Commit graph

194 commits

Author SHA1 Message Date
Joshua Ferraro
9806abf865 Adds support for Syndetics Excerpts and Editions
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-03-27 17:23:50 -05:00
Joshua Ferraro
3d46ed59ee Add System Prefs for Syndetics to Auth
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-03-27 17:23:49 -05:00
Galen Charlton
638482cf1a fix permissions error 2009-03-06 13:18:00 -06:00
Nahuel Angelinetti
3213ffc859 fix the sql request to work in all mysqls
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-03-06 13:18:00 -06:00
Mason James
f295d4d223 fixes missing 'STDERR', causing 500 error below..
malformed header from script. Bad header=## checkpw - checking LDAP: mainpage.pl,

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-03-04 08:07:29 -06:00
Andrew Elwell
b49d937e2c more Minor documentation fixes
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2009-02-26 14:45:58 -06:00
Joe Atzberger
07d1eae7cc Remove hardcoded "Freelist" line from Auth.
Apparently a leftover debugging snippet.

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2008-10-01 12:21:49 -05:00
Galen Charlton
a670f1817e bug 2509: fix file permissions
Following suggestion by Vincent Danjean for Debian
packaging, 0755 -> 0644 for non-executable
files.

Also removed shebang from a few modules in C4.

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2008-08-21 18:55:02 -05:00
Jesse Weaver
c77969022b fix for bug 2477: Improve Speed of the Shelf Browser
This patch updates the queries for the shelf browser in opac-detail.pl for a
slight performance gain. It also adds a param for dateformat to C4::Auth to
fix a warning.

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
2008-08-21 16:49:49 -05:00
Galen Charlton
0bf4cdba9a bug 2459: fix module depedency error blocking SIP2
Ror a poorly understood (by me) reason, use of 'use
UNIVERSAL' and 'use C4::Auth' in the SIP2 code is resulting
in a compilation error, thus blocking SIP2 from working.

The error (prior to this patch) could be reproduced as follows:

cd C4/SIP
perl -I. -wc Sip/MsgType.pm
"get_session" is not exported by the C4::Auth module
Can't continue after import errors at /home/gmc/koha/dev/C4/VirtualShelves.pm
line 51
BEGIN failed--compilation aborted at /home/gmc/koha/dev/C4/VirtualShelves.pm
line 51.
Compilation failed in require at /home/gmc/koha/dev/C4/Auth.pm line 34.
BEGIN failed--compilation aborted at /home/gmc/koha/dev/C4/Auth.pm line 34.
Compilation failed in require at Sip/MsgType.pm line 21.
BEGIN failed--compilation aborted at Sip/MsgType.pm line 21.

or more minimally

perl -ce 'use UNIVERSAL; use C4::Auth;'

This patch works around the problem by making C4::Auth
and C4::VirtualShelves not import any symbols
from each other.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-08-04 15:26:54 -05:00
Chris Nighswonger
8bbef6380a kohabug 2456 Moving certain C4::VirtualShelves.pm subs from EXPORT
to EXPORT_OK and correcting associated syntax

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-08-04 15:26:52 -05:00
Chris Nighswonger
542c54e067 kohabug 2392 Changing array dereferencing syntax
It appears that Perl 5.10 does not like ${@$foo}[0] but rather wants $foo->[0]
The latter is also much more readable. This patch makes the change.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-07-24 11:26:16 -05:00
Chris Nighswonger
ed762eb989 Correcting bad session var that caused Lists link not to be displayed in anonymous sessions
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-07-23 06:49:51 -05:00
Chris Nighswonger
9971756a24 kohabug 2159 Improving "Lists" button list refreshes after adding/changing lists/shelves
Adding code to refresh "Lists" button lists display in OPAC masthead.inc

Adding javascript to force refresh of parent window to update "Lists" button menu

Adding query limits and ability to specify row count and offset in queries related to Virtualshelves.
Also added the ability to return total record counts for specified virtualshelves.

Adding C4::VirtualShelves::GetRecentShelves which returns a list of the most recently modified shelves for
a given set of parameters. This allows the user to be offered active private and open lists to add books
to in drop down menus while also allowing drop down menus to be limited to a reasonable length.
This also limits the shelves stored in the user's session to a fixed number. A further enhancement might
be to add a syspref to enable a staff member to define the limit. Currently it is hardcoded at 10 per
list type (private/public-open).

Adding pagination to list/shelf related screens

Moving refresh shelves code into C4::VirtualShelves::RefreshShelvesSummary and tidying up a bit

Correcting several inconsistancies in the shelves templates as well as handling shelf management on
the intranet side correctly.

Correcting "Add To:" drop-down list to show only lists the patron has permission to add to

Correcting a few C4::VirtualShelves::GetShelvesSummary API calls

Modifications for template consistancy

Breaking up a 1367 char line of javascript in opac-results.tmpl

Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-07-22 15:48:13 -05:00
Joshua Ferraro
52145c1589 Fix for bug 2115: OpacMaintenance wasn't working 2008-07-14 11:01:44 -05:00
60d585aed6 Hide User Tags link when TagsEnabled preference is turned off. Change to Auth.pm allows TagsEnabled preference to work on login screens.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-07-12 08:59:39 -05:00
Galen Charlton
c80b328aae clean up old-style calls to GetMemberDetails
GetMemberDetails() returns only one hashref now,
not two.  In all cases where the caller was
expecting two output values, the $flags return
was ignored anyway.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-25 11:39:22 -05:00
Joshua Ferraro
66b2a15f13 fix for 1913: Remove opaclargeimage system preference 2008-06-20 18:38:10 -05:00
Chris Nighswonger
14e2e4d540 bugfix for bug introduced by anonymous session code
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-20 16:48:51 -05:00
Andrew Moore
401c84cc09 Bug 2176 (2/5): adding patron interface to update messaging preferences
This patch allows patrons to update their messaging preferences. This
includes methods in C4::Members to manage patron messaging preferences.

added cgi script to allow patron to edit their messaging preferences

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-20 13:04:50 -05:00
Andrew Moore
3c547de448 refactor C4::Auth::get_template_and_user for readability
I'd like to add another template parameter to geta_template_and user, but found it diffiult due to unreadability.

I stanadardized the whitespace in a portion of get_template_and_user,
alphabetized the parameters, finding a duplicate in one spot,
and then extracted the common template parameters that are set the same
regardless of template type.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-20 13:04:48 -05:00
Chris Nighswonger
3cb7a9ac28 kohabug 2238 This patch allows patrons to add books to public open/free lists whether they are logged in or not.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-20 12:48:11 -05:00
Chris Nighswonger
3d377cd7c1 kohabug 1875 Public lists/virtualshelves are displayed and viewable whether a patron is logged in or not.
NOTE: This patch introduces code which generates an anonymous session when a patron first browses to OPAC.
This anonymous session contains a minimal amount of information including the results of a query to discover
all public lists/shevles. When the user logs in, the anonymous session is cleared and a new session created
for that user.

kohabug 1875 - fix error when editing a patron record

C4::Auth::checkauth was not distinguishing between a
'userid' input from an OPAC or staff login form and
a 'userid' input from (e.g.,) the patron editor.
Consequently, adding or editing a patron record would
result in Koha trying to log in as the new patron.

To resolve this, added a hidden input to all login
forms, 'koha_login_context', to explicitly signal
when a login is occurring.  The value of this input
can be 'opac', 'intranet', or 'sco' - the value is
not used at present, but may be of use later.

C4::Auth - added debug flag to two warns

kohabug 1875 - create anonymous sessions only for OPAC

No need to create an anonymous session for the intranet.

set yuipath correct for login pages

When preparing the template parameters for a login form,
C4::Auth was overriding the value of yuipath set
by C4::Output::gettemplate(), thus causing 404 errors
if the 'yuipath' syspref was set to 'local'.

kohabug 1875 - avoid warns viewing lists anonymously

During an anonymous OPAC session, the $loggedinuser variable
is not set.  As the undefined value causes warns in
C4::VirtualShelves::Page::shelfpage, for the purpose of the
shelfpage call the loggedinuser is set to -1, which should
not correspond to any real borrower number.

This is admittedly a hack to avoid digging through all
of C4::VirtualShelves to deal with lists viewed anonymously.

kohabug 1875 Refactoring of &ModShelf to avoid overwriting list owner needlessly

kohabug 1875 Avoid warning if can't find owner of shelf

Since virtualshelves.owner is not a true FK of borrowersnumber.number,
set ownername to '' if can't find the patron

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-20 12:44:27 -05:00
Joshua Ferraro
7304a2e89b Revert "Bug fixing : get_user_permissions SQL Fixing"
From Galen: because code is part of the join, there is in fact no ambiguity

This reverts commit 3a05ae40f6.
2008-06-09 09:53:23 -05:00
Henri-Damien LAURENT
3a05ae40f6 Bug fixing : get_user_permissions SQL Fixing
user_sub_permissions join introduced ambivalence for permissions field

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-09 06:51:05 -05:00
Henri-Damien LAURENT
00adf3d9af Bugfix : generating session id on some systems was not defined
Explicitly naming the method to generate id is required on some systems
(SUN 4)

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-09 06:51:02 -05:00
Galen Charlton
fe65447e5b OPACBaseURL - do not tack on :443 if using SSL
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-03 05:59:47 -05:00
Galen Charlton
5e5ce6b7f9 calculate OPACBaseURL instead of using syspref
Calculate OPACBaseURL from the
CGI environment variables instead of using the
system preference.  As a result of this patch,
it should be possible to change the hostname,
protocol, or port of the OPAC without having to
reset a system preference.

Also added a FIXME to opac/unapi - the URL of
the SRU/W server has no necessary relationship
to the URL of the OPAC.

Once this patch is confirmed, the syspref can
be removed.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-06-02 00:51:08 -05:00
Galen Charlton
a7ba1bb941 kohabug 2105: prevent crash on IE7
Three scripts were incorrect setting the HTTP type
header to 'utf-8' instead of something appropriate
like 'text/html' - Firefox evidentally can ignore that
mistake, but IE7 does not.

Fixed by replacing an invalid print of the HTTP header
and template output with a call to
C4::Output::output_html_with_http_headers.

Also corrected POD in C4::Auth and InstallAuth to
reflect correct use of output_html_with_http_headers.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-05-13 17:40:36 -05:00
Henri-Damien LAURENT
f59c9706a4 change in yuipath management 1/2 Noupdatedatabase.pl
now yuipath is added in C4::Output and uses themelang
In my opinion, all the general variables that are used in output should get in C4::Output (since there is theme lang computed.)
rather than in C4::Auth

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-05-12 15:46:35 -05:00
Joshua Ferraro
f093a84974 Fixing bug 1629: RSS Feeds of Search Results in OPAC 2008-05-01 18:55:13 -05:00
Joshua Ferraro
d83a055504 Adding authorised value icons display in the search results
pages.
2008-04-30 21:07:29 -05:00
cfc2b0e184 Adding a couple missing variables for opac login screen (opacheader,OpacUserCSS); Minor tweak to OPAC tags on opac-detail
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-04-28 05:55:57 -05:00
Joshua Ferraro
ad0d08ef33 Improvements to the results display in the OPAC, merging style
between the XSL and non-XSL stuff. Refining style of tags display,
adding back links to place hold, add to list, and add to cart on
results page
2008-04-23 16:00:46 -05:00
Joshua Ferraro
dfe310868f Adding TagsEnabled to list of known sysprefs, adding 'my tabs'
to the OPAC user portal
2008-04-22 21:00:56 -05:00
Galen Charlton
83f8e22aec renamed CheckSpecificUserPermissions to GranularPermissions
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-04-10 15:53:45 -05:00
Galen Charlton
7a2a241fa3 fix crash when attempting login as user w/o 'catalogue' permission
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-04-10 15:53:38 -05:00
Galen Charlton
70d33a82bb granular permissions - C4::Auth
Enhanced the permission-checking functions in C4::Auth
(e.g., get_template_and_user, checkauth, check_api_auth, etc.).

If the CheckSpecificUserPermissions syspref is OFF, the behavior
of those APIs is unchanged.

If CheckSpecificUserPermissions is ON, then the value of each
key in the flagsrequired hash is considered during
the permissions check:

  1. if the value is 1, the staff user must have
     all privileges for the userflags flag (or module)
     referred to by the hash key, e.g.,

     { flaqsrequired => { tools => 1 } }

     In terms of the database, this means that the
     corresponding bit must be set in borrowers.flags.

  2. If the value is '*', the staff user must
     have at least one of the permissions for the
     userflag/module, but it doesn't matter which one.

     In terms of the database, this means ether that the
     corresponding bit must be set in borrowers.flags or
     that there at least is one row in user_permissions
     for the staff user and bit/module combination.

  3. If the value is any other string, it must be
     a permissions code defined in the permissions table.
     The staff user must have that specific permission
     or have access to all functions of the module

     In terms of the database, this means ether that the
     corresponding bit must be set in borrowers.flags or
     that there is a matching row in user_permissions
     for the staff user, bit/module, subpermission
     code combination.

In addition, get_template_and_user is modified so that the
CAN_user_XXX variables that it sets also includes the
subpermissions available (CAN_user_XXX_YYY, e.g.,
CAN_user_tools_import_patrons).  The template variables
for the specific permissions are set regardless of whether
CheckSpecificUserPermissions is ON or OFF so that the templates
don't have to test for that syspref explicitly.

In addition, the meaning of CAN_user_XXX has changed slightly -
CAN_user_tools, for example, is set to 1 in the template if the
user has access to *any* of the tools functions.  This was done
to simply the logic for deciding whether to display a menu
item in the staff interface are not.  This does mean that
when specific subpermissions are added to (say) the circulate
module, each use of CAN_user_circulate will need to be examined
to see if the intent is to allow the user to get at a circ
menu or page or if the user really should be required to have
all circulate functions.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-04-10 15:53:13 -05:00
c51316a594 Correction to prevent js error when table has no data.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-04-01 06:41:11 -05:00
Joshua Ferraro
556721e86a Experimental XSLT-based display of results and details pages To enable, create two new YesNo sysprefs: XSLTDetailsDisplay and XSLTResultsDisplay, and set them to ON. Feature to be expanded in a future version, this experimental code is for proof of concept only and doesn't introduce any changes if sysprefs are not created.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-21 21:49:04 -05:00
7ec49e693a Fix to enable OPACUserCSS preference (allows user to add CSS globally in the OPAC via an embedded style block)
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-19 15:46:21 -05:00
a4e22029cc Updates to tweak the way suggestions and suggestions links display when various suggestions-related prefs are on or off.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-19 15:46:16 -05:00
Chris Nighswonger
73dde7a03a Correcting warn concerning kohaversion.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-19 15:44:44 -05:00
80de0e0692 Fix for Bug 1951, OPACURLOpenInNewWindow doesn't do anything.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-18 15:18:45 -05:00
Joshua Ferraro
9b1d024b4c adding a <meta> field to make Koha's OPAC discoverable
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-18 10:40:17 -05:00
Andrew Moore
a59c28db3e fixing bug 1801
adding some parameters to the call to opac-auth.tmpl in C4::Auth::checkauth
This displays the additional navigational links in the masthead on the login page to unauthenticated users.

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-18 09:44:43 -05:00
Joshua Ferraro
db101d35d0 fix for bug 1781 for NOZebra=OFF
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-17 22:35:19 -05:00
8a01737202 Fix for Bug 1939, OpacMainUserBlock not displaying with news.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-17 16:28:57 -05:00
Joshua Ferraro
f51890c407 Adding experimental OPACShelfBrowser feature -- to try, create a new syspref called OPACShelfBrowser, and set it to 1
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-16 20:26:30 -05:00
Joshua Ferraro
4c92790fc0 IMPORTANT: Upgrading to Amazon.com Associates Web Service 4.0
As announced this past February, Amazon.com will no longer be
accepting web services requests to Amazon E-Commerce Service
(Amazon ECS) version 3.0 beginning on March 31, 2008.

This patch upgrades to Amazon.com's Associates Web Service 4.0
for the following components:

1. Amazon.com Locale support for: Canada, Germany, France, Japan,
   UK, and US (see the new syspref called AmazonLocale)
2. Jacket Covers
3. Editorial Reviews
4. Customer Reviews
5. Amazon.com Similar Items

The following changes MUST be made to continue using Amazon.com
content:

1. Delete the system preference: AmazonDevKey (AmazonDevKeys used
   with AmazonECS 3.0 are no longer valid)
2. Add the system preferences: AmazonLocale, AWSAccessKeyID
   NOTE: steps 1, 2 are done by the web installer
3. Verify your AWSAccessKeyID:
   You may already have an Access Key ID. You can access your Access
   Key ID by going to http://aws.amazon.com, pointing to Your Web
   Services Account, then clicking View Access Key Identifiers.
   Depending on when you signed up for ECS 3.0, you may need to
   re-register for an AWS account, which includes an Access Key ID.
4. Enter your AWSAccessKeyID in the Koha syspref called
AWSAccessKeyID

For complete details on the changes in Amazon.com Associates Web
Service 4.0, and the migration process, please see: http://tinyurl.com/ysorqy

Other changes with this patch:
 * added $tabsysprefs{PatronsPerPage}="Patrons";
 * Moved OPAC Features to OPAC in sysprefs
 * removed experimental OPACXISBNAmazonSimilarItems and XISBNAmazonSimilarItems features

Signed-off-by: Joshua Ferraro <jmf@liblime.com>
2008-03-16 12:27:55 -05:00