Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Also, it is recommended to apply bug 17103 before this.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Oliver Bock <oliver.bock@aei.mpg.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
When running Koha in a full-site-SSL configuration accessing
external resouces like Open Library cover images via HTTP
doesn't work (mixed SSL/non-SSL content). It thus breaks a
core feature of Koha. Referencing such resources always via
HTTPS resolves the problem and also enhances privacy as a
side-effect.
Previous tickets took care of Amazon resources. This ticket
is supposed to address the remaining external resource providers,
starting with Open Library.
TEST PLAN
---------
1) Over https access your OPAC with the Enhanced Content system
preferences 'OpenLibraryCovers' set to 'Add', and
'OpenLibrarySearch' set to 'Show'.
2) Search for something (e.g. Mo Willems)
-- Your browser console log will show messages about
mixed content.
3) Apply the patch
4) Making sure to reload the java script, attempt steps 1 & 2
again.
-- no mixed content messages should be given
5) run koha qa test tools
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 12233 removes the declaration of the showListsUpdate JS function for
the OPAC.
It results in a JS error (ReferenceError: showListsUpdate is not
defined) when a user tries to add selected titles to a list if no title
is selected.
Test plan:
Launch a catalogue search
Select a list in the "Select titles to" dropdown list
=> Without this patch you will get the JS error
=> With this patch you will get a JS alert "No item was selected"
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This followup changes comment in koha-tmpl/opac-tmpl/bootstrap/js/datatables.js line 3 to
MSG_DT_* variables comes from datatables.inc
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The JavaScript which handles the display of Google book cover images
includes a hard-coded "style" attribute. It may have been relevant to
the design of the old prog template, but it doesn't seem to have any use
in the Bootstrap one. This patch removes it.
I have replaced the style attribute with a class in case someone needs
a hook for some custom CSS.
To test, apply the patch, enable the GoogleJackets system preference,
and clear your browser cache if necessary.
- Search for a title in the OPAC which has a Google book cover image
associated with it.
- View the detail page for that title. Confirm that the "Google Preview"
link underneath the cover image looks correct.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
If you click on a link that opens a new tab/window to another site, that tab
has access to the original window through JavaScript. The browsing context is
related, even if the domains are totally different.
The tab retains access to the original window's object via window.opener, even
if you navigate to another page or domain, in the new or original window.
Access to the Window object means the new window can use Window.location to
open a different URL in the original window, perfect for phishing attacks.
Depending on the site's Same-Origin Policy settings, the new window may have
access to other parts of the original window's DOM as well.
Any 'A HREF' that contains a target of of '_blank' or '_new' or a fixed name
is vulnerable. Previous security best practice often suggested creating a random
fixed name for an unpredictable namespace - that won't help with this problem!
Targets of '_self' and '_parent' are safe.
We do not use _new (at first glance) but several _blank. Some are used
to refer internal url, we do not need to update or remove them. Others
are used to satisfy OPACURLOpenInNewWindow, in these case, we should add
the rel="noreferrer" attribute to the a tags.
In other cases, we can simply remove them and let the users discover
that a mouse has more than one button (we are in 2016, they can do it!)
Signed-off-by: Chris <chrisc@catalyst.net.nz>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This patch changes the Google jackets URL to use HTTPS instead of HTTP.
Test Plan:
1) Enable Google Jackets
2) Ensure the Koha OPAC instance is configued to use HTTPS
3) Confirm Google jackets display correctly.
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Adds a css class of thumbnail to local covers.
Don't show the 1px "No image found" image
(since we'll ususally try another image provider)
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Box with "No cover image availabe" fixed when syspref OPACLocalCoverImages
set to display
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
There is hidden text in "Checkouts" cells that prevent DataTables to
sort numerically.
This patch adds the 'title-numeric' sort plugin and use it in
opac-topissues.pl
Column 'Checkouts' in Home > Most popular items sorts as expected
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Add to Koha support for displaying Book cover requested to Coce, a
remote image URL cache:
https://github.com/fredericd/coce
With this enhancement, cover images are not fetched directly from
Amazon, Google, and so on. Their URL are requested via a web service to
Coce which manages a cache of URLs.
Three cover image providers are now available: Google Books (gb), Amazon
(aws), and Open Library (ol). Two system preferences enable this service:
- CoceHost - URL of Coce server
- CoceProviders - Ordered list of requested providers. For example
gb,aws,ol, will return the first available URL from those providers.
Several advantages to this architecture:
- If a book cover is not available from a provider, but is available
from another one, Koha will be able to display a book cover, which
isn't the case now
- Since URLs are cached, it isn't necessary for each book cover to
request, again and again, the provider, and several of them if
necessary.
- Amazon book covers are retrieved with Amazon Product Advertising
API, which means that more covers are retrieved (ISBN13).
Test plan:
- Apply this patch, and test with 'Bootstrap' themes
- You can verify that nothing has changed on OPAC result and detail
page, since new syspref haven't been filled
- Install Code: https://github.com/fredericd/coce
Or ask me directly for the URL of a Coce server
- In sysprefs, tab Enhanced content, modify:
CoceHost -- enter the URL of your Coce server
CoceProviders -- fill with: gb,aws,ol
- Do a search. On result page, and detail page, you will see cover
images originating from the 3 providers: fly over the image to see its
URL. Try to compare with a Koha with just GoogleJacket or Amazon cover
to confirm that you have more images. Verify that it's quick, and even
quicker for cached images URLs.
- Check that Browse Shelf functionnality works properly.
- The ID sent to Coce is EAN or ISBN. Try with various type of biblios. DVD
have often EAN, but no ISBN.
- You can try with those sysprefs:
CoceProviders: aws,gb
CoceHost: http://coce.tamil.fr:8080
and this EAN (or ISBN): 3333297517744
=> OPACAmazonCoverImages enabled doesn't display a cover because, it's a DVD
=> Coce find and display the DVD cover.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Amended patch: replaced 1 tab with spaces in C4/Shelfbrowser.pm
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
If you select items in your cart and choose to add them to a list, upon
completion of the transaction the pop-up window, which was originally
opened for the cart, is closed. Instead you should be returned to the
Cart view.
Test plan:
Confirm the expected behavior.
Confirmed.
Signed-off-by: Marc Veron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Also, fix useless "No cover image" block when using Amazon and local
cover images at the same time.
http://bugs.koha-community.org/show_bug.cgi?id=11982
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
The OpenLibrary JavaScript includes an untranslated string, "Preview."
This patch move the string to the template so that it can be translated.
To test, apply the patch and test that the translator picks up the
string:
1. From misc/translator run 'perl translate update [lang]' (e.g. de-DE)
2. Edit misc/translator/po/[lang]-opac-bootstrap.po and add a
translation for the updated "Preview" string
3. Remove the "#, fuzzy" marker from that entry
4. From misc/translator run 'perl translate install [lang]'
5. Enable the [lang] translation for the OPAC in system preferences
6. Enable the OpenLibraryCovers system preference.
7. In the OPAC switch to the [lang] translation.
7. View the detail page for a title for which there is an OpenLibrary
cover image. Below it you should see a preview link with the
translated string you added in step 2.
Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
To Test:
Use Google Indic Transliteration API to allow users to
transliterate english typed words into Indic languages.
http://git.koha-community.org/gitweb/?p=koha.git;a=commit;h=6ae7b60962e7d07aa00a45a7af692939a4ce7aa6
Signed-off-by: Frederic Demians <f.demians@tamil.fr>
I had been able to reproduce the bug (a regression), and I can confirm that
this patch fix it. But I had to create manualy GoogleIndicTransliteration
system preference, which doesn't exist in standard .pref file. It may be
necessary to add it. In my opinion, it shouldn't prevent to include this patch.
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Fixes a somewhat 'hidden' feature, no problems found.
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch implements the In-House Use feature for Koha.
It adds:
- 2 new sysprefs:
'In-House Use' to enable/disable this feature
'In-House Use Forced' to enable/disable the feature for *all* users.
- 2 new columns issues.inhouse_use and old_issues.inhouse_use
- Datatable on the circulation history pages (readingrec) at the OPAC
and the intranet.
A new checkbox in the Circulation tab. If checked, the issue become a
in-house use (in the statistics and issues tables).
When you check it, the due date changes to the today date.
The syspref "In-House Use Force" allows to force the in-house use to
permit the checkout even if the borrower is debarred or others problems.
In the issue table, a new string (in red) marks the issue as "in-house use".
The circulation history contains 3 tabs : "all", "checkout" and
"in-house use" (OPAC and intranet).
The cronjob script:
If AutomaticItemReturn if off, a library would like not to do a transit
operation manually. This script (to launch each night) do returns
for a specific branches.
Test plan:
1/ Execute the updatedatabase entry
2/ Enable the 'In-House Use' pref.
3/ Checkout a biblio for a patron and check the 'in-house use' checkbox.
4/ Check that the due date is the today date (with 23:59) and is not modifiable.
5/ Click on the check out button and check that the new check out
appears in the table bellow with the "(In-house use)" string.
6/ Go on the circulation history pages (readingrec and opac-readingrec)
and try the 3 tabs. In the last one, your last checkout should appear.
7/ Check in.
8/ Check readingrec pages.
9/ Choose a debarred patron and check that you cannot checkout a biblio
for him.
10/ Switch on the 'In-House Use Forced' pref
11/ You are now allowed to checkout a biblio for the debarred patron.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Re-add the system preference maxreserves.
All the code using maxreserves is still in place. Though it
is not used in the Reserves module, it is used in all the
scripts where holds are placed.
Also adds a check so that a borrower cannot exceed the maximum
number of allowed holds by using the multi-hold feature via
the opac.
Test Plan:
1) Apply this patch
2) Run updatedatabase
3) Set maxreserves to 3, set opactheme to bootstrap
4) Log into the opac as a patron
5) Place 3 holds
6) Attempt to place a 4th hold
7) Note you get an error message and cannot place a forth hold
8) Delete two of those holds
9) Attempt to place 3 or more holds as a multi-hold
10) You should see a warning that you cannot place this many holds
11) Try to anyway
12) You should see an alert to tell you to reduce the number of holds
you are placing.
13) Reduce the number for holds you are placing to 2
14) Your holds should now be placed
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch adapts a patch by Julian Maurice to prevent the main
cover image from getting duplicated if the shelf browser
is used.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
The goal of this theme is to provide a fully-responsive OPAC which
offers a high level of functionality across multiple devices with varied
viewport sizes. Its style is based on the CCSR theme, with elements of
the Bootstrap framework providing default styling of buttons, menus,
modals, etc.
The Bootstrap grid is used everywhere, but Bootstrap's default
responsive breakpoints have been expanded to allow for better
flexibility for our needs.
All non-translation-depended files are in the root directory of this new
theme:
css, images, itemtypeimg, js, less, and lib. Languages.pm has been
modified to ignore the new directories when parsing the theme language
directories.
This theme introduces the use of LESS (http://lesscss.org/) to build
CSS. Three LESS files can be found in the "less" directory: mixins.less,
opac.less, and responsive.less. These three files are compiled into one
CSS file for production: opac.css. "Base" theme styles are found in
opac.less. A few "mixins" (http://lesscss.org/#-mixins) are found in
mixins.less. Any CSS which is conditional on specific media queries is
found in responsive.less.
At the template level some general sturctural changes have been made.
For the most part JavaScript is now at the end of each template as is
recommended for performance reasons. JavaScript formerly in
doc-head-close.inc is now in opac-bottom.inc.
In order to be able to maintain this structure and accommodate
page-specific scripts at the same time the use of BLOCK and PROCESS are
added. By default opac-bottom.inc will PROCESS a "jsinclude" block:
[% PROCESS jsinclude %]
Each page template in the theme must contain this block, even if it is
empty:
[% BLOCK jsinclude %][% END %]
Pages which require that page-specific JavaScript be inserted can add it
to the jsinclude block and it will appear correctly at the bottom of the
rendered page.
The same is true for page-specific CSS. Each page contains a cssinclude
block:
[% BLOCK cssinclude %][% END %]
...which is processed in doc-head-close.inc:
[% PROCESS cssinclude %]
Using these methods helps us maintain a strict separation of CSS links
and blocks (at the top of each page) and JavaScript (at the bottom). A
few exceptions are made for some JavaScript which must be processed
sooner: respond.js (https://github.com/scottjehl/Respond, conditionally
applied to Internet Explorer versions < 9 to allow for layout
responsiveness), the _() function required for JS translatability, and
Modernizr (http://modernizr.com/, a script which detects browser
features and allows us to conditionally load JavaScript based on
available features--or lack thereof).
Another new JavaScript dependency in this theme is enquire.js
(http://wicky.nillia.ms/enquire.js/), which lets us trigger JavaScript
events based on viewport size.
I have made an effort to re-indent the templates in a sane way,
eliminating trailing spaces and tabs. However, I have not wrapped lines
at a specific line length. In order to improve template legibility I
have also tried to insert comments indicating the origin of closing tags
like <div> or template directives like [% END %]:
</div> <!-- / .container-fluid -->
[% END # / IF ( OpacBrowseResults && busc ) %]
TESTING
Proper testing of this theme is no easy task: Every template has been
touched. Each page should work reasonable well at a variety of screen
dimensions. Pages should be tested under many conditions which are
controlled by toggling OPAC system preferences on and off. A variety of
devices, platforms, and browsers should be tested.
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
