adjust several other tests that were relying on the rules from
this test, so thy too create their opwn specific rules.
Additionally, we add tests to cover the case of mutliple items on the record,
and some items cannot fill some reserves.
What is uncovered here is that the same patron is checked twice, so two holds can
be filled, but they only satisfy a single patron
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds tests for checking the needs_advancing method against
a timezone and datetime that would cause an Invalid local time failure
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/StockRotationItems.t
=> FAIL: The feature is not implemented, tests fail to complete
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the unit test for the BackgroundJob->_derived_class()
private method to instantiate a proper object to work on instead of
calling the type_to_class_mapping method directly as non-object method.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
We renamed the LSQ seqment accessor from 'collection_code' to
'sequenece_code' to more clearly reflect the EDI segment name instead of
the Koha field we had mapped it to. (Especially as that mapping is not
optionally to ccode or location).
However, I forgot to update the corresponding test. This patch does that
update.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Add a unit test for EdifactLSQ preference.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Result was copied and pasted, needed to update check
Was passing objetc instead of standard field
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a unit test for the internal 'beginning_of_message'
method in Koha::Edifact::Order to check that the vendor standard
parameter is being interpreted coorectly.
Test plan
1. Run the tests, they should pass
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Adding is_boolean to virtualshelves.public and
virtualshelves.allow_change_from_staff in Virtualshelve.pm DBIC schema file.
Fixing typo in Virtualshelves.t
Sponsored-by: Catalyst IT, New Zealand
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
If a staff member has access to the staff client (either because
'catalogue' permission is enabled or they're a superlibrarian
then that user can add items (from OPAC or staff client) to a list
marked 'Staff only'
Test plan:
1. In the staff client go to: Lists > 'New list'. Notice under 'Allow changes to contents
from' there are three options: Nobody, Owner only, Anyone seeing this
list
2. Apply first 3 patches and run updatedatabase.pl
cd installer/data/mysql
sudo koha-shell <instance>
./updatedatabase.pl
3. Restart memcached and plack
4. Create 4 patron accounts:
- User A : Superlibrarian permissions
- User B : 'Staff access, allows viewing of catalogue in staff interface
(catalogue)'
- User C : No permissions
- User D : 'Staff access, allows viewing of catalogue in staff
interface' and 'Lists' > Edit public lists (edit_public_lists)' sub-permission
5. Login to staff client as User A.
Create a public list and select the new 'Staff only' option under 'Allow changes to contents from'
6. Log into the staff client as User B.
Confirm you can add items to the list from the following staff client pages:
- Individual list page using the 'Add items' button
- Staff client search result page
- Staff client biblio detail page
7. Confirm you can remove items from the list
8. Confirm you can perform an OPAC search when not logged in
9. Log into the OPAC as User B. Confirm you can add items to the list
from the following OPAC pages:
- OPAC search result page
- OPAC biblio detail page
10. Log into the OPAC as User C. Do an OPAC search and confirm you
can view the list, but not add items to it
11. Login to the staff client as User B. Create a new list with the
following settings:
- 'Category'='Private',
- 'Allow changes to contents from'='Staff only'
Notice a red hint message is displayed.
Change 'Category'='Public' and notice the hint is removed
12. Log into the OPAC as User C. Notice the 'Staff only' option is not
available when creating a list
13. Log into the OPAC as User B. Repeat step 11. Confirm the same
outcome
14. Log into the staff client as User A. Create a list with the
following settings:
- Public = 'Public'
- Allow changes to contents from = 'owner only'
15. Log into the staff client as User D. Edit the list from step 14
confirm you can edit the list to have 'Allow changes to contents from' =
'Staff only'
16. Run Patron.t and Virtualshelves.t unit tests:
sudo koha-shell <instance>
prove t/db_dependent/Koha/Patron.t
prove t/db_dependent/Virtualshelves.t
Sponsored-by: Horowhenua District Council, New Zealand
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
See the discussion on the Bugzilla report.
It might be easier to work with a deny list.
Test plan:
Run t/CookieManager.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Run t/CookieManager.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: Reverted the change to $cookies to minimize changes.
Fixed Auth.t where checkauth is being mocked.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
C4::Templates::GetColumnDefs can easily be replaced using the new
Koha::Database::Columns module.
Test plan:
Go to the import patron tool and confirm that you see the same list of
patron's attribute on the import patron form.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This module will contain new strings and make them translatable using
Koha::I18N.
We will need to improve this module to prevent the dozens of __ calls
each time we retrieve the column list. We could either use memcached or
add a method to only retrieve columns for a given table.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The maintainers of Mojolicious::Plugin::OpenAPI and friends fixed the
problem with using collectionFormat for Headers in the upstream library.
However, this highlighted an outstanding issue in our code when I ran
the unit tests. We have not been stripping x-koha-embed at the query
level as it did not exist in the reserved_words list. This patch
resolves that and gets the acquisitions_orders test passing again.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
I added explanatory text to staff interface on the preference to explain how it works
Removed a debug warn in the _get_sort_bin routine
changed comparitor => comparator
fixed a missing call in the tests
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds some unit tests for the new _get_sort_bin function.
We're testing that rules are applied in order and that the different
comparison operators work as expected.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
See bug 21648 comment 17.
Suggestion is to keep the non-repeatable patron's attribute from the patron we selected instead of raising a blocking error.
A side-effect will be that when several patrons are merged, the
non-repeatable attribute from the first one will be kept, which can
result in unexpected result if the original patron does not have the
attribute defined.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Some libraries want to be able to use a patron's messaging preferences to conditionally change the contents of a notice depending on the patron's other messaging preference. For example, a library has requested to have the note on the hold slip if the patron has requested phone messages for waiting holds. This really only entails adding a method to the Koha::Patron class to allow this type of looking.
Test plan:
1) Apply this patch
2) Enable item checkout notices for a patron for email, but not sms
3) Include the following in the notice:
TEST1: [% borrower.has_messaging_preference({ message_name => 'Item_Checkout', message_transport_type => 'email' }) %]
<br/>
TEST2: [% borrower.has_messaging_preference({ message_name => 'Item_Checkout', message_transport_type => 'sms' }) %]
4) Generate a checkout and notice for that patron
5) Note the generated notice has a 1 for TEST1, but not for TEST2
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>