Fix bad conflict resolution with bug 29648.
Test plan:
Confirm that the "Columns" button is displayed on the patron result view
and that it works as expected.
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
As talked with Martin, this patches were originally developed before we
added the modals/ and str/ dirs, but we need to align it with current
way of doing it. This patch does that.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the renewals modal to correctly format the staff
member who renewed the checkout.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Quieting an issue highlighted by the QA tool.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the display of the renewals modal when appropriate. A
"View" link is displayed next to renewals count where appropriate.
Clicking the link opens the modal that displays the logged renewals.
Sponsored-by: Loughborough University
Signed-off-by: Myka Kennedy Stephens <mkstephens@lancasterseminary.edu>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com>
Signed-off-by: Ben Veasey <B.T.Veasey@lboro.ac.uk>
Rescued-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
I rescued this patchset by squashing previous work and updating it to
utilise the new renewals API routes introduced in bug 30275.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
1) Turn on recalls
1.1) In Administration > Global system preferences, enable UseRecalls
1.2) Add recalls permissions in your circulation rules
2) In the OPAC, log in as a patron
3) Find a record with checked out items and place a recall
4) In the staff interface, go to the patron's account
5) Click on any tab on the left in the patron's account (e.g. Holds history)
--> Note that the Koha logo and search bar is at the top of the page between the module menu and the breadcrumbs
6) Click on the 'Recalls history' tab
--> Note that the Koha logo and search bar disappear
7) Apply patch
8) Conform search bar is there
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes the circ/ysearch.pl script used by the jQuery autocomplete widget.
We can now use the /api/v1/patrons endpoint to retrieve the patrons and
generate the patron result list.
Prior to this patch the different occurrences were defining the style
and the list of patron's attributes to display for each option (name,
date of birth, age, address, etc.). Now they are all displaying the same
information.
To acchieve this we had to:
* Make js-date-format.inc and js-patron-get-age.inc available from js_includes.inc
and so available from everywhere, which is certainly a good move. We
could discuss why this code is in include file instead of JS files
however.
* Remove the .ajaxSetup call in tags-review.js to reduce its scope: an
underscore parameter was added to the REST API query (?)
A better solution would have been to extend the existing widget
(https://learn.jquery.com/jquery-ui/widget-factory/extending-widgets/)
but I didn't manage to do it, and I feel like there is a bug in jQuery
autocomplete. The "source" was not taken into account.
We could think about replacing the jQuery autocomplete with something
else, but that's outside the scope of this bug.
Test plan:
Search for patrons and confirm the autocomplete works and that the
"select" action works as before (either a redirect or select the
patrons) on the different views:
* Place a hold
* Search for tags (form on the left)
* In the header, "Check out" and "Search patrons"
* Add instructors to course reserves
* View logs (the "librarian" input)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the alternation of BundleLostValue to enable the return
claims functionality when Bundles are enbled.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
In input fields we always use the decimal . while the display format
uses the decimal separtor definded by CurrencyFormat. When adding a
manual invoice without this patch, the amount is shown with comma, but
it should be . in the input field.
To test:
1- Go in Administration->Debit types
2- Click on New debit type
3- Fill the form:
Code: USEDBOOK
Default amount: 0.50
Description: Used book
Can be manually invoiced: Yes
4- Save
5- Go to any patron account
6- Go to the "Accounting" tab
7- Click on "Create manual invoice"
8- Fill the form
9- Choose the created debit (Used book)
10- Verify that the format is incorrect (0,50 instead of 0.50)
11- Apply the patch
12- Verify the amount is now using the correct format
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Rename the issues.renewals field to renewals_count to prevent a method
name collision with the new relation accessor introduced by this
patchset.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The C4::Suggestions::SearchSuggestion subroutine is badly written and
can be replaced by calls to Koha::Suggestions->search.
The hard part in this patch is suggestion.pl, the other occurrences have
been replaced easily.
Test plan:
The idea is to test the whole suggestion workflow.
1. Create a suggestion on OPAC
2. Create a suggestion on the staff interface
3. Edit suggestions
4. Filter suggestions (use the different filters and "organize by"
values)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: Remove SearchSuggestion tests
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: (QA follow-up) Save some DB queries
This patch makes the suggestion-related pages rely on array size instead
of querying the DB each time they need to. In the case of
suggestion/suggestion.pl it goes from 4 COUNT(*) to 1.
To test, with KTD:
1. Run on the host machine:
$ docker exec -ti koha_db_1 bash
$ mysql -ppassword
> SET GLOBAL general_log_file='/var/log/mysql/mycustom.log';
> SET GLOBAL log_output = 'FILE';
> SET GLOBAL general_log = 'ON';
> \q
$ tail -f /var/log/mysql/mycustom.log | grep suggestions
2. Visit the different pages changed on this bug
=> SUCCESS: Some queries
3. Apply this patch
4. Repeat 2
=> SUCCESS: Less queries!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: Fix branchcode and budgetid filtering
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: Fix conflict with bug 28941
Well, this patchset fixed the security bug...
Redoing on top of bug 28941
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: (follow-up) Missing semicolon
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: Fix 'all' libraries
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 23991: (follow-up) Add value to filter_archived
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the new 'Middle name' field to the patron record.
To test:
1) Apply patches
2) Update database, restart all and clear the browser cache
3) Load a patron in the staff module
4) Confirm you can see and edit the new 'Middle name' field
5) Confirm the new middle name data displays on patron details
6) Confirm the new middle name data displays on patron search results
7) Confirm the new middle name data displays everywhere patron names are
displayed.
8) Confirm the new middle name data displays on the OPAC
9) Confirm the 'Middle name' field appears in the OPAC borrower
modification screens
10) Edit sysprefs `BorrowerMandatoryFields`, `BorrowerUnwantedFields`,
`SelfModificationBorrowerUnwantedField`, `PatronSelfModificationMandatoryField`,
`PatronSelfRegistrationBorrowerMandatoryField` and
`PatronSelfRegistrationBorrowerUnwantedField` to confirm you can make
the new field required or hidden.
11) Verify that DefaultPatronSearchFields contains the new field if you
already had 'firstname' in the field list
12) Enable PatronAutoComplete system preference
13) Type patrons surname into checkout or patron search but don't hit
return
14) Confirm the patrons middle name is displayed in the preview
15) Go to tools > patron lists and attempt to add a patron to a list
16) Patrons middle name should appear in the autocomplete here too
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
1) Apply patch
2) Go to Home -> Patrons -> Patron details (for any patron)
3) Create manual invoice for the patron
4) Pay fines -> Pay -button
5) Check that the currency values look correct
6) Pay fines -> Pay amount -button
7) Check that the currency values look correct
8) Pay fines -> Pay selected -button
9) Check that the currency values look correct
10) Change the CurrencyFormat setting
11) Repeat 2-9
Signed-off-by: Pasi Kallinen <pasi.kallinen@joensuu.fi>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
And a few minor fixes when they where causing issues for
translatability.
And rephrased a string about password reset to have it identical to
other strings with the same meaning.
Simplified via wrapping strings with <span> to split to huge
concatenated strings with a lot of %s everywhere.
== Test plan ==
This patch needs mainly proof reading. Still it's possible to do some
basic testing to demonstrate that adding a <span> in an IF doesn't
break anything.
Pick in one of the 110 modified templates a string that you know how to
display. Otherwise:
1. acquisitions => vendor => basket => add to basket =>
search "from existing record" => add order
2. Cancel the order
3. You see without issue "Bibliographic record will not be deleted"
4. administration => Patron categories
5. Try to delete a used and unused category
6. You see as expected
Category XXXX is in use. Deletion not possible!
and
Confirm deletion of category XXXX
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Paul Derscheid <paul.derscheid@lmscloud.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Change of text from "pin" to "PIN" in the 2FA setup interface.
This slight changes clarifies that "PIN" is an acronym,
and increases user comprehension
To test:
1) Log in as an Administrator
2) Enable TwoFactorAuthentication
3) Log in to a user with superlibrarian permissions.
4) On the user profile page, click the "More" dropdown button,
click "Manage Two-Factor
5) Check that "pin" is displayed in lowercase, in both instances.
6) Apply patch.
7) Refresh the page and observe that "pin" has changed to "PIN"
8) Sign off.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the member-flags template to use the patron-title.inc
include wherever patron names are referenced.
Test plan
1) Navigate to a patron and click through to their accounts tab
2) Note how the patron name displays in the title, breadcrumb and
headings
3) Click through to make a payment
4) Note how the patron name displays in the title, breadcrumb and
headings
5) Apply the patch and reload the page
6) Confirm the patron name still appears in each location and is
consistently formatted and linked as you would expect
Note: This patch also removes a superflous hidden title form element
that was simply passed to and from the controller but not actually used
in any way.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the member-flags template to use the patron-title.inc
include wherever patron names are referenced.
Test plan
1) Navigate to a patron and click through to edit their permissions
2) Note how the patron name displays in the title, breadcrump and
headings
3) Apply the patch and reload the page
4) Confirm the patron name still appears in each location and is
consistently formatted and linked as you would expect
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the basket groups interface so that it doesn't rely
on YUI to move baskets in and out of groups. The patch also removes
all YUI assets and many long-obsolete references to YUI-related classes
and IDs.
To test, apply the patch and rebuild the staff interface CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client)
- Go to Acquisitions.
- Locate a vendor with multiple closed baskets.
- Click "Basket groups" in the sidebar menu.
- Create or edit a basket group.
- On the basket group page you should see the basket group form in one
column and ungrouped baskets in another.
- Both grouped and ungrouped baskets should be in a sortable
DataTable.
- Test that when you click the "Add to group" button on an ungrouped
basket the row is removed from the table of ungrouped baskets and
added to the table of grouped baskets.
- The button text on the row should now read "Remove."
- Test the reverse operation: Clicking "Remove" on a grouped basket
should move it to the table of ungrouped baskets.
- Test that when all baskets are moved out of either of the tables a row
is displayed with a message specific to that table, e.g. "There are no
ungrouped baskets."
- Test that the basket group saves correctly when zero or more baskets
are added to the group.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Adds a similar check to the patron details shown when selecting
the details tab in the patron account in the staff interface.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
It appears that in my original submission ( Bug 9021 ),
I hid the SMS provider selector unless the SMS::Send
driver was set to "Email", but only on the OPAC,
not on the staff interface!
Test Plan:
1) Set SMSSendDriver to anything except "Email"
2) Note the SMS Provider pulldown shows in the patron editor
3) Apply this patch
4) Reload the page, SMS Provider id should now be gone
5) Set SMSSendDriver to "Email"
6) Reload the page, SMS Provider should now be shown
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Just modifying the hint provided in patrons' messaging preferences to
allow either + or 00 for international formats.
No test plan needed.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds to the configuration of the date of birth field in the
patron entry form so that the calendar widget prohibits the selection of
a date in the future.
To test, apply the patch and open a patron record for editing. Try to
select a birth date in the future using the calendar widget. You should
be limited to a selection of today or before.
Confirm that clicking the "Yesterday" and "Today" shortcuts in the
calendar widget works correctly.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
borrower_data does not contain the borrowernumber, it is sent
separately.
Test plan:
1. Edit a patron record (for example: Henry Acevedo).
2. Note that the URL is http://127.0.0.1:8081/cgi-bin/koha/members/memberentry.pl?op=modify&destination=circ&borrowernumber=19
3. Change date of birth to yesterday.
4. Save.
5. Error message displayed above the Save and Cancel buttons:
The following fields are wrong. Please fix them.
- Patron's age is incorrect for their category. Ages allowed are 18-999.
6. Note that the URL is now http://127.0.0.1:8081/cgi-bin/koha/members/memberentry.pl
7. Fix date of birth (for example: change year to 2000).
8. Select Save.
=> Without this patch you get: "Patron not found. Return to search."
=> With this patch applied the patron's data is saved
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To reproduce:
- Make sure you have a patron with at least one checkout,
one hold and one fine
- On the detail page for that patron, go to Print > Print
summary
- Observe the tables are too wide to fit on a printed page
To test:
- Apply this patch
- Repeat the steps above
- Observe the table now fits on the page
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes javascript moneyFormat function in paycollect.tt consistent
with the one in pay.tt
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch does the same treatment for moremember.tt where the same
summary block is includes. We also correct the tab order to be a little
more consistent too.
We should really move this to an include and refer to it from both
templates instead of this copy/paste code..
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1 - Sign in as a superlibrarian
2 - Find a patron account with no password expiration set
3 - View member detials
4 - note expiration says 'Never'
5 - Edit patron
6 - Set patron expiration
7- Save
8 - View details, confirm password expiration shows correctly
9 - Sign in as non-superlibrarian
10 - Confirm you don't see expirationdate on details page
11 - Edit patron and confirm password expiration does not show
12 - Edit HTML and confirm you epxiration date not saved
<input type="text" name="password_expiration_date" value="2052-05-02">
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
1. Apply patch and run updatedatabase
2. Enable 'UseCashRegisters' syspref and create at least one cash
register for your library
3. Verify that you have several authorized values in the 'PAYMENT_TYPE'
category. One of them should be 'CASH'
4. Go to a patron accounting tab, create a manual invoice and go to the
payment form. Select payment type 'CASH' and verify that you cannot
submit the form if no cash register is selected.
Select another payment type and verify that you can submit the form
even if no cash register is selected
5. Set syspref 'RequireCashRegister' to 'always require a cash register'
6. Repeat step 4 but this time you should not be able to submit the form
if no cash register is selected, no matter which payment type is
selected.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the pending patron updates page to use Bootstrap
collapse instead of jQueryUI.
This patch contains whitespace changes, so view the diff with this in
mind.
To test, apply the patch and rebuild the staff client CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- If necessary, log into the OPAC and submit an update via the "Your
personal details" page. Ideally do this for two or more patrons.
- In the staff client, follow the "Patrons requesting modifications"
link.
- On the "Update patron records" page you should see the headings
representing each of the patrons with pending updates. The first panel
should be expanded.
- Confirm that the panels expand and collapse correctly.
- Follow the "Patron details" link for one of these patrons.
- Click the "Review pending modifications" link on the patron detail
page.
- When the update page opens that patron's panel should be expanded.
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the output_and_exit call to instead pass an error
parameter in the template and use it to display the warning instead of
the rest of the page content in the 'Manage two-factor authentication'
page.
This allows for translation and makes the page adhere to normal
practices.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Instead of using deprecated Google Charts API, and exposing our
secret in a GET parameter, we generate QR data ourselves.
Test plan:
[1] Enable two factor authentication in the prefs.
[2] Login in staff. Go to account. Select Manage 2FA.
[3] Verify that QR code is displayed.
[4] Register the QR in your authenticator app and test 2FA
by logging in again.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested with Google Authenticator and FreeOTP.
Bug 29873: (follow-up) Rename qr_dataurl
As requested by a QA team member.
We're moving to qr_code as method name. This is the same name as
the method in the underlying base class.
Apart from one sed statement, changing to self->SUPER on one line.
Test plan:
Can you still register, logout and login?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 29873: (follow-up) Switch to GD
We do not need a new module, we could use GD instead.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We could add the configuration to these tables as well, but let go first
but the others (read: feeling lazy right now).
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
because of desc
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
PatronsPerPage should be done on a separate bug report, not trivial
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
because of desc
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
No change expected here for ILL
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
For some reason, with the combination of jQuery 3.6.0 and jQueryUI
1.13.1, the way to access the current active tab's link has changed.
Previously the tab activate event would provide information about the
link as "ui.newTab.context." It appears that "context" is no longer
available.
This patch updates the two instances in Koha where this process is
broken.
To test, apply the patch and check out to a patron with holds on their
account.
- When the checkout page loads, confirm that each tab loads its contents
correctly when clicked.
- Check that the correct tab is activated when you append the tab link
to the page url, e.g.
/cgi-bin/koha/circ/circulation.pl?borrowernumber=XXX#reldebarments
...which should select the "Restrictions" tab for you. You may need to
try this in a new tab or shift-reload to get the browser to look for
the hash.
- Perform the same tests on the patron details page.
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
FAIL members/two_factor_auth.pl
FAIL file permissions
File must have the exec flag
FAIL koha-tmpl/intranet-tmpl/prog/en/modules/members/two_factor_auth.tt
FAIL filters
missing_filter at line 42 ( <p>Account: [% issuer %]</p>)
missing_filter at line 43 ( <p>Key: [% key_id %]</p>)
missing_filter at line 54 ( <input type="hidden" name="secret32" value="[% secret32 %]" />)
missing_filter at line 58 ( <img id="qr_code" src="[% qr_code_url %]" />)
FAIL Koha/Auth/TwoFactorAuth.pm
FAIL pod coverage
POD is missing for 'new'
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patchset introduces the Two-factor authentication (2FA) idea in
Koha.
It is far for complete, and only implement one way of doing it, but at
least it's a first step.
The idea here is to offer the librarian user the ability to
enable/disable 2FA when logging in to Koha.
It will use time-based, one-time passwords (TOTP) as the second factor,
an application to handle that will be required.
https://en.wikipedia.org/wiki/Time-based_One-Time_Password
More developements are possible on top of this:
* Send a notice (sms or email) with the code
* Force 2FA for librarians
* Implementation for OPAC
* WebAuthn, FIDO2, etc. - https://fidoalliance.org/category/intro-fido/
Test plan:
0.
a. % apt install -y libauth-googleauth-perl && updatedatabase && restart_all
b. To test this you will need an app to generate the TOTP token, you can
use FreeOTP that is open source and easy to use.
1. Turn on TwoFactorAuthentication
2. Go to your account, click 'More' > 'Manage Two-Factor authentication'
3. Click Enable, scan the QR code with the app, insert the pin code and
register
4. Your account now requires 2FA to login!
5. Notice that you can browse until you logout
6. Logout
7. Enter the credential and the pincode provided by the app
8. Logout
9. Enter the credential, no pincode
10. Confirm that you are stuck on the second auth form (ie. you cannot
access other Koha pages)
11. Click logout => First login form
12. Enter the credential and the pincode provided by the app
Sponsored-by: Orex Digital
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes some corrections to issues found during testing:
Some duplicate headings, a markup error in labeledMARCdetail.tt, a
change of the transfers heading from "Branch transfers" to "Item
transfers."
This patch also undoes the changes to the position of the toolbar on
several pages. I think those changes don't belong in this bug.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Changed each of the pages in the labels and members folders to have one
<h1> tag showing that describes the page, rather than the <h1>
describing the logo.
The hierarchy of heading tags may be broken in many pages, but this
will be dealt with in an additional bug.
To test:
1) Go to the Staff Client
2) Apply patch
3) Go to each of the pages in the labels and members folders and check
that they have an obvious and descriptive heading
4) Ensure that the heading in the page is <h1>
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>