This patch updates the version of Bootstrap in the OPAC from 2.3.1 to
4.5.0. The Bootstrap JavaScript files have been replaced with custom
builds of the 4.5.0 JavaScript source files. The Bootstrap CSS is now
built into the OPAC CSS by loading the required Bootstrap 4.5.0 SCSS
files in node_modules.
OPAC SCSS now starts with Bootstrap customizations:
/* Bootstrap variable customizations */
$headings-color: #727272;
...
Followed by loading the necessary Bootstrap SCSS files:
/* Bootstrap imports */
@import "../../../../../node_modules/bootstrap/scss/functions";
@import "../../../../../node_modules/bootstrap/scss/variables";
...
Followed by our CSS. The build process for generating compiled CSS now
creates a file which bundles Bootstrap CSS and ours. Removed from the
Koha source: Bootstrap CSS files, Bootstrap "glyphicons" images.
The upgrade to Bootstrap 4 involved a lot of markup changes to conform
with new Bootstrap classes, especially in classes related to the grid.
Besides duplicating the grid we used before, this upgrade adds some new
features made possible by Bootstrap 4.5's use of flexbox as a layout
tool. This includes custom ordering of columns based on class names:
https://getbootstrap.com/docs/4.5/layout/grid/#order-classes.
Other areas where the most changes have been made: Navigation menus,
breadcrumb menus, buttons, dropdowns.
Bootstrap's JavaScript file is now "bootstrap.bundle.min.js" to reflect
the fact that a required JavaScript asset is now distributed separately
in Bootstrap 4. The "bundle" version includes Popper.js.
Unrelated changes: Indentation corrections, removal of invalid
"//<![CDATA[" markers, removal of invalid script type attributes.
To test, apply the patch and run 'yarn install' to install Bootstrap as
an npm module. Run 'yarn build --view opac' to regenerate the OPAC CSS.
Test as many aspect of the OPAC as possible, viewing pages at various
browser widths to confirm that everything adjusts well. Test with
various OPAC interface system preferences enabled and disabled.
Test self checkout and self checkin.
Known issues: RTL support has not been updated.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Some library would like to delay the importing of invoices until
a time of their choosing. The invoices should be imported into
the database as they do now, but the invoice processing should
be skipped. Instead, any invoice file with a status of 'new'
should have an 'Import' button to process the invoice.
Test Plan:
1) Apply this patch
2) Run updatedatabase.pl
3) Enable the new syspref EdifactInvoiceImport
4) Run the edi cronjob to import a new invoice file
5) View EDI messages table at /acqui/edifactmsgs.pl
6) Note the invoice files is not processes, and retains the status of 'new'
7) Use the 'import' button to process the invoice
8) Note the invoice is now marked 'received' and the 'import' button is gone
9) Verify the invoice was actually processes
Signed-off-by: Debi Stears <DDStears@washoecounty.us>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If you define the address we use it, if not we fallback,
it's not really a redirect, and that just makes the name longer.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
As requested, I have embelished the syspref description to more
accurately depict the fallback sequence for email delivery.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Sponsored-by: Catalyst IT
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
1. Set no email addresses in patron record then checkout
items to the patron making the due date in the past
2. Visit patron's home library page: Administration > Libraries
Set a branch email and in global system preferences observe there is no syspref
named RedirectAddressForFailedOverdueNotices
3. Manually run overdue_notices.pl
4. Check the message_queue database table and observe there is a
print overdue notice and a email notice with to_address of the
branch email address
5. Apply patch
6. Run database update:
cd installer/data/mysql
sudo koha-shell <instance_name>
./updatedb.pl
7. Confirm there is a new system preference named:
RedirectAddressForFailedOverdueNotices
Give it a different email address to that in the branch email.
7. Repeat steps 1,3,4 and observe that the failed overdue notices have been
sent to the email defined in RedirectAddressForFailedOverdueNotices
Sponsored-By: Catalyst IT
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch defaults the 'holds_block_checkin' configuration to disabled
(to maintain current behaviour on upgrades). It also updates a
copy/paste for siplog logging to make the message triggered by this
action unique as expected.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Some libraries would like patrons to be unable to return items with
holds via SIP. Instead, the screen message should indicate that the
patron should return that item at the circ desk so a librarian can use
it to fill the next hold right away and place it on the hold shelf.
Test Plan:
1) Apply this patch.
2) Place a hold for an item.
3) Enable the new SIP option no_holds_checkin for a SIP account.
4) Restart the SIP server.
5) Check in the item using the SIP CLI tool using the SIP account
for which you set the new option.
6) Note the checkin fails with a screen message indicating you should
return the item to the circulation desk.
Signed-off-by: Peter Lau <peter.lau@yccece.edu.hk>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch enables keyboard navigation using the arrow keys without the
need to hold the control key for the jQuery UI datepicker.
Test plan
1/ Navigate to an item in the opac and attempt to place a hold
2/ On the resultant screen, use keyboard navigation to trigger the 'Show
more options' dropdown.
3/ Focus on one of the date inputs using keyboard navigation.
4/ Use 'ctrl + arrow' keys to navigate the datepicker.
5/ Note that prior to the patch using 'bare' arrow keys does not trigger
anything
6/ Apply the patch and confirm that the datepicker can now be naviated
using the arrow keys without holding the ctrl key.
7/ Confirm that using the ctrl key combinations continue to work as
expected too.
8/ Signoff
Signed-off-by: Brandon J <brandon.jimenez@inLibro.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1 - Have two checkouts in old_issues
issue 1: timestamp 2020-08-01 00:00:00, issuedate 2019-08-01 00:00:00
issue 2: timestamp 2020-07-01 00:00:00, issuedate 2019-07-01 00:00:00
2 - Perform a Most Circulated Items search for checkout dates 2020-06-01 to 2020-09-01. Both checkouts appear in search
3 - Repeat search with checkout dates 2019-06-01 to 2019-09-01. Neither checkout appears in search
4 - apply patch, restart all
5 - Repeat search with checkout dates 2020-06-01 to 2020-09-01. Neither checkout appears in search
6 - Repeat search with checkout dates 2019-06-01 to 2019-09-01. Both checkouts appears in search
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When viewing the logs we try to swith the db values like 'cron' to friendly terms like
'Cron job'
The values we use for building the selectors on the page ar eupper case, but DB values are lower case
If we simply force upper case in the comparison we can ensure we always match correctly
To test:
1 - Enable some 'Logs' setting in System preferences
2 - Perform some action in koha that will log
Run a cronjob
Change a syspref
etc.
3 - Browse to Tools-> Log viewer
4 - Click 'Submit' to see all logs
5 - Note the 'Interface' column contains lower case DB values
6 - Apply patch
7 - Reload the page
8 - Values in interface are now Camel cased and more friendly
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The database schema for accountlines table allows the
manager_id/user_id column to be NULL. If request to
/api/v1/patrons/<patron_id>/account returns such an accountline where
it is NULL we get 500 error as response. Adding NULL to allowed data
types fixes this issue.
To test:
1) Run prove t/db_dependent/api/v1/patrons_accounts.t and notice it
doesn't fail
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When manager_id is null/undef the API returns error code 500.
To test:
1) Notice failure when running
prove t/db_dependent/api/v1/patrons_accounts.t
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch replicates the introduced behaviour, for the admin interface.
To test, follow the test plan from the OPAC, but on the intranet.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes opac-detail.pl query for analytics the same way it
would do with the generated link (i.e. based on UseControlNumber) and
passes a flag to the XSLT so it displays (or not) the 'Analytics' link.
To test:
1. Apply the first patch
2. Have a known record without analytics
3. Open the record in the OPAC
=> FAIL: It shows the 'Analytics' link
4. Have a record known to have analytics and open in OPAC, on a separate
tab
=> SUCCESS: It shows the 'Analytics' link
5. Apply this patch and restart_all
6. Reload the tabs
=> SUCCESS: It shows the link where it has to, and hides it where it
shouldn't be displayed
7. Sign off :-D
Sponsored-by: Orex Digital
Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The current XSLT displays the link to linked analytics only for serials.
This patch makes it show for all the relevant position 7 on the leader
values. I left out a and b as recommended by expert librarians on my
team, but I can revert that if required.
The current implementation adds a new CSS class for each case, so
libraries willing to keep the current behaviour or just have more
granular control on the cases they want the link to display, just can.
This patch makes sense with the follow-up one, which will display the
link only if there are really related records.
To test:
1. Open a non-serial record, notice there's no link to analytics
2. Apply this patch and reload
=> SUCCESS: There's an 'Analytics' link
3. Inspect the produced HTML
=> SUCCESS: A special class with analytic_* value has been added, and
thus we now can control its display through CSS
4. Sign off :-D
Sponsored-by: Orex Digital
Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Elasticsearch requires the booleans in search requests to
be uppercase. This fixes the "Show analytics" link in
OPAC (same as first patch for intranet) and the "Show volume"
link.
To test both patches:
Set UseControlNumber = Use
1) "Show analytics"
- Turn SearchEngine to Elasticsearch and make sure it works
- Pick any serial record in your database, make sure 001 is set
- Go to new > new child record
- Fill in 245 and save
- For both staff and OPAC:
- Click on the "In" link, it should bring you to the parent record
- Click on "Show analytics", it should show your analytical record
- Switch to "Zebra" - verify links still work.
2) "Show volumes"
- Turn SearchEngine to Elasticsearch again
- Pick any serial record in your database, make sure 001 is set
- Set LDR, pos. 19 = a - Set
- Note 001 value
- Find another record and edit it
- Set LDR, pos. 19 = a or b, LDR 7 not a or b (m will work)
- Set 773$ title of set record $w 001 of set record
- For both staff and OPAC:
- Click on the "In: link, it should bring up your set record
- Click on the "Show volumes" link, it should bring up the volume
- Switch to "Zebra" - verify all links still work.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In elasticsearch we only treat AND and OR as boolean operators if
they are capitalized
To test:
- Turn SearchEngine to Elasticsearch and make sure it works
- Pick any serial record in your database, make sure 001 is set
- Go to new > new child record
- Fill in 245 and save
- Click on the "In" link, it should bring you to the parent record
- Click on "Show analytics" => there will be no result
- Apply patch
- restart and reload
- Try again
- It works!
- Switch SearchEngine syspref to 'Zebra'
- Test again
- It still works!
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Without this patch, you can't preview letters when running Koha in CGI mode.
To test:
1. Run Koha as CGI (and not Plack)
2. Go to /cgi-bin/koha/tools/letter.pl?op=add_form&branchcode=&module=circulation&code=CHECKIN
3. Try to preview the notice (using a valid barcode)
4. Note in the browser console that svc/letters/preview is generating a 500 error
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Currently the overdues report does the following display:
Patron library = home branch
Home library = holding branch
Holding library = patron branch
This patch corrects the display of libraries in the overdues report.
To test:
0) Do not apply patch
1) Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
2) Go to http://localhost:8081/cgi-bin/koha/circ/set-library.pl
3) Choose "Troy"
4) http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
5) Checkout "39999000004571" with due date of "09/01/2019 23:59"
Note the facts:
Patron library = Centerville
Home library = Fairview
Holding library = Troy
6) Go to http://localhost:8081/cgi-bin/koha/circ/overdue.pl
7) Change "Columns" visibility to show Holding and Home libraries
8) Note that the libraries are incorrect:
Patron library appears to be: Fairview
Home library appears to be: Troy
Holding library appears to be: Centerville
9) Apply the patch
10) koha-plack --restart kohadev
11) Go to http://localhost:8081/cgi-bin/koha/circ/overdue.pl
12) Change "Columns" visibility to show Holding and Home libraries
13) Note that the libraries are correct:
Patron library appears to be: Centerville
Home library appears to be: Fairview
Holding library appears to be: Troy
Signed-off-by: Emmi Takkinen <emmi.takkinen@outlook.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In get_elasticsearch_params we set the conf to static if undefined,
but we never defined it
To test:
1 - Apply unit test patch
2 - prove -v t/Koha/SearchEngine/Elasticsearch.t
3 - It fails
4 - Apply this patch
5 - It succeeds
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The password recovery and self-registration features need to be
accessible at the OPAC even if not public.
Test plan:
Self register a new account, then ask for a new password with OpacPublic
turned off
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomás Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Was this wrong?
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomás Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This was wrong!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It defaults to 0 in get_template_and_user
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Prior to this patchset there were 3 different calls to
get_template_and_user (or checkauth) with the authnotrequired param:
* authnotrequired => 0
* authnotrequired => 1
* authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 )
The first one says that an unauthenticated user can access the page, the
second that the user has to be authenticated, and the last one that it
depends on the OpacPublic syspref.
Actually we must replace the first one with the third one, if the OPAC
is not public, the authentication must be forced.
To do so we are going to remove the "authnotrequired => 0" occurrences,
and check the OpacPublic syspref's value in C4::Auth
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The FIXME is no longer valid since we fixed the X-Forwarded headers
for Plack. And since we do not even use using_https anymore in
the templates (see bug 21094).
Test plan:
Run Auth.t
Git grep for using_https
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.
Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var
This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.
Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the controller not expect that there will always be all
the email fields. So it now checks if an email field was passed, and
changed, and renders the error if that stands.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: Tests written by Nick highlight a problem
2. Apply this patch
3. Repeat 1
=> SUCCESS: Problems solved
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The API was only catching the primary email change case, but we need to
catch email, emailpro and B_email.
We were also not accounting for any of the emails (on PUT or from the
DB) being undefined.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patchset prevents a non-superlibrarian user from editing a
superlibrarians email address via memberentry. This is to prevent a
privilege escalation vulnerability whereby a user could update a
superlibrarians contact details to match their own and then request a
password reset via the OPAC.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
