Koha-community/Koha - Koha - Koha: The world's first free and open source library system

Author	SHA1	Message	Date
Jonathan Druart	9d6d641d1f	Bug 17600: Standardize our EXPORT_OK On bug 17591 we discovered that there was something weird going on with the way we export and use subroutines/modules. This patch tries to standardize our EXPORT to use EXPORT_OK only. That way we will need to explicitely define the subroutine we want to use from a module. This patch is a squashed version of: Bug 17600: After export.pl Bug 17600: After perlimport Bug 17600: Manual changes Bug 17600: Other manual changes after second perlimports run Bug 17600: Fix tests And a lot of other manual changes. export.pl is a dirty script that can be found on bug 17600. "perlimport" is: git clone https://github.com/oalders/App-perlimports.git cd App-perlimports/ cpanm --installdeps . export PERL5LIB="$PERL5LIB:/kohadevbox/koha/App-perlimports/lib" find . \( -name ".pl" -o -name ".pm" \) -exec perl App-perlimports/script/perlimports --inplace-edit --no-preserve-unused --filename {} \; The ideas of this patch are to: * use EXPORT_OK instead of EXPORT * perltidy the EXPORT_OK list * remove '&' before the subroutine names * remove some uneeded use statements * explicitely import the subroutines we need within the controllers or modules Note that the private subroutines (starting with _) should not be exported (and not used from outside of the module except from tests). EXPORT vs EXPORT_OK (from https://www.thegeekstuff.com/2010/06/perl-exporter-examples/) """ Export allows to export the functions and variables of modules to user’s namespace using the standard import method. This way, we don’t need to create the objects for the modules to access it’s members. @EXPORT and @EXPORT_OK are the two main variables used during export operation. @EXPORT contains list of symbols (subroutines and variables) of the module to be exported into the caller namespace. @EXPORT_OK does export of symbols on demand basis. """ If this patch caused a conflict with a patch you wrote prior to its push: * Make sure you are not reintroducing a "use" statement that has been removed * "$subroutine" is not exported by the C4::$MODULE module means that you need to add the subroutine to the @EXPORT_OK list * Bareword "$subroutine" not allowed while "strict subs" means that you didn't imported the subroutine from the module: - use $MODULE qw( $subroutine list ); You can also use the fully qualified namespace: C4::$MODULE::$subroutine Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>	8 years ago
Agustin Moyano	52deed335e	Bug 23816: (follow-up) Fix many things This patch: * reverts changes on misc/admin/set_password.pl * makes category param mandatory for AuthUtils::is_valid_password and AuthUtils::generate_password * changes onboarding.pl to set category param in AuthUtils::is_valid_password * Completes t/db_dependent/AuthUtils.t and drops t/AuthUtils.t * Removes offending <input type="number"/> and replaces it by <input type="text" inputmode="numeric" pattern="[0-9]*"/> https://bugs.koha-community.org/show_bug.cgi?id=23826 Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>	4 years ago
Agustin Moyano	5848da810e	Bug 23816: Add minimum password length and require strong password overrides by category This patch adds the capability to override minPasswordLenth and RequireStrongPassword settings by category To test: 1. koha-shell kohadev 2. koha-mysql kohadev 3. drop database koha_kohadev; 4. create database koha_kohadev; 5. go to admin page and start webinstaller. There continue the steps until onboarding. 6. reach step 3 of onboarding and create a new administrator patron CHECH => Password control woks as normal (Minimum length 3 and strong required) 7. finish Koha installation and enter admin with your new administrator 8. set minPasswordLength to 3 and RequireStrongPassword to “Don’t require” 9. Create a new category (CAT2 from now on.. CAT1 is the category you made in onboarding process) and set minimum password length to 8 and require strong password 10. Create two new patrons, one with CAT1(patron1) and one with CAT2 (patron2) CHECK => In both cases, try different combinations of length and strength. For patron1 the only requirement is to have 3 letters, but for patron2 the minimum length will be 8 and will require strong password. CHECK => Try changing patron category before saving. Password requirements will change with category change. 11. Edit CAT1 and set minimum password length to 5 12. Go to patron1 details page, and change password. CHECH => Now password minimum length is 5, but still it doesn’t require strong password 13. Edit CAT1, leave blank minimum password length and set require strong password to yes. 14. Go to patron1 details page, and change password. CHECH => Password minimum length is back to 3, but now strong password is required 15. Set minimum password length in CAT2 to 12. 16. Go to patron2 details page, and click to fill a random generated password CHECK => generated password should be 12 characters length 17. Set PatronSelfRegistration to Allow in admin settings 18. Go to OPAC and fill self registration from. CHECK => Play with patron category. For each change in category, password requirements are modified. CHECK => Set CAT1 as patron category, set ‘aA1’ as password (or another valid password for CAT1) and before hitting submit button, change to CAT2. Form should enter invalid state, and CAT2 password requirements should be displayed as error in password input. 19. Create a patron for CAT1 and another for CAT2, leaving password blank CHECK => For CAT1’s patron, generated password length is 8 (minimum length for generated passwords), but for CAT2’s patron should be 12 20. In admin set PatronSelfRegistrationVerifyByEmail to require 21. Fill self registration form again with CAT2 as category CHECK => Password requirements works as previous case. 22. Leave password blank and click submit 23. select * from message_queue; 24. Copy the link in the message and paste it in OPAC CHECH => Generated password is 12 characters long. (Copy user id for next steps) 25. In admin set OpacResetPassword to Allow 26. Go back to OPAC, reload and click on “Forgot password?” link 27. Paste user id and click submit 28. Repeat steps 23 and 24 CHECK => Info message says “Your password must contain at least 12 characters, including UPPERCASE, lowercase and numbers.” CHECK => enter an invalid password and you’ll get the same message in warning. 29. Login OPAC with the last user and your newly created password 30. Go to “Change your password” option CHECK => Info message says “Your password must contain at least 12 characters, including UPPERCASE, lowercase and numbers.” CHECK => enter an invalid password and you’ll get the same message in below “New password” input. 31. prove t/db_dependent/AuthUtils.t t/db_dependent/Koha/Patron/Category.t 32. Sign off Sponsored-by: Northeast Kansas Library - NEKLS Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>	4 years ago
Tomás Cohen Arazi	d5fd85da18	Bug 23193: Make set_password.pl use Koha::Script Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>	5 years ago
Tomás Cohen Arazi	3ef48c8708	Bug 17746: (QA follow-up) Make set_password.pl generate a password if required This patch makes the set_password.pl script generate the password if it is not passed as an argument. It also changes the behaviour of set_password.pl: it will now print the userid and password (generated or not) to mimick the behaviour from koha-reset-passwd. The koha-reset-passwd gets simplified as it doesn't generate the random password anymore, it passes the responsability to set_password.pl To test: - Follow the steps from the original platch - Verify all behaves as expected Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>	5 years ago
Tomás Cohen Arazi	e2f6542e1e	Bug 17746: Add misc/admin/set_password.pl script This patch introduces a script that allows changing a patron's password. The change overrides the defined password enforcement policy. If multiple conditions are passed to match on the patron, they all need to match. Otherwise an error message is printed. Attributes to search the patron on: - cardnumber - patron_id (a.k.a. borrowernumber) - userid we usually know some of them, but if we specify more than one, they need to match a patron, together. To test: 1) Apply this patch 2) Have a known patron (i.e. you know the cardnumber, the borrowernumber and the userid). 3) Run: $ kshell k$ perl misc/admin/set_password.pl --cardnumber <the_card_number> \ --password a_password 4) Verify you can login with the new password 5) Repeat 3) through 5) with --patron_id and --userid => SUCCESS: You can login in all cases 6) Try combining some or all the parameters => SUCCESS: It fails when it should, it succeeds when it should 7) Sign off :-D Signed-off-by: Pierre-Marc Thibault <pierre-marc.thibault@inLibro.com> Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>	5 years ago