Commit graph

113 commits

Author SHA1 Message Date
59ff962caa Bug 26019: Koha should set SameSite attribute on cookies
This patch modifies the way Koha sets cookies so that the "sameSite"
attribute is explicitly set to "Lax." This option is chosen because it
is the value which is currently assumed by browsers when the sameSite
attribute is not set.

To test, apply the patch and restart services.

- Log in to the staff interface and open your browser's developer tools.
  - In Firefox, look for a "Storage" tab.
  - In Chrome, look for an "Application" tab.
- Under "Cookies," click the URL of the staff interface.
- You should see all the cookies which are set for that domain.
- The CGISESSID cookie should have sameSite set to "Lax."

- Go to Cataloging -> New record.
  - Check the "marcdocs" and "marctags" cookies.
- Switch to the Advanced MARC editor (you may need to enable
  theEnableAdvancedCatalogingEditor preference).
  - Check the "catalogue_editor" cookie.
- Add a new item to an existing bibliographic record.
  - Check the "LastCreatedItem" cookie which is set after you save the
    new item.
- Go to Authorities -> Authority search.
  - In authority search results, click "Merge" from the "Actions" menu
    next to one of the results..
    - Check the "auth_to_merge" cookie.
- Go to Administration -> MARC bibliographic framework
  - Choose "MARC structure" from the menu corresponding to one of the
    frameworks.
  - Check the "Display only used tags/subfields" checkbox.
    - Check the "marctagstructure_selectdisplay" cookie.
- Go to Circulation -> Check out to a patron with checkouts.
  - Check the "Always show checkouts immediately" checkbox.
    - Check the "issues-table-load-immediately-circulation" cookie.
- Go to Tools -> Patron clubs. You will need at least one active club
  with one or more patrons enrolled.
  - From the list of clubs, click Actions -> Search to hold.
    - Check the "holdforclub" cookie.
- Go to Tools -> Batch item modification and submit a batch of items.
  - Uncheck one or more checkboxes in the "Show/hide columns" area.
    - Check the "showColumns" cookie.
- View a patron -> Search to hold.
  - Check the 'holdfor' cookie.
- With WebBasedSelfCheck enabled, log in to the self-checkout page.
  - Check the "JWT" cookie.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-04-13 15:55:38 +02:00
d753755590 Bug 30199: Do not generate jwt if patron does not exist
This is a follow-up patch for bug 29543. If an invalid cardnumber has
been used we should not generate a token.

Test Plan:
1. Set SelfCheckoutByLogin to 'cardnumber'.
2. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
3. Enter an invalid carnumber like 'thisisabadcardnumber'
4. See the appropriate message "Sorry The userid thisisabadcardnumber was not found in the database. Please try again."
5. Try again with a different cardnumber and notice the same exact error message including the 'thisisabadcardnumber' cardnumber.
6. Apply this patch
7. Restart all the things!
8. Repeat steps 2-4
9. Try again with a different cardnumber, you should now see the correct
   cardnumber!

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-03-24 14:22:10 -10:00
7ea17a2422 Bug 29966: Dont pass authnotrequired true and flags together
Test plan:
Logout in OPAC.
Goto sco help page.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-02-09 22:01:36 -10:00
0757b0976f Bug 30045: (bug 29543 follow-up) Fix SCO print slip
Certainly since bug 29543 and bug 29914.

We should do the same authentication check than sco-main.pl, and also
make sure to generate the checkout history only for the logged in patron
(the OPAC one, not staff member)

Test plan:
Use the different combinations of the SCO config (AutoSelfCheckAllowed,
SelfCheckoutByLogin and WebBasedSelfCheck) and confirm that this patch
fixes the SCO print slip feature.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-02-09 15:36:24 -10:00
b80fda78d9 Bug 29543: Prevent user to checkin or renew items they don't own
Checkin or renew must be restricted to the items they own.

Test plan:
Create an item with barcode bc_1
Check it in to user A
Login to SCO with user B
Get the token using the browser dev tool, from the cookie
Hit (replace $JWT)
    /cgi-bin/koha/sco/sco-main.pl?jwt=$JWT&op=renew&barcode=bc_1
    /cgi-bin/koha/sco/sco-main.pl?jwt=$JWT&op=returnbook&barcode=bc_1

You should see an error message

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-02-02 21:05:29 -10:00
78815e9777 Bug 29543: Enforce authentication for self-checkout
The self-checkout feature is assuming a patron is logged in if patronid
is passed. It also assumes that "We're in a controlled environment; we
trust the user", which is terribly wrong!

This patch is suggesting to generate a JSON Web Token (JWT) to store in
a cookie and only allow action (renew, check in/out) is the token is
valid. The token is only generated once the user has been authenticated
And is removed when the user finish the session/logout.

Test plan:
You must know exactly how the self-checkout feature works to test this patch.
The 4 following sysprefs must be tested:
 SelfCheckoutByLogin, AutoSelfCheckAllowed, AutoSelfCheckID, AutoSelfCheckPass
Confirm that you can renew, checkin for the items you own, and checkout new items.
Confirm that you are not allowed to access other account's info.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-02-02 21:05:29 -10:00
66c895eb12 Bug 29543: Remove inputfocus variable
It's not used in template

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-02-02 21:05:29 -10:00
820a2bb4e0 Bug 29543: Remove borrower variable
It's not needed, we have $patron

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2022-02-02 21:05:29 -10:00
18c1500772 Bug 28211: Replace use of call_recursive() with call()
This is based on Julian's idea on bug 28026 where we could get rid of call_recursive by passing refs as arguments to call.

Test Plan:
1) Apply this patch
2) prove t/db_dependent/Koha/Plugins/Plugins.t
3) prove t/db_dependent/Koha/Plugins/Barcode_transform_hooks.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-18 11:28:41 +02:00
4f533776c6 Bug 26352: Switch from using call() to call_recursive()
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 14:56:09 +02:00
aea8ce7fcc Bug 26352: Add plugin hooks to transform patron barcodes
Some of our partners have unusual barcode requirements that have
required us to transform scanned barcodes using javascript. This is not
the most reliable method. It would make more sense to have Koha
transform the barcodes on the backend using a plugin. We should add
hooks to transform and generate new item and patron barcodes.

Test Plan:
1) Apply this patch
2) Download and install the Barcode Transformer plugin
   https://github.com/bywatersolutions/koha-plugin-barcode-transformer/releases/download/v1.0.1/koha-plugin-barcode-transformer-v1.0.1.kpz
3) Go to the plugin configuration page, set the configuration to the example configuration from the same page
4) In the patron search and anywhere else you can scan a patron
   cardnumber, type in some cardnumbers but prefix them with A and postfix
   them with A or B, e.g. A12345A, A12345B
5) Note the letters are removed by Koha!
6) Try a cardnumber like X123456Y
7) Note Koha converts it to Z13456Z

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 14:56:09 +02:00
b2b1483f4d Bug 26351: Add plugin hooks to transform item barcodes
Some of our partners have unusual barcode requirements that have
required us to transform scanned barcodes using javascript. This is not
the most reliable method. It would make more sense to have Koha
transform the barcodes on the backend using a plugin. We should add
hooks to transform and generate new item and patron barcodes.

Test Plan:
1) Apply this patch
2) Download and install the Barcode Transformer plugin
   https://github.com/bywatersolutions/koha-plugin-barcode-transformer/releases/
3) Go to the plugin configuration page, set the configuration to the example configuration from the same page
4) In the item barcode field on the checkin and checkout pages,
   and anywhere else you can scan an item barcode, type in some
   valid barcodes, but prefix them with X and postfix them with
   Y, e.g. X123456Y
5) Note the letters are removed by Koha!

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: (QA follow-up) Fix QA script issue

* Fixes issue with barcode generate stub so perlcritic is happy
* Removes extra semicolon from return call in configure method

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: Add unit tests

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: (QA follow-up) Remove unused method barcode_transform

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: (QA follow-up) Rename barcode_transform to item_barcode_transform

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: (QA follow-up) Barcodes inputted into Koha should always pass though barcodedecode

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: (QA follow-up) Catch one last case of itemBarcodeInputFilter

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: (QA follow-up) Fix Checkouts.t

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: Use call_recursive() as a replacement for call()

The method `call()` is not sufficient for barcode transformations. It's
possible that more than one barcode transformation plugin will be
installed. The `call_recursive()` method takes the output of the first
plugin and uses it as the input for the next plugin and so on. This allowes
each plugin to see the current version of the barcode and modify it if
necessary.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Bug 26351: Fix t/db_dependent/Koha/Plugins/Circulation_hooks.t

Bug 26351: Revert improper change to unit test, fix number of tests

Bug 26351: Remove uneeded use Koha::Plugins statements

Left over from previous changes

Bug 26351: Add missing barcodedecode import

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-10-06 14:56:09 +02:00
9d6d641d1f Bug 17600: Standardize our EXPORT_OK
On bug 17591 we discovered that there was something weird going on with
the way we export and use subroutines/modules.
This patch tries to standardize our EXPORT to use EXPORT_OK only.

That way we will need to explicitely define the subroutine we want to
use from a module.

This patch is a squashed version of:
Bug 17600: After export.pl
Bug 17600: After perlimport
Bug 17600: Manual changes
Bug 17600: Other manual changes after second perlimports run
Bug 17600: Fix tests

And a lot of other manual changes.

export.pl is a dirty script that can be found on bug 17600.

"perlimport" is:
git clone https://github.com/oalders/App-perlimports.git
cd App-perlimports/
cpanm --installdeps .
export PERL5LIB="$PERL5LIB:/kohadevbox/koha/App-perlimports/lib"
find . \( -name "*.pl" -o -name "*.pm" \) -exec perl App-perlimports/script/perlimports --inplace-edit --no-preserve-unused --filename {} \;

The ideas of this patch are to:
* use EXPORT_OK instead of EXPORT
* perltidy the EXPORT_OK list
* remove '&' before the subroutine names
* remove some uneeded use statements
* explicitely import the subroutines we need within the controllers or
modules

Note that the private subroutines (starting with _) should not be
exported (and not used from outside of the module except from tests).

EXPORT vs EXPORT_OK (from
https://www.thegeekstuff.com/2010/06/perl-exporter-examples/)
"""
Export allows to export the functions and variables of modules to user’s namespace using the standard import method. This way, we don’t need to create the objects for the modules to access it’s members.

@EXPORT and @EXPORT_OK are the two main variables used during export operation.

@EXPORT contains list of symbols (subroutines and variables) of the module to be exported into the caller namespace.

@EXPORT_OK does export of symbols on demand basis.
"""

If this patch caused a conflict with a patch you wrote prior to its
push:
* Make sure you are not reintroducing a "use" statement that has been
removed
* "$subroutine" is not exported by the C4::$MODULE module
means that you need to add the subroutine to the @EXPORT_OK list
* Bareword "$subroutine" not allowed while "strict subs"
means that you didn't imported the subroutine from the module:
  - use $MODULE qw( $subroutine list );
You can also use the fully qualified namespace: C4::$MODULE::$subroutine

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-07-16 08:58:47 +02:00
6f204fdf96 Bug 28591: Don't pass debug to get_template_and_user
There is a "debug" parameter we are passing from the controller scripts
to C4::Auth::get_template_and_user, but it's not actually used!

Test plan:
Confirm the assumption
Review the changes from this patch

Generated with:
perl -p -i -e 's#\s*debug\s*=\>\s*(0|1),?\s*##gms' **/*.pl

git checkout misc/devel/update_dbix_class_files.pl # Wrong catch
+ Manual fix in acqui/neworderempty.pl

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2021-06-22 12:04:32 +02:00
Andrew Isherwood
887022e0d2 Bug 24083: (follow-up) Make requested changes
This commit makes the changes requested in comment #120

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-11 16:09:58 +01:00
Andrew Isherwood
e429d90fb3 Bug 24083: (follow-up) Include SelfCheckInModule
As highlighted by Katrin, the selfcheckin module was not aware of this
work. This commits gives it awareness of the too_unseen renew error and
the "seen" argument that can be passed to AddRenewal

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-11-11 16:09:58 +01:00
Julian Maurice
96cc447045 Bug 25898: Prohibit indirect object notation
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-15 12:56:30 +02:00
7a7a0a2474 Bug 19382: Add ability to block guarantees based on fees owed by guarantor and other guarantees
Some libraries would like to not only block the circulation of a guarantor based on fines owed by guarantees, but would also like to block circulation for all guarantees as well. Basically, if a family as a whole reaches a certain threshold of fines, the entire family will be blocked from checking out items.

Test Plan:
1) Apply this patch
2) Set NoIssuesChargeGuarantorsWithGuarantees to $14
3) Create a family of four ( 2 guarantors, 2 guarantees ) where the parents guarantee both children
4) Give 3 of the 4 a $5 fine
5) None of them should be able to check out items

Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-14 14:50:07 +02:00
dc02192eb7 Bug 25261: (QA follow-up) Catch attepts to return via SCO
This patch adds a block to capture attempts to return items with
attached materials when checking in via the self checkout when the
relevant system preference is set.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-01 10:33:10 +02:00
be379b664c Bug 25261: (QA follow-up) Capitalize return of needsconfirm
This patch capitalizes the 'ADDITIONAL_MATERIALS' key in the
needsconfirm hash return value for CanBookBeIssued to restore
consistency with previous code and ensure SIP Checkout works as
expected.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-01 10:33:10 +02:00
334c8e94c1 Bug 25261: (QA follow-up) Add handling to SCO
Test plan
1/ Enable the feature as per previous patches
2/ Attempt to checkout an item with materials attached via the SCO
3/ Note that the checkut is blocked with the message 'Item must be
issued at a circulation desk'
4/ Signoff

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-10-01 10:33:10 +02:00
24556e73d2 Bug 26301: Use CanBookBeRenewed when renewing via self-checkout
Currently, if you have OverduesBlockCirc set to "Ask for confirmation"
and OverduesBlockRenewing set to "allow renewing", you get caught
in a loop where you can never renew an overdue material.

This patch uses CanBookBeRenewed for renewals, rather than CanBookBeIssued,
which means the correct rules are applied to the correct scenario.

To test:

a. Set OverduesBlockCirc to "Ask for confirmation"
b. Ensure "OverduesBlockRenewing" set to "allow renewing"
0. Apply the patch
1. Checkin item barcode 3999900000001
2. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
3. Checkout item barcode 3999900000001 to 1 year ago
4. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
5. Login as the "koha" user
6. Click on "Renew item"
7. Note that the item is renewed

8. Checkin item barcode 3999900000001
9. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
10. Checkout item barcode 3999900000001 to 1 year ago
11. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
12. Login as the "koha" user
13. Type "3999900000001" into the box under "Scan a new item or enter its barcode"
14. Click "Submit"
15. Note the system says the item is already checked out and it prompts
you to click "Renew item" in this screen
16. Click "Renew item"
17. Note the system says "Item renewed" near the top of the screen, and the "Due"
date near the bottom of the screen is more recent than the original due date

18. Checkin item barcode 3999900000001
19. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
20. Login as the "koha" user
21. Type "3999900000001" into the box under "Scan a new item or enter its barcode"
22. Click "Submit"
23. Note the system says "Item checked out" and the item appears in the checkouts
at the bottom of the screen

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-18 11:08:35 +02:00
638786e719 Bug 24663: Remove authnotrequired if set to 0
It defaults to 0 in get_template_and_user

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2020-09-03 10:40:35 +02:00
081a4c75be
Bug 25147: (RM follow-up) Update pref references.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-04-17 09:03:47 +01:00
da5024e5c2
Bug 22943: (QA follow-up) Add new cases
A few additional cases were introduced since the original bug was
authored. This patch simply catches those cases and makes the same
change.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-16 11:00:30 +00:00
Hayley Mapley
619d6362ce
Bug 22943: Renames the in_ipset function to in_iprange in C4::Auth
Bug 14407 introduced a new system preference to allow limiting the
online self checkout system to an IP or IP Range. The function that
handles this is called in_ipset, which is the name of a linux tool. To
stop confusion, this patch renames the function to 'in_iprange', and the
variable 'ipset' within it to 'iprange'.

To test, follow the test plans outlined in Bug 14407 and confirm that
everything works as expected.

Sponsored-by: Catalyst IT
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2020-03-16 11:00:21 +00:00
950074fa7e
Bug 23049: Update debit_type_code 'Res' to 'RESERVE'
This patch updates all cases where debit_type_code was 'Res' to
'RESERVE' which is more informative and consistent with the new style
guidelines.

The patch also ensure all calls to add_debit with a type or 'reserve'
now pass the capitalised code instead.

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:24:18 +01:00
d661141890
Bug 23049: Update existing code to use debit_type
* Update C4::Accounts::chargelostitem
* Update C4::Accounts::manualinvoice
* Update C4::Circulation::_FixOverduesOnReturn
* Update C4::Circulation::_FixAccountForLostAndReturned
* Update C4::Overdues::UpdateFine
* Update C4::Overdues::GetFine
* Update C4::Overdues::GetOverduesForBranch
* Update Koha::Account->pay
* Update Koha::Account->add_debit
* Update Koha::Account->non_issues_charges
* Update Koha::Account::Line->apply
* Update Koha::Account::Line->adjust
* Update controller scripts
* Update reports scripts
* Update tests

Test Plan
1) Run the test suit and ensure everything still passes
2) Test reports/cash_register_stats still works
3) Test that adding manual invoices still works
4) Test that making payments still works
5) Test that lost item fee handling still works
6) Test that invoice printing still works
7) Test that the sco still works

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
2019-10-24 17:24:15 +01:00
Nicholas can Oudtshoorn
30f0e7fec9 Bug 14407: Allow restricting SCO to IP or IP range
Converted this to actual applicable patches.
I think the test plan is comment #28. -- Mark Tompsett

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-05-10 11:39:50 +00:00
Agustin Moyano
0393f053b0 Bug 22538: Add a noticeable alert about waiting holds
In SCO, bug 21772 introduced holds information, but it lacked the
capability to attract atention when any of those holds was in waiting
status. Because SCO and opac-user uses the same include file for holds
table, this bug applies to both modules.

To test:
1) Have a patron with holds in waiting status and pending status.
2) Enable SCO module.
3) Holds tab label contains holds count, but doesn't inform that there
   is something that requires attention.
5) Holds tab content has no visual aid to recognize without reading
   effort which holds are in waiting status.
6) Apply this patch
   => SUCCESS: Holds tab label has a visual aid to indicate that
      something requires attention, and in
      holds table it's easy to recognize waiting holds without reading
      effort.
7) Sign off

Sponsored-by: Theke Solutions

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-17 12:25:25 +00:00
b74be6724b Bug 22588: (follow-up) Simplify getting accounts even more
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-16 13:17:33 +00:00
6d6aa48f6a Bug 22588: Simplify getting fines information in opac and selfcheckout
Test plan:
0) Have patron with some fines and credits
1) Go to opac and log in
2) Go to 'your summary' page and confirm it shows the right amount and
description for both, credit and debit
3) Go to 'your fines' page and confirm it show right information
4) Go to self checkout page and confirm the fines are right here

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Owen Leonard <oleonard@myacpl.org>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-16 13:17:33 +00:00
30ab16657b Bug 12166: Improve display of Reserve charges in patron account
This patch makes changes to the way hold fees are recorded and displayed
in the OPAC and staff client:

 - No English strings should be stored in the accountline description.
 - The accounttype code should be used to display what kind of charge it
   is.

To test, apply the patch and go to the staff client:

 - Configure a patron category to have a hold fee.
 - Place one or more holds for a patron in that category.
 - On the patron's record, view Accounting -> Make a payment
   - There should be a separate column for "Account type" showing "Hold
     fee" for the hold charges.
   - There should be no "Res" or "Reserve Charge" text in the
     description column--just the title.
 - Switch to the "Transactions" tab. The display should be similar.
 - In the OPAC, log in as a patron who has hold fees on their account.
   - View the "your fines" page to confirm that the information is
     displayed correctly there as well.

 - Place a hold for a patron who incurs hold charges.
 - Log in to the self-checkout module as that patron and check out an
   item which will fulfill that hold.
 - The correct fine information should be saved to accountlines: A "Res"
   type with a description consisting only of the title.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-11 12:16:19 +00:00
5b11c25fe7 Bug 22675: Fix SCO behaviour on non-existent barcodes
Bug 21206 replaced GetItem for Koha::Items->find, and introduced this
problem. This patch verifies $item is defined before attempting to use
its methods.

To test:
- Log into SCO
- Type an invalid barcode
=> FAIL: Things explode :-/
- Apply this patch, reload
- Type an invalid barcode
=> SUCCESS: A nice error message is displayed :-D
- Sign off :-D

Signed-off-by: Liz Rea <wizzyrea@gmail.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-04-10 20:07:52 +00:00
Agustin Moyano
ce7096870a Bug 21772: (follow-up) Remove redundant variable
Sponsored-by: City of Portsmouth Public Library

Signed-off-by: Sarah Cornell <sbcornell@cityofportsmouth.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 18:16:48 +00:00
Agustin Moyano
3ce8fa6f10 Bug 21772: Add holds and account information to SCO
This patch introduces holds and account information to the SCO page. It
uses the introduced include files that are also used in OPAC
(opac-user.pl and opac-account.pl).

To test:
1) Have a patron that has holds and account lines
2) Enable the SCO module
3) Use the patron's cardnumber to get to its details
=> SUCCESS: New tabs are presented, and they display holds and account
information as expected
4) Sign off :-D

Sponsored-by: City of Portsmouth Public Library

Signed-off-by: Sarah Cornell <sbcornell@cityofportsmouth.com>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-03-28 18:16:48 +00:00
31c29fd31f Bug 21206: Replace C4::Items::GetItem
Note: This is here for information purpose, feel free to test it if you
wan to play with it.

TODO: C4::Reserves::_get_itype is not longer in use

No more GetItem must be returned by:
git grep GetItem|grep -v GetItemsAvailableToFillHoldRequestsForBib|grep
-v GetItemsForInventory|grep -v GetItemsInfo|grep -v
GetItemsLocationInfo|grep -v GetItemsInCollection|grep -v
GetItemCourseReservesInfo|grep -v GetItemnumbersFromOrder|grep -v
GetItemSearchField|grep -v GetItemTypesCategorized|grep -v
GetItemNumbersFromImportBatch|cut -d':' -f1|sort|uniq

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-26 13:24:07 +00:00
7c99f79dda Bug 18251: (follow-up) fix rebase error
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-26 13:18:28 +00:00
0b61c8e5d0 Bug 18251: (QA follow-up) Add 'renew' operation and check renewal vs checkout
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-26 13:18:28 +00:00
eb62686630 Bug 18251: (QA follow-up) Add alerts for all SCO actions
To test:

Add sound alerts for sco-alert-warning
Test various actions (return,renew) and verify success/failure notices
and sounds
Note additional classes (return,renew,issue) to allow for more
specificity of sounds alerts

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-26 13:18:28 +00:00
677fd902f3 Bug 18251: SCO alerts - need a trigger for successful checkouts
This patch adds simple text and a div to allow for sounds to be
configured upon successful SCO checkout

To test:
1 - Enable sco module
2 - Enable AudioAlerts
3 - Define alert with
     Selector: .sco-alert-success
     Sound:http://localhost:8081/intranet-tmpl/prog/sound/opening.ogg
4 - Checkout to patron using SCO
5 - Note only feedback is a addition of item to checkouts list
6 - Apply patch
7 - Checkout ot patron via SCO
8 - You should hear the sound specified above
9 - You should also see a note: Item checked out

Followed test plan, works as expected.
(Works with external sound only, see Bug 16732)
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-02-26 13:18:28 +00:00
Agustin Moyano
cf483fd375 Bug 19458: (follow-up) Self-check module highlighting
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-11 12:32:11 +00:00
Agustin Moyano
fff6777b35 Bug 19458: Self-check module highlighting
In SCO Module there is no difference on how new checkouts and renewals are shown from previous ones. This commit is done to address that issue.

How to test:
1. Go to /cgi-bin/koha/sco/sco-main.pl and login.
2. Checkout a new item.
3. In checkout's table new checkouts should be easily identifiable.

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2019-01-11 12:32:10 +00:00
Charlotte Cordwell
59d436ee60 Bug 19991: use Modern::Perl in OPAC perl scripts
Test Case:
Check the following files have been updated from
use strict;
use warnings;
to
use Modern::Perl;

errors/400.pl
errors/401.pl
errors/402.pl
errors/403.pl
errors/404.pl
errors/500.pl
opac-account-pay-paypal-return.pl
opac-alert-subscribe.pl
opac-authorities-home.pl
opac-authoritiesdetail.pl
opac-browser.pl
opac-ics.pl
opac-image.pl
opac-imageviewer.pl
opac-messaging.pl
opac-modrequest-suspend.pl
opac-modrequest.pl
opac-mymessages.pl
opac-overdrive-search.pl
opac-passwd.pl
opac-patron-image.pl
opac-privacy.pl
opac-ratings-ajax.pl
opac-ratings.pl
opac-readingrecord.pl
opac-renew.pl
opac-sendshelf.pl
opac-serial-issues.pl
opac-showreviews.pl
opac-suggestions.pl
opac-tags_subject.pl
opac-topissues.pl
opac-user.pl
sco/help.pl
sco/printslip.pl
sco/sco-patron-image.pl
svc/overdrive_proxy
svc/suggestion
unapi

Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
2018-08-30 13:40:32 +00:00
509892fd00 Bug 19935: Replace GetPendingIssues - sco-main
Same as previously, we do not need all the prefetched values here, just
a few.

Test plan:
Use the self checkout module to check some items out

Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-04-03 11:43:38 -03:00
d6e8e88249 Bug 15492: Make existing code aware of new self_check* permissions
This patch makes the existing code for SCO use the new permissions schema
for self check modules. Specifically addresses this change:

  circulate  => self_checkout
becomes
  slef_check => self_checkout_module

about.pl checks are dejusted too.

get_template_and_user gets refactored to avoid code duplication and the
conditions are adjusted for the new permissions.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-03-26 17:31:18 -03:00
dcd495de24 Bug 12001: Format DEBT correctly
Before this patchset, DEBT was formatted in the module, now it should be
done template-side.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-23 10:57:30 -03:00
d8dc86bc4b Bug 19280: Pass a Koha::Patron to CanBookBeIssued
We need to make subroutine from C4 use more Koha::Object objects
Seeing bug 19276, starting here is a good start.

Test plan:
The tests should still pass.

Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-01-09 17:23:15 -03:00
bc0012de2e Bug 17989: Final changes
[1] The template sco/printslip.tt is in the regular modules directory.
Should not be prefixed with a slash.

Test plan:
[1] Try to find another occurrence just like the one corrected in
    sco/printslip.pl where an absolute path is passed to gettemplate or
    get_template_and_user. I already tried several regex variations
    while git grepping template_name, but you may still find one..

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: Removed the changes for svc/members/search. Not needed.
Commit message adjusted accordingly.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-11-01 13:10:18 -03:00
Aleisha Amohia
3c31e6e795 Bug 12691: Use Koha.Preference in Self-Checkout
For calls to SCOUserJS, SCOUserCSS, OPACUserCSS, AllowSelfCheckReturns,
OpacFavicon, ShowPatronImageInWebBasedSelfCheck, SelfCheckoutByLogin

Sponsored-by: Catalyst IT

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 12691: [FOLLOW-UP] Follow-up patch

This patch fixes merge conflicts and fixes the problems in Comment 7

QA tools complain about missing bracket, will be fixed in next followup
Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 12691: [FOLLOW-UP] Missing bracket

Patch adds bracket to template file (Comment 16)

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Bug 12691: [FOLLOW-UP] Fixing some logic

Signed-off-by: Marc Véron <veron@veron.ch>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Patches have been squashed for readability and 1 removal occurrence of
display_patron_image has been reintroduced.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-07 14:03:45 -03:00