Argument "" isn't numeric in int
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 678e3f6e20)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 4c4349dbdb)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Test plan:
Try passing page=x now and verify different behavior (no 500).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 90f0113557)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit d903ffd4e6)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Same fix as Bug 28561: Remove DBIC warning in opac-shelves
But for staff
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f388b99af0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 509fd15d26)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
The op "edit_form" doesn't change state. It just renders the edit
form. Therefore, it doesn't need a CSRF token/check.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit caf962fbaa)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit c0f232250e1186dd217e77db7e121a0b98a789cb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Public lists with 'Allow changes to contents from' = 'Permitted staff only'
can have their contents managed by Koha patrons with either of the
permissions below:
- superlibrarian permission
- catalogue permission + 'edit_public_list_contents' sub-permission
Test plan:
1. Apply patches, update database, restart services
2. In the staff client go to: Lists > New List
3. Create a list, choose 'Allow changes to contents from' => 'Permitted
staff only'
4. Log into the OPAC as a patron with no permissions.
5. Confirm you CANNOT add a biblio to the list from the OPAC search result page and
OPAC biblio detail pages
6. Log into the OPAC as a patron with only the 'catalogue' permissions
enabled
7. Confirm you CANNOT add a biblio to the list from OPAC search result
or biblio detail pages
8. Log into the OPAC as a patron with the 'catalogue' and
'edit_public_list_contents' permissions enabled
9. Confirm you CAN add/remove biblios from the OPAC search result and
biblio detail pages
10. Log into the OPAC as a patron with superlibrarian permissions
11. Confirm you CAN add a biblio to the list from the OPAC search result
page and OPAC biblio detail pages
12. Log into the staff client as a patron with only the
'catalogue' permission and confirm you CANNOT add/remove records from the
list
13. Log into the staff client as a patron with the 'catalogue' and
'edit_public_list_contents' sub-permission (found under 'Lists' parent
permission)
14. Confirm you CAN add/remove records from the list
15. Login into thestaff client as a patron with 'superlibrarian'
permissions and confirm you CAN add/remove records from the list
Sponsored-by: Catalyst IT, New Zealand
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patchset adds an 'interface' parameter to XSLTParseForDisplay to avoid fetching
coins when not needed
Additionally we move some logic from the scripts to searchResults to avoid an extra fetch fo the biblio object
To test:
1 - Enable COinSinOPACResults syspref
2 - Also enable OPACShowOpenURL and OPACOpenURLItemTypes - adding an itemtype that you can find
3 - Perform a search on the OPAC and confirm coins are included and openurl shown
4 - Perform a search on staff client and confirm openurls do not show
5 - Apply patch
6 - Results should be the same
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
And GetItemsLocationInfo from shelves.pl
Bug 27272 is going to remove C4::Items::GetItemsInfo in favour of Koha::Items->search_ordered.
Here we are going to deal with virtualshelves/sendshelf.pl
Test plan:
List items on the modified view and confirm that all the info is
displayed correctly
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
JD Amended patch:
-# FIXME Special case here
- print "Biblio not found\n,";
+ print "Biblio not found\n";
- my $biblio = Koha::Biblio->find($hostbiblionumber);
+ my $biblio = Koha::Biblios->find($hostbiblionumber);
Rebased-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
Verify if transfer shared list on OPAC still works as expected.
Same for intranet counterpart for public lists.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
[1] Valid transfer:
Log in with staff patron C having edit_public_lists.
Pick a public list. Choose Transfer. Select a patron.
Submit and check if transfer was successful.
[2] Permission problem:
Pick a staff user D. Temporary enable edit_public_lists.
Add another private tab. Login with D.
Pick a public list. Transfer. Choose another patron. Wait.
Switch tab: remove added permission from D.
Switch tab again: Submit transfer form. Error? Close tab.
[3] Bonus test - Shelf disappeared:
Pick a public list. Transfer. Choose another patron. Wait.
Open another tab. Delete the selected public list.
Close tab. Submit the transfer. Not exist error?
[4] Bonus test - Patron not found:
Pick a public list. Transfer. Choose another patron. Wait.
Open another tab. Delete selected patron.
Close tab. Submit transfer. Patron not found error?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Note: Adjusting shelves_results template too for not allowing delete
when you do not have delete_public_lists (or higher). If you are the
owner, you are allowed to edit or delete. But transfer specifically
needs edit_public_lists (or higher).
Note: Removed a few useless POD lines to make qa tools happy.
Test plan:
Check if you see the transfer button on public lists only when having
permission edit_public_lists (or higher). And never on private lists.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The solution was to add regexp that trims all whitespaces.
How to test:
1. Go to the koha/virtualshelves/shelves.pl;
2. Add new list or edit existing one;
3. Start adding new items;
4. In the "Barcode" field add barcode(s) with whitespaces before them;
5. Observe that it wasn't added as the barcode isn't recognized because of whitespaces;
6. Apply the patch;
7. Repeat step 4;
8. Observe that the item was successfully added;
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If a staff member has access to the staff client (either because
'catalogue' permission is enabled or they're a superlibrarian
then that user can add items (from OPAC or staff client) to a list
marked 'Staff only'
Test plan:
1. In the staff client go to: Lists > 'New list'. Notice under 'Allow changes to contents
from' there are three options: Nobody, Owner only, Anyone seeing this
list
2. Apply first 3 patches and run updatedatabase.pl
cd installer/data/mysql
sudo koha-shell <instance>
./updatedatabase.pl
3. Restart memcached and plack
4. Create 4 patron accounts:
- User A : Superlibrarian permissions
- User B : 'Staff access, allows viewing of catalogue in staff interface
(catalogue)'
- User C : No permissions
- User D : 'Staff access, allows viewing of catalogue in staff
interface' and 'Lists' > Edit public lists (edit_public_lists)' sub-permission
5. Login to staff client as User A.
Create a public list and select the new 'Staff only' option under 'Allow changes to contents from'
6. Log into the staff client as User B.
Confirm you can add items to the list from the following staff client pages:
- Individual list page using the 'Add items' button
- Staff client search result page
- Staff client biblio detail page
7. Confirm you can remove items from the list
8. Confirm you can perform an OPAC search when not logged in
9. Log into the OPAC as User B. Confirm you can add items to the list
from the following OPAC pages:
- OPAC search result page
- OPAC biblio detail page
10. Log into the OPAC as User C. Do an OPAC search and confirm you
can view the list, but not add items to it
11. Login to the staff client as User B. Create a new list with the
following settings:
- 'Category'='Private',
- 'Allow changes to contents from'='Staff only'
Notice a red hint message is displayed.
Change 'Category'='Public' and notice the hint is removed
12. Log into the OPAC as User C. Notice the 'Staff only' option is not
available when creating a list
13. Log into the OPAC as User B. Repeat step 11. Confirm the same
outcome
14. Log into the staff client as User A. Create a list with the
following settings:
- Public = 'Public'
- Allow changes to contents from = 'owner only'
15. Log into the staff client as User D. Edit the list from step 14
confirm you can edit the list to have 'Allow changes to contents from' =
'Staff only'
16. Run Patron.t and Virtualshelves.t unit tests:
sudo koha-shell <instance>
prove t/db_dependent/Koha/Patron.t
prove t/db_dependent/Virtualshelves.t
Sponsored-by: Horowhenua District Council, New Zealand
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
and some more...
There are lot of inconsistencies in our ->search calls. We could
simplify some of them, but not in this patch. Here we want to prevent
regressions as much as possible and so don't add unecessary changes.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Wrong key 'xsl_filename' is present in opac-tags.pl and shelves.pl
(the only places where it is used in the code even) instead of
'xsl_syspref' that is actually used and this is the cause of those
warnings.
Also added honeypot to check if other calls in same way happens.
Honeypot probably not needed, review when QA in the Community.
To reproduce (shelves.pl):
1) Prepare some test list with items or use existing one.
2) Go to the lists page (koha/virtualshelves/shelves.pl),
notice multitude of new warnings in the "intranet-error.log" log file
that mostly have to do with "Use of uninitialized value $xslsyspref".
3) Apply the patch.
4) Go back to same page and check it again, warns like that should not
appear in the log file anymore.
To reproduce (opac-tags.pl):
1) Go to the "my tags" page in OPAC and open "tag cloud".
2) Notice a bunch of new warnings in the log file that mostly have to
do with "Use of uninitialized value $xslsyspref".
3) Apply the patch.
4) Reload the page and check the log file again.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patchset moves the 'category' attribute for virtual shelves, that
takes values of 1 and 2 (private and public respectively) into a boolean
for public.
The DBRev is trivial, and the changes to the code are as well.
To test:
1. have some known public and private lists
2. Apply this patches
3. Run:
$ updatedatabase
=> SUCCESS: Public lists have public=1, private have public=0
4. Run:
$ kshell
k$ prove t/db_dependent/Utils/Datatables_Virtualshelves.t \
t/db_dependent/Virtualshelves.t
=> SUCCESS: Tests pass!
5. Try the feature in staff and OPAC
=> SUCCESS: All good
6. Sign off :-D
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Use a hash for better readability and reusability.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
On bug 17591 we discovered that there was something weird going on with
the way we export and use subroutines/modules.
This patch tries to standardize our EXPORT to use EXPORT_OK only.
That way we will need to explicitely define the subroutine we want to
use from a module.
This patch is a squashed version of:
Bug 17600: After export.pl
Bug 17600: After perlimport
Bug 17600: Manual changes
Bug 17600: Other manual changes after second perlimports run
Bug 17600: Fix tests
And a lot of other manual changes.
export.pl is a dirty script that can be found on bug 17600.
"perlimport" is:
git clone https://github.com/oalders/App-perlimports.git
cd App-perlimports/
cpanm --installdeps .
export PERL5LIB="$PERL5LIB:/kohadevbox/koha/App-perlimports/lib"
find . \( -name "*.pl" -o -name "*.pm" \) -exec perl App-perlimports/script/perlimports --inplace-edit --no-preserve-unused --filename {} \;
The ideas of this patch are to:
* use EXPORT_OK instead of EXPORT
* perltidy the EXPORT_OK list
* remove '&' before the subroutine names
* remove some uneeded use statements
* explicitely import the subroutines we need within the controllers or
modules
Note that the private subroutines (starting with _) should not be
exported (and not used from outside of the module except from tests).
EXPORT vs EXPORT_OK (from
https://www.thegeekstuff.com/2010/06/perl-exporter-examples/)
"""
Export allows to export the functions and variables of modules to user’s namespace using the standard import method. This way, we don’t need to create the objects for the modules to access it’s members.
@EXPORT and @EXPORT_OK are the two main variables used during export operation.
@EXPORT contains list of symbols (subroutines and variables) of the module to be exported into the caller namespace.
@EXPORT_OK does export of symbols on demand basis.
"""
If this patch caused a conflict with a patch you wrote prior to its
push:
* Make sure you are not reintroducing a "use" statement that has been
removed
* "$subroutine" is not exported by the C4::$MODULE module
means that you need to add the subroutine to the @EXPORT_OK list
* Bareword "$subroutine" not allowed while "strict subs"
means that you didn't imported the subroutine from the module:
- use $MODULE qw( $subroutine list );
You can also use the fully qualified namespace: C4::$MODULE::$subroutine
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It defaults to 0 in get_template_and_user
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
We certainly faced 3 similar bugs due to this syntax: bug 23006, bug
22941 and bug 17526.
To prevent other issues related to this syntax this patch suggests to
replace them all in one go.
Test plan:
Confirm that the 2 syntaxes are similar
Eyeball the patch and confirm that there is no typo!
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Test plan:
Hit /virtualshelves/shelves.pl?op=view&shelfnumber=1&sortfield=author(
You must not get:
Unmatched ( in regex; marked by <-- HERE in m/^author( <-- HERE $/ at /home/vagrant/kohaclone/virtualshelves/shelves.pl line 236
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This reverts commit 375dd35d53.
https://bugs.koha-community.org/show_bug.cgi?id=22836
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The category parameter should be restricted to 1 or 2 (private/public). In
order to keep same behavior, no parameter means 1 (private).
Note: Adding the same line in intranet counterpart.
Test plan
[1] Check for category empty, '1a', '11' etc. And with script ;)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Test plan:
1) Ensure the COinS span tag is still included on this pages. You need
to look into html source and search for span tag with class 'Z3988',
which has COinS string in title.
Staff client:
catalogue -> ISBDdetail
catalogue -> MARCdetail
catalogue -> detail
virtualshelves -> shelves
OPAC (you should have COinSinOPACResults system preference enabled):
opac detail
opac search
opac shelves
2) Run tests:
prove t/Biblio.t t/db_dependent/Biblio.t t/db_dependent/Koha/Biblio.t
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested with all 9 current patches. Works as advertised, including
OPACURLOpenInNewWindow. If a record has no items, no OpenURL link
is displayed. All the suggested tests pass. I did not test with
XSLT turned off.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Note: This is here for information purpose, feel free to test it if you
wan to play with it.
TODO: C4::Reserves::_get_itype is not longer in use
No more GetItem must be returned by:
git grep GetItem|grep -v GetItemsAvailableToFillHoldRequestsForBib|grep
-v GetItemsForInventory|grep -v GetItemsInfo|grep -v
GetItemsLocationInfo|grep -v GetItemsInCollection|grep -v
GetItemCourseReservesInfo|grep -v GetItemnumbersFromOrder|grep -v
GetItemSearchField|grep -v GetItemTypesCategorized|grep -v
GetItemNumbersFromImportBatch|cut -d':' -f1|sort|uniq
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
DBMS can sort callnumbers correctly using cn_sort. We should use it
showing a list's content.
Test plan:
- Add items with callnumber to a list
- Display the list
- List the content by callnumbers
=> Confirm that the records are correctly sorted by callnumber
Signed-off-by: Myka Kennedy Stephens <mkstephens@lancasterseminary.edu>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
In the staff client, when viewing the content of a list, it can be sorted by 'title', 'author' or 'call number' but not by 'date added'.
This patch adds 'date added' as an option for default sorting of lists. It also makes it available as a sorting option while viewing lists.
Test plan:
In the staff client and the opac:
1) View a list containing several items
=> Notice that you can't sort by 'date added'
2) Try to edit the list or create a new one
=> Notice you can't choose date added as the default sort order
3) Apply the patch
4) When viewing the list you should now be able to sort by date added
=> Make sure it orders correctly
5) Edit or create a list and choose date added as default sorting order
=> Make sure it uses date added as default
=> On the staff client: test that the filter for 'sort by' works for date added
=> On the opac: test that, while viewing the contents, choosing 'default sorting' in the dropdown menu sorts correctly
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
In the staff client, when viewing the content of a list, it can be sorted by 'title', 'author' or 'call number' but not by 'date added'.
Test plan:
1) In the staff client, view a list containing several items
2) Notice that you can't sort by 'date added'
3) Apply the patch
4) Repeat step 1
5) The list can now be sorted by 'date added'
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
To test:
1) Apply patch and go to Lists
2) Click on an existing list or create a new list
3) Add items by barcode, confirm this functionality still works
4) Trigger error messages (adding duplicate barcodes, barcodes that
don't exist) to confirm they still show as appropriate
5) Test adding by biblionumber, confirm this works as expected
6) Trigger error messages (adding duplicate biblionumbers, biblionumbers
that don't exist). Confirm wording is appropriate in messages.
7) Add both barcodes and biblionumbers at the same time, confirm this
works as expected
Sponsored-by: Catalyst IT
Signed-off-by: Israelex A Veleña for KohaCon17 <israelex19@gmail.com>
Signed-off-by: Israelex A Veleña for KohaCon17 <israelex19@gmail.com>
Signed-off-by: Harold <harold.sabanal@gmail.com>
Signed-off-by: macon lauren KohaCon2017 <caballeromaricon@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Bug 17214: [FOLLOW-UP] Using Koha::Biblios instead of GetBiblio
Ready to test
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Change parameters to a hashref.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Looks good to me.
Two calls in migration_tools/22_to_30 still in old style.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
GetMember returned a patron given a borrowernumber, cardnumber or
userid.
All of these 3 attributes are defined as a unique key at the DB level
and so we can use Koha::Patrons->find to replace this subroutine.
Additionaly GetMember set category_type and description.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The subroutine C4::Biblio::GetBiblioFromItemNumber was wrong for several
reasons:
- badly named, we can get biblio info from a barcode
- SELECT * from items, biblio and biblioitems
makes things hard to follow and debug, we never know where do come from
the value we display
- sometimes called only for trivial information such as biblionumber,
author or title
This patchset suggests to replace it with calls to:
- Koha::Items->find for item's info
- $item->biblio for biblio's info
- $item->biblio->biblioitem for biblioitem's info
Test plan:
Item's info should correctly be displayed on the following pages:
- circulation history
- transfer book
- checkin
- waiting holds
QA will check the other changes reading the code, it's trivial
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Resolve warning from members/summary-print.pl:
"my" variable $itemtype masks earlier declaration in same scope
Test if find returns a Koha object in GetDescription.
Test if find returns a Koha object too in shelves.pl. While testing, I had
a crash on a biblioitem with itemtype NULL (bad record, but these things
tend to happen somehow.)
Can't call method "imageurl" on an undefined value at virtualshelves/shelves.pl line 253.
Same for opac/opac-shelves.pl.
Note: Did not add tests everywhere but generally, I have the impression that
we do not sufficiently test on the results of Koha::Object->find. Mostly we
just assume that it will find a record. Several reports include fixes to
resolve that wrong assumption.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
The C4::Koha::getitemtypeinfo subroutine did the almost same job as
GetItemTypes. On top of that it returned the imageurl value processed by
C4::Koha::getitemtypeimagelocation.
This value is only used from the 2 [opac-]shelves.pl scripts. Then it's
better not retrieve it only when we need it.
Test plan:
Play with the different scripts touched by this patch and focus on item
types. The same description as prior to this patch must be displayed.
Note that sometimes it is not the translated description which is
displayed, but that should be fixed on another bug report. Indeed we do
not expect this patch to change any behaviors.
Signed-off-by: Lari Taskula <lari.taskula@jns.fi>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
The two new columns as mentioned in the commit message of the table
revision must be used in the codebase now.
Highlighting some changes in Koha::VirtualShel[f|ves]:
[1] Additional methods is_public and is_private.
[2] Method add_biblio did not check permissions. Does now. No impact on the
interface, but one call in the unit test was affected.
[3] Method remove_biblios is signficantly simplified. Removed a FIXME.
[4] Method can_biblios_be_removed now redirects to can_biblios_be_added.
A followup report may deal with unifying those routines.
[5] Condition in get_some_shelves changed.
[6] The reference to allow_add in get_shelves_containing_record can simply
be removed.
opac-shelves.pl and shelves.pl now pass the default setting of Owner only
to the template.
Templates shelves.tt and opac-shelves.tt now include the new permission
field with three choices as mentioned in the table revision patch.
opac-addbybiblionumber.pl and addbybiblionumber now need a check on
allow_change_from_owner; search conditions slightly adjusted to the new
permission scheme.
Test plan:
When we refer to visibility in the test plan, please check the Add to-combo
on opac search results and staff results. And check opac-addbybiblionumber
by clicking Save to Lists from opac results.
The step 'Check delete' means: open the list in opac and check if you see
the Delete button below the entries (only check, do not delete).
[ 1] Create private list I01 (perm=Owner)
[ 2] Check visibility: Seen.
[ 3] Add a book. (Change by owner should be allowed.)
[ 4] Check delete: Yes.
[ 5] Edit list I01, set perm=Nobody
[ 6] Check visibility: Not seen.
[ 7] Check delete: No.
[ 8] Share list I01 with another patron.
[ 9] Check visibility for the other patron: Not seen.
[10] Check delete for the other patron: No.
[11] Change permission of list I01 to Anyone (by owner).
[12] Check visibility for the other patron: Seen.
[13] Let other patron add a book (change is allowed).
[14] Let owner delete the same book again (change allowed).
[15] Create public list U01 (perm=Owner)
[16] Check visibility: Seen.
[17] Add a book. (Change by owner should be allowed.)
[18] Login as other user. Check visibility: Not seen. Check delete: No.
[19] Change permission of U01 to Nobody (by owner)
[20] As owner: Check visibility: Not seen. Check delete: No.
[21] As other user: Check visibility: Not seen. Check delete: No.
[22] Create public list U02 (perm=Anyone)
[23] Add a book by owner.
[24] Delete the same book by other user. Add another book.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jesse Maseto <jesse@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch changes the barcode input on add list to a textarea and
process multiples barcodes to allow for adding many items to a list
at once
To test:
1 - Create a list
2 - Add some items
3 - Verify items are added and success reported
4 - Add these items again
5 - Verify you are notified they were not added
6 - Type invalid barcodes into the text area and submit
7 - Verify you are notifed of failure to add
8 - Try going to a list that doesn't exist and adding barcodes
i.e. http://localhost:8081/cgi-bin/koha/virtualshelves/shelves.pl?op=add_biblio&shelfnumber=9999&barcodes=4
9 - Verify correct error
10 - Try the above but with a list that exists while signed in as a patron
without lists permission:
i.e. http://localhost:8080/cgi-bin/koha/opac-shelves.pl?op=view&shelfnumber=3
11 - Verify correct error: "You do not have permission to view this list."
Signed-off-by: Chris Kirby <chris.kirby@ilsleypubliclibrary.org>
Works as advertised.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
To Test-
1. In the Staff Client, go to Lists
(/cgi-bin/koha/virtualshelves/shelves.pl) and create a new list with
the same name as an existing one. --note that it has some red in it
like an error
2. apply patch
3. In the Staff Client, go to Lists
(/cgi-bin/koha/virtualshelves/shelves.pl) and create a new list with
the same name as an existing one. --note that now it should be just
yellow with black writing as an alert
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
It has been reported that
/cgi-bin/koha/opac-shelves.pl?op=edit&referer=view&shelfnumber=146&owner=4&shelfname=testX&sortfield=titleaaaaaa\`&category=1
Could lead to SQL injection
Actually it explodes because the generated SQL query is not correctly formated.
However it would be good to limit the possible values for sortfield.
This vulnerability has been reported by MDSec.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Instead of DBIx::Class objects.
Test plan:
1/ Add content to a list and share it with another patron
2/ Try to view the list with the other patron
3/ download and send a shelf and check if the biblio list is correct
4/ prove t/db_dependent/Virtualshelves.t should return green
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Same as previous patch but for the staff interface
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
