Commit graph

1665 commits

Author SHA1 Message Date
Aleisha Amohia
506d669424 Bug 2093: (follow-up) Add OPAC dashboard for logged-in users
This patch:
- hides the dashboard if there is no dashboard information to display
- changes '5.00 due' to '5.00 due in fines and charges' for translation
- uses Koha::Holds in place of deprecated C4::Reserves methods

To test, confirm all the right information for holds still shows, and
confirm the dashboard is hidden if there are no checkouts, holds, fines
or overdues.

Signed-off-by: Hugo Agud <hagud@orex.es>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-27 14:09:05 -03:00
Aleisha Amohia
657c417a87 Bug 2093: Add OPAC Summary for logged-in users
This patch adds a summary to the OPAC once the user has logged in that
shows the users number of checkouts, overdues, holds pending, holds
waiting and total fines. We also have a syspref OPACUserSummary to turn
this feature on and off. Default is ON.

To test:
1) Apply patch and update database
2) Set up some checkouts, overdues, holds pending AND waiting and fines
for a user
3) Log into OPAC as that user, see summary. Confirm links all work as
expected
4) Confirm that if there are no checkouts / overdues etc that the link
disappears from the summary
5) Turn OPACUserSummary OFF and confirm the summary does not show on the
mainpage.

Sponsored-by: Catalyst IT

Signed-off-by: Hugo Agud <hagud@orex.es>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-27 14:09:04 -03:00
Srdjan
bf6caa81e5 Bug 16660: Moved Opac Supression filtering from opac-search.pl to Zebra::QueryBuilder
To test:
OPAC: Both SearchEngine "Elasticsearch" and "Zebra" should work with
OpacSuppression set to "yes"

NB: OPAC suppression is not implemented for Elasticsearch

Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-27 14:09:02 -03:00
27b99bb80b Bug 18118: Unexpected behaviour with 'GoogleOpenIDConnect' and 'OpacPublic' syspref combination.
TEST PLAN
----------
1/ configure a working 'GoogleOpenIDConnect' account

See comment #5 which also links back to
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16892#c3

2/ set 'OpacPublic' (under OPAC) to 'Disabled' and
   'GoogleOpenIDConnect' (under Administration) to 'Yes'.

3/ log in user successfully via google-auth, observe redirect to
   opac-user.pl (bad)

4/ apply patch
   -- on kohadevbox remember to restart all! Plack is unforgiving. :)

5/ log in user successfully via google-auth, observe expected
   redirect to opac-main.pl (good)

While I would normally suggest running koha qa test tools, because
this file doesn't end in .pl, it doesn't get picked up by them.

6/ perlcritic -4 opac/svc/auth/googleopenidconnect
   -- notice this is a level better than required. :)

This also eyeballs easily well.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-27 14:09:02 -03:00
Mark Tompsett
c4113dce70 Bug 18956: Fix empty to in message queue
Follow the test plan in comment #20.
Also tweaked string, because it was really 'or' before too.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended text in added comment.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-27 13:57:10 -03:00
6336e53aed Bug 18956: (QA follow-up) Resolve a CGI::Param in list context warn
From the plack-error.log:
CGI::param called in list context from package CGI::Compile::ROOT::usr_share_koha_masterclone_opac_opac_2dpassword_2drecovery_2epl line 129, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 436.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-27 13:56:59 -03:00
Mark Tompsett
e08a0afa26 Bug 18956: Prevent leaking during password recovery
TEST PLAN
---------

It is assumed you have set the OpacResetPassword to 'allowed',
and likely in combination with OpacPasswordChange to 'Allowed'.

You will have two patrons: one with and another without
any email address entered. You will want to test this test plan
with both patrons.

$ git checkout -b bug_18956 origin/master

Prepend the following as understood between step sections:
opac -> forgot password and then enter...

correct login/cardnumber, it will email
delete from borrower_password_recovery;

correct email, it will email
delete from borrower_password_recovery;

correct login/cardnumber && correct email, it will email
delete from borrower_password_recovery;

wrong login/cardnumber && correct email, error page as expected
delete from borrower_password_recovery;

correct login/cardnumber && wrong email, error page as expected
delete from borrower_password_recovery;

wrong login/cardnumber && wrong email, error page as expected
delete from borrower_password_recovery;

submit empty -- INTERNAL SERVER ERROR?!
delete from borrower_password_recovery;

-- None of the above step sections displayed email.

correct login/cardnumber, it will email

correct login/cardnumber again, but it leaks email address!
delete from borrower_password_recovery;

correct email, it will email

correct email again, but it leaks login/cardnumber!
delete from borrower_password_recovery;

$ git bz apply 18956
-- choose interactive, and choose this counter patch.

repeat the same test set again
-- no leaks will occur, error message pages returned should
   be reasonable, code should read reasonably.

run koha qa test tools.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-27 10:59:05 -03:00
e711c8e418 Bug 19038: Remove the OPACShowBarcode syspref
This patch removes the OPACShowBarcode syspref in favour of the new
columns settings option introduced by bug 16759.

On the upgrade step, it picks the value for OPACShowBarcode and uses it
to populate the columns_settings table.

To test:
- Verify the upgrade process maintains the current behaviour

Regards

Sponsored-by: Dover

Followed test plan and works as expected. Functionality of patch from bug 16759
appears intact too.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-25 16:12:46 -03:00
662a98345a Bug 19028: Add 'shelving location' to holdings table in detail page
This patch adds the option to show shelving locations on a separate
column. This is controlled by a new syspref, 'OpacLocationOnDetail',
which replaces 'OpacLocationBranchToDisplayShelving', adding a
conveniente 'column' option.

The new 'Shelving location' column is conveniently added to the columns
configuration entry added by bug 16759 for this purpose.

The current behaviour is preserved.

To test:
- Apply this patches
- Run the upgrade:
  $ sudo koha-shell kohadev
 k$ cd kohaclone
 k$ perl installer/data/mysql/updatedatabase.pl
=> SUCCESS: Upgrade doesn't fail
- Have an item with shelving location set to something not void
- Have the item set home and holding libraries for testing purposes.
- Set 'OpacLocationBranchToDisplay' to 'home and holding libraries' [*]
- Visit the OPAC detail page for the record containing the item
=> SUCCESS: Both home and holding libraries are displayed.
- Loop through all OpacLocationOnDetail options (except from 'column', we leave it for later).
=> SUCCESS: Works as expected.
- Go to Administration > Columns settings
- Make item_shelving_location available in the OPAC section
- Reload the OPAC detail page
=> SUCCESS: No change
- Set OpacLocationOnDetail to 'on a separate column'
- Reload the OPAC detail page
=> SUCCESS: Shelving location is displayed on a separate column
- Sign off :-D

Sponsored-by: Dover

[*] For testing purposes

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-25 12:14:41 -03:00
db14275db4 Bug 19298: Placing a hold from a list at the OPAC should respect issuing rules
The issuing rule retrieve to know if a hold can be placed on a record of
a list is not correct.

Test plan:
0/ With item-level_itypes = item level
1/ Define a item.itype=BK and biblioitems.itemtype=CF
2/ Create a default rule to allow on shelf holds
3/ Create a specific rule for CF with on shelf holds="If any
unavailable"
4/ Add this bibliographic record to a list and view the list
=> Without this patch you will not see "Place hold"
=> With this patch applied you will see the "Place hold" button,
respecting the correct issuing rule

Followed test plan, patches worked as described.

Note: Just to clarify the test plan slightly in step 4 where it says you will not see 'Place Hold' it means to
the left of the 'Save to another List' link below the item availability
in the opac-shelves.pl page. Not the 'Place hold' button in the grey
page header box.

Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-25 12:14:39 -03:00
3f9da34683 Bug 18298: Add server-side checks and refactor stuffs
Now that we have a check client-side, nothing prevents us from a smart guy to
bypass it and force an invalid password.
This patch adds two new subroutines to Koha::AuthUtils to check the
validity of passwords and generate a password server-side. It is used
only once (self-registration) but could be useful later.

Moreover the 3 different cases of password rejection (too leak, too
short, contains leading or trailing whitespaces) were not tested
everywhere. Now they are!

This patch makes things consistent everywhere and clean up some code.

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-16 09:44:32 -03:00
ec4e666bc5 Bug 18298: minPaswordLength should not be < 3
Indeed if RequireStrongPassword is set we need at least 3 characters to
match 1 upper, 1 lower and 1 digit.
We could make things more complicated to allow minPasswordLength < 3
but, really, 3 is already too low...

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-16 09:44:32 -03:00
f18af55a39 Bug 15685: (follow-up) K:A:O->find and ->fetch are no longer used
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-11 13:08:46 -03:00
Jesse Weaver
b29493265b Bug 15685: Allow creation of items (AcqCreateItem) to be customizable per-basket
This adds a new basket attribute (create_items) that can optionally be
set to override AcqCreateItem.

The following have been modified to reflect this (with the value of
create_items that causes them to behave differently in parentheses):
  * Cancelling receipt of an order (receiving)
  * Creating an order by hand or from MARC (ordering)
  * Receiving an order (receiving)
  * Showing orders with uncertain price (ordering)
  * Showing orders (receiving)
  * Showing acquisition details in the OPAC (ordering)

Test plan:
  1) Create baskets with "Create items when:" set to ordering,
     receiving, cataloging and unset.
  2) Test each of the above for each of these baskets, verifying that
     the basket-specific attribute overrides AcqCreateItem if set and
     falls back to the syspref otherwise.

NOTE: A check of AcqCreateItem in opac-detail.tt was removed because it
was redundant; the code path in question cannot be triggered unless
create_items/AcqCreateItems is set to the correct value anyway.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Barbara Fondren <bfondren@roundrocktexas.gov>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-11 13:06:06 -03:00
fed86d5042 Bug 19440: Existing calls need to be done in scalar context
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-09 16:15:52 -03:00
Aleisha Amohia
69ee06a490 Bug 13205: [FOLLOW-UP] Fixing math and variable names
Have changed
  my $last_page = $pages * ( $results_per_page - 1 );
to
  my $last_page = ( $pages - 1) * $results_per_page;
which seems to fix the 'last' button offset! (Comment 10)

Will add the box to jump to a page in a separate patch.
Adding the pagination to the top on the staff client will be dealt with
in Bug 18916 as it is slightly out of the scope of this bug.

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-09 16:15:49 -03:00
Aleisha Amohia
5fc0a1f5b1 Bug 13205: [FOLLOW-UP] Some extra logic
See Comment 8.

Test:
When on first page of results, confirm that the 'First' and 'Previous'
buttons do not show. Confirm they come back on the second page and every
page after.
When on last page of results, confirm that the 'Last' and 'Next' buttons
do not show. Confirm they come back on all previous pages.
Check on both staff side and OPAC.

Sponsored-by: Catalyst IT

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-09 16:15:49 -03:00
Aleisha Amohia
1a157575d3 Bug 13205: Last/first page options for result list paging for OPAC
Same fix but on OPAC side. Same test plan

Sponsored-by: Catalyst IT

Signed-off-by: Dilan Johnpulle <dilan@calyx.net.au>
Signed-off-by: Your Full Name <your_email>

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-09 16:15:49 -03:00
David Bourgault
078eb77451 Bug 19345: Add missing error flag to template
Adds a missing error flag to the template->param { } call.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-10-06 12:09:55 -03:00
Aleisha Amohia
89528af3b0 Bug 16463: Replace discharge link with error message if user has checked out items
To test:
1) Ensure the useDischarge syspref is enabled
2) Check out an item to a borrower
3) Log in to the OPAC as this borrower
4) Click the 'ask for a discharge' link in the nav
5) Click the 'Ask for a discharge' link
6) Notice you cannot be discharged because you have checkouts
7) Apply the patch, click the 'ask for a discharge' link in the nav
8) Notice the link has been replaced with an appropriate error message
9) Attempt to force the discharge URL:
/cgi-bin/koha/opac-discharge?op=request
10) Notice the message and you cannot be discharged.
11) Confirm that when you check in your item, the discharge link shows
again and works as expected.

Sponsored-by: Catalyst IT
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:37:00 -03:00
ae02cf97e4 Bug 19366: Do not block patron's detail update if EmailMustBeUnique
If the pref PatronSelfRegistrationEmailMustBeUnique is set ("consider"),
a patron is not allowed to register with an existing email address.
The existing code is wrong and reject a patron that is updating their
personal details with "This email address already exists in our
database.", even if the patron did not modify their email address.

This is caused by the query we made, we must search for patron with this
email address but who is not the current patron.

Test plan:
- Set PatronSelfRegistrationEmailMustBeUnique to "consider"
- Register a new patron with an existing email address
=> you should not be allowed
- Use a non-existent email address
=> You should be allowed
- Edit your patron details
- Modify some infos
=> Should pass
- Modify your email address with an existing one
=> You should not be allowed to do that

Followed test plan, patches worked as described
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:36:59 -03:00
402c7f7567 Bug 19173: Add opac payment and marc conversion plugins to the pulldown filter list
Edit: fixed tab-for-space errors (tcohen).

Signed-off-by: Magnus Enger <magnus@libriotech.no>
New categories are added to the pulldown and work as expected.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:52 -03:00
323b1553b0 Bug 19173: Make OPAC online payments pluggable
While PayPal is fairly universal, there is a plethora of online
payment system that are far more localized, servicing a single
country ( e.g. Bug 18968 ) or even a single  city! Instead of
adding support for each and every one of these payment options
directly into Koha, it makes more sense to add the ability to
create online payment plugins.

Test Plan:
1) Apply this patch
2) Download and install the Kitchen Sink plugin version 2.1.1 or later
   https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases
3) In the plugin options, enable the opac payments option
4) Create a patron with one or more fines
5) Log into the opac as that patron, note you now have the option
   to pay online via KitchenSink ImaginaryPay
6) Make an online payment
7) Note the payment was processed correctly

Sponsored-by: Washoe County Library System

Signed-off-by: Kyle M Hall <kyle@gmail.com>

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Awesome enhancement! I know we want to add at least one Norwegian
payment service at some point.
I followed the test plan and everything works as advertised. Turning
off the "opac payments option" makes the option dissappear cleanly
from the OPAC. I have *not* looked at the code or done any
considerations about security.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:52 -03:00
e722c0a29f Bug 18149: Move CountUsage calls to Koha namespace
After the introduction of Koha::Authorities->get_usage_count with bug
9988, we can now replace the remaining occurrences of CountUsage.

At the same time we remove CountUsageChildren. This was an empty sub.
The typo get_count_usage in a subtest title is adjusted.

Test plan:
[1] Run t/db_dependent/Koha/Authorities.t
[2] Perform a search on authorities-home.pl and verify that you see
    plausible numbers for 'used in xx records'.
[3] Click on Details for one authority. See the same number?
[4] Do the same as in 2/3 for Authority search on OPAC.
[5] Remember the authid and enter this in the record numbers box on
    tools/batch_delete_records.pl. Select Authorities and click
    Continue. The next form shows a column "Used in". Do you see
    the same count again?
[6] Git grep CountUsage.
    You should see just one hit in a comment that can be kept in
    Koha/Authorities.pm.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 11:47:32 -03:00
82115d164a Bug 19059: Move C4::Reserves::CancelReserve to Koha::Hold->cancel
This patch adds a new Koha::Hold->cancel method and replaces the calls
to C4::Reserves::CancelReserve with it.

Test plan:
- Add and cancel holds
- Change priority of holds

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-12 12:42:58 -03:00
Aleisha Amohia
3c31e6e795 Bug 12691: Use Koha.Preference in Self-Checkout
For calls to SCOUserJS, SCOUserCSS, OPACUserCSS, AllowSelfCheckReturns,
OpacFavicon, ShowPatronImageInWebBasedSelfCheck, SelfCheckoutByLogin

Sponsored-by: Catalyst IT

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 12691: [FOLLOW-UP] Follow-up patch

This patch fixes merge conflicts and fixes the problems in Comment 7

QA tools complain about missing bracket, will be fixed in next followup
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 12691: [FOLLOW-UP] Missing bracket

Patch adds bracket to template file (Comment 16)

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 12691: [FOLLOW-UP] Fixing some logic

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Patches have been squashed for readability and 1 removal occurrence of
display_patron_image has been reintroduced.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-07 14:03:45 -03:00
f1b0dae9a6 Bug 18946 [QA Followup] - code cleanup
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:26 -03:00
Karam Qubsi
48f54016a7 Bug 18946 - Change language from external web fails
How to reproduce:
1. Get a multilingüal Koha like
http://demo1.orex.es/cgi-bin/koha/opac-changelanguage.pl?language=en
http://demo1.orex.es/cgi-bin/koha/opac-changelanguage.pl?language=es-ES

2. Copy that urls to any web page in an other domain -it must be in some
host - and try to link to the spanish or english version,it will keep you in the same position.

3. Apply this patch and try again , everything should work fine .

Signed-off-by: Hugo Agud <hagud@orex.es>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:02:26 -03:00
ae7e0ee56a Bug 17797: Add XSLT_Handler in opac/unapi
Replaces some code by a call to existing module.
Removes the $@->code and $@->message calls.

Test plan
[1] Run /cgi-bin/koha/unapi?id=koha:biblionumber:[number]&format=marcxml
[2] Try some variations.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:00:06 -03:00
10311769d4 Bug 19007 - Allow paypal payments via debit or credit card again
A recent change in Paypal has removed the previous default option of paying via debit or credit card without an account. To bring this option back, we need to send an additional parameter to the PayPal API.

Test Plan:
1) Enable paypal for your Koha instance
2) Ensure you are not logged in to PayPal
3) Attempt to pay a fine via PayPal
4) Not the the "Pay with Debit or Credit Card" option is missing
5) Apply this patch
6) Refresh opac-account.pl
7) Attempt to make a payment via PayPal again
8) Note the option "Pay with Debit or Credit Card" is now available

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: George Williams <gwilliams@nekls.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-01 13:00:05 -03:00
Mark Tompsett
8ed19fedca Bug 16892: Address error checking in comment #47
Tweaked logic to include error check for category
and branch being valid. If not, the user is told
about a configuration error to share with the
library. Otherwise, it should proceed as normal.

TEST PLAN is comment #35 still.
Though include a run with an invalid category
and/or branch code in the two system preferences:
GoogleOpenIDConnectDefaultBranch and/or
GoogleOpenIDConnectDefaultCategory

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-25 10:51:25 -03:00
Mark Tompsett
88f616277a Bug 16892: Follow up use AddMember as per QA comment
Same Test plan as before.

Signed-off-by: Eugene Jose Espinoza <eugenegf@yahoo.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-25 10:51:25 -03:00
Mark Tompsett
ae45243fae Bug 16892: Add automatic patron registration via OAuth2 login
10988 added the ability to log into the OPAC authenticating with
Google Open ID Connect. This extends it, by allowing an
unregistered patron to have an account automatically created
with default category code and branch.

This is accomplished by adding 3 system preferences.
- GoogleOpenIDConnectAutoRegister
      whether it will attempt to auto-register the patron.
- GoogleOpenIDConnectDefaultCategory
      This category code will be used to create Google OpenID Connect patrons.
- GoogleOpenIDConnectDefaultBranch'
      This branch code will be used to create Google OpenID Connect patrons.

Sponsored-by: Tulong Aklatan

Signed-off-by: Eugene Jose Espinoza <eugenegf@yahoo.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-25 10:51:25 -03:00
Mark Tompsett
d5986c9b97 Bug 19040: Refactor GetMarcBiblio parameters
Change parameters to a hashref.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Looks good to me.
Two calls in migration_tools/22_to_30 still in old style.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-25 10:23:42 -03:00
64a0aa541e Bug 19048: (bug 17829 follow-up) Fix regression in self checkout
$patronid is not necessarily set or does not match a valid cardnumber.
These cases must be taken into account to avoid the script to crash and
raise the following error:
Can't call method "unblessed" on an undefined value at
(...)/koha/opac/sco/sco-main.pl line 117

Test plan:
Hit sco/sco-main.pl and confirm that the error is gone with this patch
applied

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-08-08 09:20:50 -03:00
9b92d79817 Bug 18572 - QA Followup
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-24 13:38:31 -03:00
e9374dcf63 Bug 18572 - Improper branchcode set during OPAC renewal
To test:
1 - Set 'OpacRenewalBranch' to various settings
2 - Renew an item for a ptron under each setting
3 - Confirm action_log entries reflect the correct branch for each
secnario
4 - prove t/db_dependent/Circulation/issue.t

Signed-off-by: David Kuhn <techservspec@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-24 13:38:31 -03:00
bd3b1c1a33 Bug 18262: Koha::Biblio - Remove GetBiblioData - part 1
Most of the time C4::Biblio::GetBiblioData is used to retrieve the title
and/or the author of a bibliographic record.

This patch replaces the easy occurrences of GetBiblioData, the ones
where the 2 joins are needed, but only data from biblio and biblioitems
table are.

Test plan:
It will be hard to test everything, I'd suggest a QAer to review this
patch and confirm that the difference occurrences of GetBiblioData have
been correctly replaced by calling Koha::Biblios->find or
$biblio->bibioitem

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-14 12:22:23 -03:00
2f1a1fc4b9 Bug 18938: (bug 17829 follow-up) Replace 2 occurrences of GetMember left behind
Between patch submission and push, 2 new occurrences appeared in the
codebase.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-14 12:19:13 -03:00
99b32717cd Bug 18854 - Protect from DOS
There was a bug that meant a very large offset in the search params
will cause the search script to run forever (or long enough to crash
the machine)

To test

1/ Get ready with sudo top so you can kill the thread before it causes
your machine to OOM
2/ Hit a page like yourdomain.com/cgi-bin/koha/opac-search.pl?q=1&offset=-9999999999999999999
3/ Notice the process runs for a long time
4/ Kill the process
5/ Apply the patch
6/ Hit the page again, notice the it loads (offset is set to zero)
7/ Do the same to search in the staff client

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: changed -2 to 0 in opac-search.pl.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-14 12:02:04 -03:00
c91eb80efb Bug 17829: (follow-up) Move GetMember to Koha::Patron
Prevent crash at the opac when no user is logged in

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-11 15:43:38 -03:00
9cad748de7 Bug 17829: (followup) Fix small rebasing errors
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-10 13:14:34 -03:00
2b90ea2cb0 Bug 17829: Move GetMember to Koha::Patron
GetMember returned a patron given a borrowernumber, cardnumber or
userid.
All of these 3 attributes are defined as a unique key at the DB level
and so we can use Koha::Patrons->find to replace this subroutine.
Additionaly GetMember set category_type and description.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-10 13:14:19 -03:00
c73e269a13 Bug 18260: Koha::Biblio - Remove GetBiblio
C4::Biblio::GetBiblio can be replaced with Koha Biblio->find

Test plan:
Import batch, view issue history, search for items, see the image of a
bibliographic record, modify and delete records in a batch

Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-10 13:03:38 -03:00
fa467223ea Bug 18277: Remove GetBiblionumberFromItemnumber - Easy ones
To retrieve a biblionumber from an itemnumber, we can use:
  Koha::Item->biblio->biblionumber

This is only what this patchset does.
Doing that we will be able to get rid of the
C4::Biblio::GetBiblionumberFromItemnumber subroutine.

Test plan:
- Acquisition module: cancel a receipt
- Export a record to CSV
- Modify items in a batch

Item's info should be correct

Other changes with be checked by QA team, by reading the code.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-10 13:03:37 -03:00
f4ded893c5 Bug 18276: [QA Follow-up] Fix two new calls
Found two calls in opac-issue-note.pl and svc/patron_notes.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-10 13:02:54 -03:00
6eade474ed Bug 18276: Remove GetBiblioFromItemNumber - Easy ones
The subroutine C4::Biblio::GetBiblioFromItemNumber was wrong for several
reasons:
- badly named, we can get biblio info from a barcode
- SELECT * from items, biblio and biblioitems
makes things hard to follow and debug, we never know where do come from
the value we display
- sometimes called only for trivial information such as biblionumber,
author or title

This patchset suggests to replace it with calls to:
- Koha::Items->find for item's info
- $item->biblio for biblio's info
- $item->biblio->biblioitem for biblioitem's info

Test plan:
Item's info should correctly be displayed on the following pages:
- circulation history
- transfer book
- checkin
- waiting holds

QA will check the other changes reading the code, it's trivial

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-10 12:22:29 -03:00
546379cc92 Bug 17680: C4::Circulation - Remove GetItemIssue, simple calls
C4::Circulation::GetItemIssue returned all the issue and item
informations for a given issue. Moveover it also did some date
manipulations. Most of the time this subroutine was called, there
additional information were useless as the caller usually just needed
the basic issue's infos 'from the issue table).

This first patch updates the simple calls, ie. the ones that just need
the issue's infomations.

Test plan:
The following operations should success:
- transfer a book
- create a rule for on-site checkouts and confirm that a patron cannot
check more items out that it's defined in the rule.
- Renew an issue using ILSDI
- Using SIP confirm that you are able to see your issues

Followed test plan, works as expected
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-10 12:06:37 -03:00
David Kuhn
e29163af4c Bug 18616 - The "Add forgot password link to OPAC" should allow patrons to use their library card number in addition to username
Allow patrons to enter either their library card number or user name in the "Log in" box for password recovery.

Most patrons at our library use their card number to log in and are unaware of what their userid is. However there are some who have set a

customized userid and would prefer to use that. This patch would allow either to be entered for password recovery.

To test:
1. Enable the password recovery feature.
2. In the OPAC, click on "Forgot you password?" link and enter a valid library card number.
3. The error message "No account found with the provided information" appears.
4. Apply the patch.
5. Repeat step 2. The recovery email is now sent.

Note: Moved patch from 16711 back here and re-tested.
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-06 14:52:53 -03:00
Marc Véron
3829020c26 Bug 16711: OPAC Password recovery: Handling if multiple accounts have the same mail address
To reproduce:
- Create 3 Accounts, login names are test01, test02, test03, Email is the same
for all.
- Go to OPAC -> Password recovery and indicate E-Mail only
- You will get an email for only one of the accounts above.

To test:
- Apply patch, restart memcached and plack
- Go to db, delete from borrower_password_recovery;
- Try steps above to reproduce. You will get an error message:
    Account identification with this email address only is ambiguous.
    Please use the field 'Login' as well.
- Verify that other cases work as before (provide valid / invalid login only,
  provide valid email for an existing account, provide unknown email, provide
  both login and email with all combinations of valid / invalid)

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Bug 16711: (QA-followup) Use count directly

See comment # 13

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-07-06 14:52:50 -03:00