Some links still had category.
I propose we use explicit public=1 and public=0 when links to public/private are side by side.
Otherwise whe just use /cgi-bin/koha/opac-shelves.pl?op=list using default value 0.
Signed-off-by: David Nind <david@davidnind.com>
JK: Adjust commit title
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patchset moves the 'category' attribute for virtual shelves, that
takes values of 1 and 2 (private and public respectively) into a boolean
for public.
The DBRev is trivial, and the changes to the code are as well.
To test:
1. have some known public and private lists
2. Apply this patches
3. Run:
$ updatedatabase
=> SUCCESS: Public lists have public=1, private have public=0
4. Run:
$ kshell
k$ prove t/db_dependent/Utils/Datatables_Virtualshelves.t \
t/db_dependent/Virtualshelves.t
=> SUCCESS: Tests pass!
5. Try the feature in staff and OPAC
=> SUCCESS: All good
6. Sign off :-D
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds unit tests for the new route. All behaviors are tested:
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/biblios.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the required controller method.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This is a trivial change that is required to be able to embed patron
objects in the (old) checkout object.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the new route. It also tweaks the checkout object
definition to allow embedding the required related objects (for bug 29275).
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds helper methods for accessing current and past checkouts
for a given Koha::Biblio object.
To test:
1. Apply the unit tests
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Biblio.t
=> FAIL: Methods are not implemented
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This simple change renames the attribute in the item object API
representation.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/items.t
=> SUCCESS: Tests pass
2. Run:
$ git grep 'api/v1/items'
=> SUCCESS: The items routes are not (yet) used in Koha
3. Run:
$ cd koha-tmpl
$ git grep --name-only '"embed"'
=> SUCCESS: Only two templates are using embed.
4. Check:
- register.tt uses it to embed the manager, good
- parcel.tt uses it to embed items. Alert.
=> SUCCESS: parcel.tt only uses a count on items. No item_type involved.
5. Sign off
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch introduces a route to fetch items belonging to a biblio. It
is expected to return the 'public' representation of the Koha::Item
objects.
It is also enforcing the visibility rules, by using
Koha::Items->filter_by_visible_in_opac.
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/biblios.t
=> SUCCESS: Test pass and they cover all the cases!
3. Try your favourite REST tool against the new route.
4. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the query for randomly generated libraries
deterministic, thus getting rid of the random tests failures.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch reproduces what we did for `to_api_mapping`: make it always
present on Koha::Object classes. This has the side-effect of... making
things more secure!
Before this patch, if undefined, all attributes were returned.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch converts the code to use an allow-list as aposed to a
deny-list. This is more 'fail safe' than requireing maintanence of a
deny-list.
We also switch to using db fields names for the list as aposed to api
mapped names. This way, the list can be re-used for non-api related
sanitising if required.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch introduces a route to fetch a list of libraries or a single
library as expected on the /public namespace. It is expected to return
the 'public' representation of the Koha::Library objects.
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/libraries.t
=> SUCCESS: Test pass and they cover all the cases!
3. Try your favourite REST tool against the new route.
4. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the API authentication code stash the 'is_public' value
when public routes are hit.
This will be particularly useful to have $c->objects->search generically
pass this info down to the ->to_api method.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> SUCCESS: Tests pass! When a public route is reached, the controller
has the 'is_public' value stashed
3. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch introduces a way for Koha::Object(s)->to_api to filter out
attributes that require privileged access. It is done in a way that the
'public' parameter is recursively passed to nested objects in recursive
to_api() calls.
This way, Koha::Object-based classes can determine how they will render
depending on this parameter. For example, for implementing a
route for fetching an library looks like:
GET /libraries
The controller will look like:
my $library = Koha::Libraries->find( $c->validation->param('library_id') );
return $c->render(
status => 200,
openapi => $library->to_api
);
Implementing an unprivileged (public) route would look like:
GET /public/libraries/:library_id
The controller will look like:
my $library = Koha::Libraries->find( $c->validation->param('library_id') );
return $c->render(
status => 200,
openapi => $library->to_api({ public => 1 })
);
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Object*.t
=> SUCCESS: Tests pass (i.e. current behaviour is kept, new behaviour
passes the tests)
3. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch introduces routes to handle purchase suggestions, from the
staff POV.
Tests are added as well.
To test:
1. Apply this patches
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/suggestions.t
=> SUCCESS: Tests pass! And they are meaningful!
3. Play with your favourite REST tool (Postman?)
4. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
We must have the column in the table and let DT deal with the
visibility.
This patch hides the "Checked out by" column by default if
RecordStaffUserOnCheckout is off, but the DT column settings is aware of
its existence and the end user can still display the column.
IMO that's the most optimal situation considering both maintenance and ergonomic.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This commit adds the missing checked_out_by column to
columns_settings.yaml
Test plan:
- Follow the test plans in the bug description and note that the
symptoms are no longer seen
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch corrects the date field configurations for the suggestions
sidebar filter. These fields are now linked Flatpickr widgets instead of
jQueryUI datepickers.
To test, apply the patch and go to Suggestions.
- In the sidebar, click "Suggestion information" to expand the form.
- Test these linked date fields:
- "Suggested date from" and "to"
- "Managed date from" and "to"
- "Accepted by from" and "to"
- Each should trigger Flatpickr calendars which are linked, i.e. you
can't select a "to" date which is before a "from" date.
- Test that the dates submit correctly to filter as expected.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch changes the way certain serials search fields are hidden when
a standalone search of Mana is being performed (from the "Search on
Mana" link). Instead of targeting specific labels and inputs to hide we
can hide list items by class.
Unrelated: This patch updates the page heading so that it is different
depending on whether you're searching Koha subscriptions or Mana
subscriptions.
To test, apply the patch and enable Mana.
- Go to Serials -> Advanced search (in the search header).
- The search form should include all fields, including call number,
vendor, library, location, and "Expires before."
- Click "Search on Mana" in the sidebar.
- This page should have the heading "Mana subscriptions search," and
there should only be three fields visible: ISSN, Title, and Publisher.
- When you perform a Mana search which returns results the page should
have the heading "Mana subscriptions (X found).
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds comments to the template to highlight the markup
structure.
This patch should have no effect on the page's appearance or
functionality.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates the serials search template to give it consistent
indentation.
The patch also moves one section of markup: The <tfoot> section is moved
to after <tbody> in order to conform to current standards.
To test, apply the patch and go to Serials -> Search subscriptions (in
the header).
- Serials search should work correctly and the page should look correct.
- With Mana enabled, click on the "Search on Mana" link in the sidebar.
- Searches of Mana should work correctly too.
- If you view the diff while ignoring whitespace the only changes should
be the move of <tfoot> and places where line breaks were introduced.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The objects.search helper provides convenient ways to paginate and a 'q' filter parameter to build complex queries on this Koha::Objects-based routes.
Some routes were created prior to this feature getting introduced. We need to adjust the parameters for all existing objects.search-based routes.
This patch adds that.
The only GET (as in list) routes that would still be missing the
parameters are those about ILL, that are not objects.search based, and
probably need to be rewritten.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Add the 22.05 release team.
Test plan
1/ Check against
https://wiki.koha-community.org/wiki/Release_Teams
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
.hidden get the CSS that interferes with DT behaviour
.hidden {
display: none !important;
}
Test this patch with bug 28859.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 26234 allowed to remove the different classes we use in aoColumnDefs
for sorting columns of table using DT.
However there is a terrible mistake, the merge of existing aoColumnDefs
array with the default one is totally wrong:
$.extend(true, new_parameters, default_column_defs);
When we actually wanted to do:
$.extend(true, new_parameters["aoColumnDefs"], default_column_defs);
But it's still wrong, extend is doing a deep copy and the array will be
replaced by the other one, whereas we want to append.
We want to merge default_column_defs with the existing aocolumnDefs,
this patch is doing it explicitely.
This bug only exists when there is an existing aocolumnDefs.
See commit d3f3a55e0b
It happens on:
* cataloguing/z3950_search.tt
* reports/guided_reports_start.tt
* serials/subscription-detail.tt
* opac-course-reserves.tt
* opac-detail.tt
However this bug has been hidden as we have in master related bug from
bug 27945, which removes title-string.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch removes an early short-circuit we had, which wasn't correct
regarding the OpacPasswordChange syspref. If a patron category is
allowed to change password, it overrides the syspref.
To test:
1. Tests still pass.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the public API routes validate
$user->category->effective_change_password before allowing the change.
To test:
1. Apply the regression tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons_password.t
=> FAIL: Tests fail, it allows the first change instead of returning
403.
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch introduces regression tests for the described bug.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons_password.t
=> FAIL: Tests fail, excepted failures are considered success
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Koha::AdditionalContents->search_for_display needs to filter to just
items with a 'null' branchcode if no library_id is passed.
Test plan
1/ Add some additional content blocks that should display only for
specific branches.
2/ Navigate to the OPAC and note that blocks display for all libraries
prior to login
3/ Login to the OPAC and note that now you only see you users library
block
4/ Apply the patch
5/ Repeat steps 2 and 3 and note that now you see only the 'All
libraries' blocks display prior to login and that 'All libraries' +
'Your users library' blocks appear after login.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds unit tests to ensure we do not leak branch specific
addtional contents blocks outside of logged in sessions (i.e. where a
users branch is not yet set).
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Temporary patch to help trying to fix the following random error:
# Failed test 'Item types should be sorted by description and an empty entries should be shown'
# at t/db_dependent/Koha/UI/Form/Builder/Item.t line 121.
# Structures begin differing at:
# $got->[12] = 'Be9T9FH5aO'
# $expected->[12] = 'REF'
# Looks like you failed 1 test of 2.
# Failed test 'itemtypes'
# at t/db_dependent/Koha/UI/Form/Builder/Item.t line 130.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
