Commit graph

9701 commits

Author SHA1 Message Date
917ec3700e Bug 13618: Manually replace missing .raw
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:10 +00:00
dd9e978c2c Bug 13618: Fix BLOCKs
perl -p -i -e  's/BLOCK \| html/BLOCK/g' **/*.inc **/*.tt

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:09 +00:00
10c154353f Bug 13618: Remove html filters for HtmlTags
We will have to make sure this filter (HtmlTags) is not used with
unsafe variables.

Generated by:
perl -p -i -e 's/HtmlTags tag([^\|]*)\| html -%]/HtmlTags tag\1-%]/g' **/*.tt **/*.inc
perl -p -i -e 's/HtmlTags tag([^\|]*)\| html %]/HtmlTags tag\1%]/g' **/*.tt **/*.inc

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:08 +00:00
Mark Tompsett
f8e0d905ff Bug 15717: Installer: Step 3 has <br /> showing
The step to install optional/mandatory things is broken with
many <br />'s instead of line breaks.

TEST PLAN
---------
1) Back up database
2) Drop database
3) Create empty database
4) Run web installer
   -- Notice that step 3 has ugly <br />'s at the last
      part of step 3.
5) Apply patch
6) Repeat steps 2-4
   -- Notice the <br />'s are now nice line breaks.
   NOTE: No promises of perfect positioning!
7) Run koha qa test tools.

Joubu: I have no idea if this is still needed. TO TEST

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

https://bugs.koha-community.org/show_bug.cgi?id=13618

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:08 +00:00
fd9ea323fe Bug 13618: Escape patron's attributes - do we want that?
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:08 +00:00
Jonathan Druart
dcd1f5d48c Bug 13618: Add html filters to all the variables
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.

This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.

To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags

- Remove them from borrower_debarments.comments (there are allowed here)
update  borrower_debarments set comment="html tags possible here";

- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)

Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-17 15:55:05 +00:00
bce549bc4c Bug 21226: Remove xISBN services
OCLC has decided to retire all xISBN services:
https://www.oclc.org/developer/news/2018/xid-decommission.en.html

The code for related features has to be removed from Koha.

Test plan:
You need to be familiar with the different sysprefs (I am not):
- FRBRizeEditions
- SyndeticsEnabled
- SyndeticsEditions
- ThingISBN

Make sure there are no regressions introduced by this patchset.

QA Note: C4/XISBN.pm should be renammed

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-16 13:20:22 +00:00
644de1c4e7 Bug 21222: (bug 20226 follow-up) Fix patron creation
Since bug 20226 you cannot longer creation a patron, memberentry.pl will
explode with
Template process failed: undef error - DBIC result _type  isn't of the
_type Category at /home/vagrant/kohaclone/koha-tmpl/intranet-tmpl/prog/en/includes/str/members-menu.inc
line 22.

The problem is that "patron" is actually defined and the test in
str/members-menu.inc does not work as expected.

It comes from
  commit 7b1d08df0f
  Bug 19936: Replace Generate_Userid - Update the occurrences
where I needed $patron to be defined in order to use Koha::Patron->generate_userid
on an blessed object.
But this was actually wrong, as it could have side-effects.

Test plan:
Create a new patron
Edit it
Retest bug 19936 and make sure the userid is generated correctly in the
different situations

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-16 13:19:54 +00:00
4ae91ba263 Bug 21112: Re-indent staff client cart template
This patch reindents the template for the staff client cart, basket.tt

- Trailing spaces removed
- Indentation changed to a consistent 4 spaces
- Markup indentation made more consistent

To test, apply the patch and add multiple items to the cart in the staff
client.

View the cart and confirm that it looks as it should both in the "brief"
and "more details" views.

HTML validation before and after the patch should return the same
results.

Signed-off-by: DEVINIM <kohadevinim@devinim.com.tr>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 12:49:17 +00:00
889f148e4e Bug 21137: Replace USER_INFO with logged_in_user
This patch set does several things:
- it removes USER_INFO and BORROWER_INFO
These 2 variables contained logged-in patron's info. They must be
accessed from logged_in_user
- Use patron-title.inc for the breadcrumb at the OPAC, for consistencies

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 12:43:10 +00:00
Jenny Way
484067b228 Bug 18236: MARC21 - Add classes to material type on intranet detail and results pages
Test plan:
1. Open a list of results
2. Use fn+f12 to inspect element
3. Without patch it should show that the image class is 'materialtype'
4. With patch there will be an additional class
-Books = mt_icon_BK
-Kit = mt_icon_MX
-Article = mt_icon_AR
-Continuous resource = mt_icon_CR
-Mixed material = mt_icon_MX
-Computer files = mt_icon_CF
-Map = mt_icon_MP
-Music = mt_icon_MU
-Sound = mt_icon_MU
-Score = mt_icon_PR
-Visual material = mt_icon_VM

OR
1. Try using the classes in css to change the style

-When viewing the details of a record, the material type img should also have the
same changes
-Check that the material type classes in the results page is the same as
the details page

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
I've squashed the patches to make chanes easier readable.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 12:37:19 +00:00
3aef9a158b Bug 21121: Added new system preference to control hiding of personal patron information in the circulation page
Libraries may want to hide personal patron data from the circulation
page for privacy reasons this syspref introduces that ability for
library staff to control the display of this data themselves without
having to ask support vendors to hide it for them.

Test plan:
1. View circulation page and input a patrons barcode or name
2. Notice if the patron has a phone number, email, street address and
   city set then these are displayed in the left hand side of the screen
   under the patrons name. Otherwise if all/any of these fields are not
   set for the patron then the text: "No <datafield> stored." is
   displayed.
3. Apply this patch
4. Run ./updatedatabase.pl from the Koha shell to run the atomicupdate
5. Restart memcached and plack
6. Notice a new systempreference named
   'HidePersonalPatronDetailOnCirculation' has been added, which has the
   default value 'Dont'
7. Without changing the default value notice the personal patron
   information is still displayed on the circulation page
8. Change the value of the syspref to 'Do' and now notice the phone
   number, email address, street address and city are now hidden in the
   circulation page

Sponsored-By: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 12:23:22 +00:00
81431ee28a Bug 20226: Centralize update child code (CATCODE_MULTI)
Code and variables to deal with the update child feature are not
centralized but copied/pasted in several scripts. Which leads to issues
obsviously (bug 20805 for instance).

Moreover the strings used by the templates are also in several template
files (or .inc)

To deal with that this patch introduces the idea to create 1 .inc file
per .js file
Here we have members-menu.inc for members-menu.js

Test plan:
- Remove all your adult categories (categories.category_type='A')
- Create a patron with a child category
- Try to update to adult category
=> The entry does no longer appears! (This is a change in the behaviour)
- Create one adult category
- Update to adult category
=> There is a JS confirmation message, if you accept the patron will
be updated to the adult category
- Create (at least) another adult category
- Create another child
- Update to adult category
=> No more confirmation message but a popup to select the adult category
- Pick one
=> The patron has been updated to the adult category

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 11:58:26 +00:00
2280877fdd Bug 21164: Fix alignment on new basket form in acquisitions
This patch removes some unnecessary "&nbsp;"'s from the template for
creating a new basket in acquisitions. This fixes the alignment on the
form fields.

To test, apply the patch and go to Acquisitions -> Vendor -> New basket.
All the form fields should be correctly left-aligned with each other.

Signed-off-by: Pierre-Luc Lapointe <pierreluc.lapointe@inLibro.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 11:45:41 +00:00
ad0f90b797 Bug 21185: Incorrect title tag on tags review page
This patch corrects the title tag on the tags review page.

To test, apply the patch and go to Tools -> Tags. The page title
(probably shown in the browser tab) should start with "Koha ->" instead
of "Home ->".

Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 11:44:23 +00:00
cacb576890 Bug 21208: Fix housebound deliverer/chooser names
When creating a housebound visit, the names of the chooser and deliverer are the
same as the housebound patron (even though the housebound patron does not have
chooser and deliverer roles).

It has been caused by:
  commit 5f80977875
  Bug 18403: Use patron-title.inc when hidepatronname is used
patron-title.inc now starts looking for a variable named "patron", which exists in
members/housebound.
A better fix could be to renamed this "patron" variable tested by
patron-title.inc, but at first glance it's the only place this issue
exists.

Test plan:
1- Make sure HouseboundModule is enabled in system preferences
2- Go to a patron file (Patron A)
3- Edit this patron's housebound roles to Chooser
4- Go to another patron file (Patron B)
5- Edit this patron's housebound roles to Deliverer
6- Go to a third patron's file (Patron C)
7- Go to the Housebound tab
8- Fill out the housebound profile for Patron c
9- Click on "Add a new delivery"
10- Fill out day and time
11- Check the Chooser drop down
12- Check the Deliverer drop down
13- Save the delivery
14- Notice the Chooser and Deliverer names are correct
15- Click on the name of the Chooser, it goes to Patron A's file
16- Go back and click on the name of the Deliverer, it goes to Patron B's file

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-14 11:37:00 +00:00
392e0ca8f1 Bug 20997: Replace missing credit_applied with 'Credit Applied'
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 12:30:36 +00:00
91c1acd6bb Bug 20997: Add new offset type
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 12:30:35 +00:00
ff21352a4a Bug 20661: Shortcut circ scripts if a blocking error appeared
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
No test plan found ;)
But tested bookcount and request-article.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 12:23:03 +00:00
985eb92914 Bug 20647: (alternate) When ILL is enabled the hover effect on the ILL requests button is wrong
This alternate patch adds a new icon to the sprite image which gives
icons to the link on the staff client home page. It modifies the CSS
positioning for all the links as the new image sprite is somewhat
different.

The SVG file from which the sprite image was generated is also updated,
and the about page has been updated to give credit to the creator of the
icon.

Unrelated change: The cataloging link is moved to the second column.
Although it's probably rare for all modules to be enabled and available,
this puts the same number of links in each column.

To test, apply the patch and clear your browser cache if necessary. With
interlibrary loan enabled, view the staff client home page and confirm
that all the module links look correct, including when you hover your
mouse over them.

Confirm that the about page lists the new icon under the "licenses" tab.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:38:12 +00:00
12ff371728 Bug 7143: Update about page for new dev - Vassilis Kanellopoulos
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:21:00 +00:00
Vassilis Kanellopoulos
2acbee523f Bug 15136: Add homebranch of borrowed items to patron accounts tab
Test plan:
1 - View the accounts tab for a patron with fines
2 - Note there is no homebranch displayed to see where charges came from
3 - Apply patch
4 - Reload the page and note that you see the 'Home library' column

Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Followed the test plan and it works.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:13:50 +00:00
15fd90dcbc Bug 19633: Use alphanumeric error codes in upload
The error codes 1 to 7 are used in Uploader.pm or tools/upload.pl.
It would be nice to use alphanumeric codes instead.
No behavior change expected.

Test plan:
[1] Run t/db_dependent/Upload.t
[2] Verify that a regular upload with tools/upload.pl still works.
[3] Rename upload_path in your koha-conf.xml. Restart Plack, flush the cache
    and try to upload to a category. Correct error message?
[4] Upload the same file twice to the same category.
    Correct error message the second time?

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Bug 19633: (QA follow-up) Really remove these ugly numbers

See BZ comment5. We now remove the numbers also from the constant names.

Test plan:
Read the changes.
Git grep "ERRCODE_"
Run t/db_dependent/Upload.t (Note: You may see one failure here; it is fixed
on bug 20727. So depends on who reaches master first.)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:10:46 +00:00
6ff01e3543 Bug 20468: (QA follow-up) Deactivate select/clear all for empty tab
This only pertains to the second (Processing) tab.

Test plan:
[1] Have one entry in Pending and zero in Processing.
[2] Click on Processing tab.
[3] Without this patch, you would see Select all/Clear all.
    With this patch, you won't.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:00:57 +00:00
db6fc9f024 Bug 20468: (follow-up) Cancel multiple items for same reason
The repeated prompts for cancelling multiple selected items are
confusing.
The wording is slightly adjusted. The reason is asked only once per
group of selected items.

Test plan:
Create three requests.
Select two requests and cancel (from top menu) for reason A.
Cancel third request (from item menu) for reason B.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:00:56 +00:00
436f4b9e0e Bug 20468: (follow-up) Changes to checkbox/menu interactions
This patch makes a couple of minor interface changes and updates the way
checkbox change events are handled:

 - jQueryUI tabs initialization sets a variable for "active table" which
   can be re-used by functions which affect only the visible table.
 - The batch "Actions" menu is shown or hidden based on whether there
   are checked items.
 - The item selection tools are shown or hidden based on whether there
   are rows in the table.

To test, apply the patch and test various article request actions:

 - Single "process," "complete," and "cancel" operations.
 - Select all/ clear all operations on both tabs.
 - Batch operations with checked requests.
 - Process all pending requests to confirm the selection controls for
   that table are hidden.
 - Complete all processing requests to confirm the selection controls
   for that table are hidden.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:00:56 +00:00
0989d37c23 Bug 20468: Add multi-select to staff article request form
Adds a column with a checkbox. Adds buttons under the table for Select,
Clear and Actions menu.
An additional javascript function HandleMulti is placed between the form
and the functions handling individual requests.

Note: The Actions menu below does not contain Print slip. This does not
work in its current form. This could be handled on a separate report.

Test plan:
[1] Enable Article Requests. Add a few requests.
[2] Test the Select all / Clear all functionality on the form.
[3] Verify that the menu options Process, Complete and Cancel work as
    expected both from the individual Actions menu as from the shared
    Actions menu for selected requests.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Patch applies and functions as described.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-10 10:00:56 +00:00
574bc788ab Bug 19474: (RM follow-up) Compiled css
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 15:16:42 +00:00
5b6dfd86ac Bug 19474: (follow-up) Bring scss up to date with latest CSS changes
This patch catches the scss up to the latest changes in master:

Bug 19946
Bug 20045
Bug 20343
Bug 18327
Bug 20322
Bug 18799
Bug 20622
Bug 20329
Bug 20744
Bug 20931
Bug 20793
Bug 20651
Bug 20668
Bug 16575
Bug 19166
Bug 20770
Bug 21163
Bug 20779

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 15:12:21 +00:00
5b35c97a84 Bug 19474: Convert staff client CSS to SCSS
This patch converts staff-global.css to Sass, using SCSS syntax. This
changes the build process for Koha to include installation and execution
of yarn to install npm dependencies and run SCSS -> CSS conversion.

To test, apply the patch and run the following:

$ sudo apt-get install nodejs npm [not necessary in kohadevbox]
$ sudo npm install -g yarn
$ yarn install
$ yarn build

Clear your browser cache if necessary and confirm that CSS styling
throughout the staff client looks correct.

The "yarn build" command triggers a gulp process which compiles SCSS to
CSS, adds automatic vendor-prefixing, and minifies the resulting CSS
file.

There is also a "yarn css" command available which might be used by
developers who are making changes to SCSS. This command does two things
differently:

1. Adds .css.map files which aid CSS debugging using in-browser
   inspector tools.
2. Compiles staff-global.css without minification. It can be useful to
   see unminified CSS during development, especially to see how SCSS
   compiles.

This patch adds a configuration file for sass-lint, .sass-lint.yml.
Currently this configuration is not used during the build process but
can be used in a code editor which supports linting.

Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 15:12:20 +00:00
5260482a61 Bug 20779: Style refresh for patron detail page
This patch makes style and markup changes to the patron detail page
template in order to make the display of information somewhat more
compact and to increase the visibility of the edit controls.

To test you should enable the patronimages system preference. Apply the
patch and view the detail page for a patron.

- Check that the page looks correct and that sections like "Alternate
  address" and "Alternative contact" are empty when there is no data.
- Check that the "Manage patron image" tool works correctly.

Signed-off-by: Cab Vinton <director@plaistowlibrary.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 12:05:07 +00:00
1b43cab3dd Bug 21132: Highlight active filters on saved report page
This patch adds a more obvious way of see which search terms have been
submitted to filter the table of saved reports.

The patch also moves embedded CSS into a separate file.

To test you should have multiple saved reports.

- Apply the patch and go to Reports -> Use saved.
- Filter the table of reports by submitting one or more terms in the
  sidebar "Filter" form.
- Confirm that the terms you submit are shown at the top of the table of
  results.
- Confirm that clicking the "Clear" link clears the search filter.

Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Followed the test plan and it works.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 11:41:53 +00:00
9d4c735061 Bug 20828: Step 4 of moremember is used for Housebound and additional attributes
This patch modifies the patron edit process so that "Housebound roles"
can be edited as a separate step.

To test, apply the patch and open an existing patron's detail page
(moremember.tt). Test the "edit" links for 'Housebound roles' and
'Additional attributes and identifiers' and confirm that each opens its
own edit page, and saving changes works correctly.

Signed-off-by: Cab Vinton <bibliwho@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 11:28:58 +00:00
f4cf075fbe Bug 21131: Remove the TinyMCE.isDirty() check that caused unexpected behaviour
When using the WYSIWYG editor for system preferences, the editor only
updates the textarea element if the content is different from the
original content. This means if you change a system preference and
then change it back to the original content, the textarea will have
the 2nd last change you made.

This patch removes the TinyMCE.isDirty() check, which was responsible
for comparing the original and changed content. Every input/keydown/dragend
or TinyMCE command will cause the textarea element to be updated and
trigger the input event which causes the "modified" class to be added
to the element, so that the system preference can be saved.

__TEST PLAN__

_Before applying_
0. Change "UseWYSIWYGinSystemPreferences" to "Show"
1. Change "opaccredits" to "123a"
2. Click "Save all OPAC preferences"
3. Reload the page
4. Change "opaccredits" to "123"
5. Change "opaccredits" to "123a"
6. Click "Save all OPAC preferences"
7. Reload the page
8. Note that "opaccredits" says "123"

_Apply the patch_

_After applying_
1. Change "opaccredits" to "123a"
2. Change "opaccredits" to "123"
3. Click "Save all OPAC preferences"
4. Reload the page
5. Note that "opaccredits" says "123" (and not "123a")
6. Change "opaccredits" to "1234"
7. Click "Save all OPAC preferences"
8. Reload the page
9. Note that "opaccredits" says "1234"

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 11:11:22 +00:00
e8e29d3140 Bug 21141: Handle non-existent itemnumbers in batch item modification/deletion
The itemnumber list passed from a file in the batch item
modification/deletion tools is not tested.
Like barcodes we should make sure they refer to a valid items in the DB.

Test plan:
- Create a file with barcodes, itemnumbers and random lines
- Use the batch item modification and deletion tools with this file
You should see a table with a list of invalid barcodes and itemnumbers.

Without this patch you got the following error:
Can't call method "title" on an undefined value at
/home/vagrant/kohaclone/tools/batchMod.pl line 580

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 10:54:54 +00:00
6e7fd12214 Bug 21050: Fix datepickers on LabelItemSearch
calendar.inc must be in the jsinclude block when jsfooter is set

Test plan:
- Open or create a label batch.
- Click "Add items" to trigger the pop-up search window.
- Date picker should work now

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 10:47:07 +00:00
62aacb5865 Bug 21148: Dropdowns styled by the Select2 plugin do not highlight missing required fields
This patch adds some CSS to target mandatory fields on the add item
screen which are styled by the Select2 plugin.

To test you must have at least one item field marked mandatory and
linked to an authorized value.

Open the add item form for an existing record. Try to submit the form
without making a selection in the mandatory dropdown. You should get an
alert warning you that you have empty mandatory fields, and the field
should be highlighted in yellow.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-09 10:44:31 +00:00
70bfac5ce5 Bug 7143: Update timeline (2 new devs)
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-08 21:25:50 +00:00
b25c063f95 Bug 21048: Fix display of suggestion's status (SUGGEST_STATUS)
When a suggestion's status is set to a customized value (AV
SUGGEST_STATUS), the description is not always displayed correctly.

Test plan:
- Create different values for the AV SUGGEST_STATUS
- Create several suggestions
- Change the status using the SUGGEST_STATUS values
- Edit the suggestion and change again the status
- View the suggestions for a given patron
(members/purchase-suggestions.pl?borrowernumber=XX), the statuses must
displayed correctly

Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-08 20:58:23 +00:00
4b9021895a Bug 21041: "Merge patrons" button remains disabled with "Select all" option
This patch modifies the JavaScript functions for the select all/clear
all links so that each action triggers the "change" event, required to
enable or disabled the "merge selected patrons" button.

To test, apply the patch and perform a patron search which will return
multiple results.

 - Test the "select all" and "clear all" links, and confirm that the
   "Merge selected patrons" button is enabled and disabled.
 - Test that checking and unchecking multiple checkboxes still works
   correctly to enable and disable the button.

Signed-off-by: Pierre-Luc Lapointe <pierreluc.lapointe@inLibro.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-08 20:52:31 +00:00
Katrin Fischer
039d10044c Bug 21151: Fix SRU search fields mapping pop-up
The SRU search fields mapping pop-up comes up as a blank white
page.

To test:
- Go to Administration > Z39.50/SRU servers
- Modify or create an SRU server
- Click on the 'Modify' button to change mappings
- Verify the new window that opens is blank
- Apply patch
- Verify the pop-up now is no longer blank but works
  correctly.

Bonus: Spottd some HTML errors while looking for the
       problem. Also fixed in the patch.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-08 20:51:25 +00:00
838c8ea5ff Bug 19436: (QA follow-up) see 19608 Fix use of intranet-bottom in template
Bug 19608 incorrectly replaced intranet-bottom by popup-bottom.
Adjusting the new template in the same way.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-08 20:51:13 +00:00
Matthias Meusburger
7baa452a6a Bug 19436: Add SRU support for authorities
Test plan:
 - Apply the patch
 - Add an SRU authority server in admininistration -> Z39.50/SRU servers
   You can try with the French national library, configured as such:
   Hostname: catalogue.bnf.fr
   Port: 80
   Database: api/SRU
   Syntax: Unimarc
   Record type: authority
   Additional SRU options: version=1.2,sru=get
   SRU Search fields mapping example:
	Keyword (any): aut.anywhere
	Name (any): aut.anywhere
	Author (any): (aut.type any "pep org") and aut.accesspoint
	Author (personal): aut.type=pep and aut.accesspoint
	Author (corporate): aut.type=org and aut.accesspoint
	Author (meeting/conference): aut.type=org and aut.accesspoint
	Subject heading: (aut.type any "geo ram_nc ram_ge ram_pe ram_co") and aut.accesspoint
	Subject sub-division: aut.type=ram_pe and aut.accesspoint
	Title (any): (aut.type any "tic tut tum ram_tp ram_tu") and aut.accesspoint
	Title (uniform):(aut.type any "tut tum ram_tu") and aut.accesspoint

 - Try a search from Authorities -> New from Z39.50/SRU
 - Check that the authority is correctly displayed in "Show Marc"
 - Check that the authority is correclty added to koha in "Import"
 - prove t/db_dependent/Breeding.t

Signed-off-by: François Pichenot <fpichenot@ville-roubaix.fr>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-08 20:31:34 +00:00
76603cc6b0 Bug 21163: Basket group detail page layout is broken
This fixes a problem with layout of the page when viewing a closed
basket group. Changed the grid options for basket information when a
basket group is closed.

To test, apply the patch and go to Acquisitions -> Vendor -> Basket
groups. You should have multiple baskets and basket groups to test with.

- Edit an open basket group. The layout should look correct, with basket
  group information in the form in the left column and ungrouped basket
  in the right column. Grouping and ungrouping baskets should work
  correctly.
- View a closed basket group. The basket group information should
  display in a single column that spans the main part of the page.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-08 20:27:36 +00:00
Andrew Isherwood
552873f7d4 Bug 20770: ILL loans OPAC form notes field allow arbitrary input
This patch addresses the lack of sanitization of the "notes" field on
the OPAC "View Interlibrary loan request" page.

To test:

- Apply the patch
- As an OPAC user, create an ILL request
- Navigate to the request's "View Interlibrary loan request" page
- Add the following note:

  Hello
  <h1>TESTING</h1>
  <script>alert('pwned');</script>

- Click "Submit modifications"
- TEST: Observe, when the page reloads, only the following is preserved in the
"Notes" textarea:

    Hello
    TESTING

- As a staff user, naviate to the ILL requests table
- Select "Manage request" for the request you created
- TEST: Observe that the Notes field only contains:

    Hello
    TESTING

- TEST: Observe that no Javascript alert is displayed

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2018-08-02 10:22:02 -03:00
Katrin Fischer
2f94da74c5 Bug 11911: (follow-up) Hide suggestion box on acq start page if no permission
When the user is not superlibrarian or has the manage_suggestions
permission, the suggestion box on the left of the acq start page
needs to be hidden.

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-23 15:34:21 +00:00
Katrin Fischer
b8a2365a34 Bug 11911: Add a separate permission for managing suggestions
Without this patch only catalogue permission was required
for managing suggestions. This patch adds a new permission
in the acquisition module do manage suggestions and updates
staff user permissions accordingly.

To test:
- Make sure there is a pending suggestion
- Create a few users with different permission sets:
  - User 1: only catalogue
  - User 2: any acquisition permission
  - User 3: cataloguing permission
- Check all of them can access: /cgi-bin/koha/suggestion/suggestion.pl
- Apply the patch
- Verify all of them now have the suggestions_manage permission
- Verify everything displays correctly on:
  - intranet start page
  - patron account in staff
  - acquisition start page
  - suggestion page (try to access by URL too)
- Remove suggestions_manage for a staff user
- Repeat tests above, access should be denied/links not visible

Bonus:
- Fixes the link on the acquisition start page for late orders
  to mage the permissions of the page itself: order_receive

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-23 15:34:20 +00:00
d90ff21454 Bug 17698: Do not send pending_checkout_notes from all circ scripts
It's safer to send what we need from C4::Auth it's needed from a whole
module.
The SELECT COUNT(*) query will only be done when needed (so not made
from scripts outside of circ)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-23 15:23:44 +00:00
419470d3cd Bug 17698: (QA follow-up) few more things
1. body tag was missing
2. make "Date" column sortable correctly
3. remove CDATA and type="text/javascript"
4. Handle server-side errors

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-23 15:23:43 +00:00
Aleisha Amohia
ac00c7a30d Bug 17698: (follow-up) Fixing things in Comment 57
3. In the JS console: "ReferenceError: $ is not defined", I did not
investigate it.

Where do you see this in the console? I cannot recreate on opac-user.pl
or on circ/checkout-notes.pl.

5. The alert id=error is displayed then hide in JS, but it's then
displayed half a second. We should hide it by default (css)

Fixed in this patch

6. I would move the "mark seen" and "mark not seen" buttons at the
top of the table

Fixed in this patch

8. Cursor on "Select all" and "Clear all" links must be adjusted

Fixed in this patch

9. $(".btn-xs").click(function(event){
The selector should be $("button.seen, button.notseen"), you
do not want to apply this function to all other btn-xs on
the page (maybe there are only two for now, but who knows
later?)

Fixed in this patch

12. Important: When a note is updated, it's still marked as
seen. Is it the expected behavior?

I don't see this behaviour. When a note is updated it is
marked as not seen.
opav/svc/checkout_notes:79: $issue->set({ notedate =>
dt_from_string(), note => $clean_note, noteseen => 0
})->store;

13. What will happen when hundred of notes will be on this
table? Not blocker but we will need a "hide seen" buttons to
filters the already seen notes.

Added in this patch

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-07-23 15:23:43 +00:00