One search option was doubled up by accident.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch also fixes add the term in the search input
Test plan:
Enable IntranetCatalogSearchPulldown
Search for a term using the search input in the header (simple search)
Re-do selecting different indices
The selection must retain on the search result page.
Signed-off-by: Pierre-Marc Thibault <pierre-marc.thibault@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
We must not filter assignements statements.
Test plan:
Export item search result as CSV
Without this patch the biblio and biblioitem values are not displayed.
With this patch applied everything is displayed correctly
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This script used to pass 'undef' to haspermission, this patch restores
that behaviour.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Passing undef (or nothing) as $flagsrequired to haspermission simply
returned the return from fetchrow prior to this patch. Restoring that
behaviour.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Turns out that we rely heavily on the side effect that passing undef
to haspermission would always return true no matter what permissions
or lack of permissions you had.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch tweaks the logic to check the permissions is defined before
passing to haspermission.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
check_cookie_auth needs to allow for cases where we wish to check for
ANY permission and cases where we wish to skip the permissions check
entirely and just authenticate the session.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Before bug 22031 the haspermission subroutine signature allowed for
passing 'undef' to mean 'any permission' in $flagsrequired. This feels
like a mistake and was only in practical use in two places in the
codebase.
This patch explicitly forbids this practice (`*` may be used to the same
result and is more explicit in it's nature) and replaces the two
instances of it's use.
Test Plan
1. Before this patch, the API tests are all failing with authentication
errors
2. After this patch the API tests should now all pass.
3. t/db_dependent/Auth/haspermission.t should continue to pass (with one
addition subtest added herin)
3. /svc/members/search is not unit tested. Please check that patron
searching still yields results in the UI after this patch.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
In virtualshelves/addbybiblionumber.tt the include intranet-bottom.inc which closes the HTML last tag is not the last line of the template.
This patch moved bottom include to last line and uses popup-bottom.inc.
Test plan :
1) Permission OK :
1.1) Login in staff interface with user 'Bob'
1.2) Create a new list 'Readme' : category public and allow changes to contents from anyone
1.3) Perform a search
1.4) Check some results
1.5) Click 'Add to list' and on the list 'Readme'
1.6) A popup window opens
1.7) Check its HTML is OK, ending with </html>
2) Permission KO :
2.1) Open a new window (Firefox private session) and login in staff interface with user 'Bill'
2.2) Perform a search
2.3) Check some results
2.4) On session of 'Bob', edit list 'Readme'
2.5) Change : category private and allow changes to contents from owner only
2.6) On session of 'Bill'
2.7) Click 'Add to list' and on the list 'Readme'
2.8) A popup window opens saying 'Sorry, you do not have permission to add items to this list'
2.9) Check its HTML is OK, ending with </html>
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Deduplicate multivalued fields and make sure sort fields are not excessively long. Also updates default mappings so that sort fields are not created for item fields where it doesn't make sense.
Test plan:
1. Reset ES mappings in administration
2. Check that sort is '0' for local-classification in biblio mappings.
3. Change sort back to '1' for local-classification for the next steps.
4. Create a record with 20 items, each with a 100 character long call number
5. Check that when indexed, the record in ES does not have duplicates in any of the item fields and local-classification__sort is truncated to 255 characters.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
It fixes a browser timeout when records are removed from the cart.
The onchange event already call selRecord.
Test plan:
Launch a search
Add all the result to your cart
Open the cart
Click "select all"
Then remove them all from your cart
=> Without this patch the action will timeout
=> With this patch applied the action is immediate
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The OPAC view wasn't correctly restricting the display of backends when
the ILLOpacbackends preference was set.
See the test plan on comment 7
Signed-off-by: Niamh.Walker-Headon@it-tallaght.ie
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This adds the ILLOpacbackends syspref, allowing users to refine the ill
backends available to opac users for initiating ill requests
Remove default assignment for backends
We don't need a default assignment for the ILLOpacbackends assignment,
if the pref isn't set, it returns undef anyway. Also, having this
default assignment actually breaks the fetching of the preference
Signed-off-by: Niamh.Walker-Headon@it-tallaght.ie
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch adds an SQL::Abstract inspired query syntax to the
haspermission method in C4::Auth. One can now pass Arrayrefs to denote
an OR list of flags, a Hashref to denote a AND list of flags.
Structures can be nested at arbitrary depth.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
18.06.00.060 will fail if custom Classification sources were created.
In that case we should use the 'generic' split rule.
Test plan:
% git checkout -b bug_22395_pre 3a0cba67f1
Reset the DB
Go to Home › Administration › Classification sources
Create a custom "Classification filing rules"
Create a custom "Classification sources" using this filing rules
% git checkout master
% perl installer/data/mysql/updatedatabase.pl
=> Without this patch you will get:
DBD::mysql::db do failed: Cannot add or update a child row: a foreign key constraint fails (`koha_kohadev`.`#sql-33a_67`, CONSTRAINT `class_source_ibfk_2` FOREIGN KEY (`class_split_rule`) REFERENCES `class_split
_rules` (`class_split_rule`)) [for Statement "
ALTER TABLE class_sources
ADD CONSTRAINT class_source_ibfk_2 FOREIGN KEY (class_split_rule)
REFERENCES class_split_rules (class_split_rule)
"] at installer/data/mysql/updatedatabase.pl line 17104.
=> With this patch applied the FK will be created successfully
class_sources.class_split_rule will be set to "generic" for these custom values.
Signed-off-by: Oliver Behnke <oliver.behnke@aei.mpg.de>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
ModZebra called with $record with items stripped in
ModBiblioMarc. Remove $record argument to force
record to be loaded again from database with items
embedded.
How to test:
1) Make sure biblios are indexed (with
rebuild_elastic_search.pl).
2) Perform a search that will produce a sample result
containing at least one biblio with items.
3) Edit and save a biblio with items.
4) Perform the same search again, the updated biblio
should now have no items when viewed in the search
results (No items).
5) Apply patch.
6) Repeat step 1-3.
7) The updated biblio should now have items when viewed
in the search results.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The material type is selected in accordance with the leader (06-07)
Test plan:
1. Create a new record using the advanced editor
2. Set the leader 6th position to 'c'
3. Save the record and reload the page
4. 'Music' should be automatically selected for 008
5. Try other values for the leader 6th and 7th positions
See comment 0 of this bug for the complete mapping
Signed-off-by: Michal Denar <black23@gmail.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
To test:
1 - Have three borrowers, one with order_manage permission, one with
edit_subscription permisson, andone with both
2 - Apply patch, updatedatabase
3 - Verify all three now have the manage_additional_fields permission
4 - Visit the admin page with these users, they should all see the
'Manage additional fields' link
5 - Click the link
6 - User with order_manage should see 'Order baskest'
7 - User with edit_subscription should see 'Subscriptions'
8 - User with both should see both
9 - Remove the additional permissions from a user - they should see a
note about needing additional permissions
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Finally we do not want that, they should be fetch when needed
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Call it a typo
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
We have it, why not to use it?
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
A lot of code can be removed just by using Koha::Object
It also makes fetching and updating additional field values easier.
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Addresses the following QA comments:
1/ Regression:
On serials/serials-search.pl, the filters are not filled with what the
users searched for and the additional fields linked to an AV are not
displayed as a dropdown list.
4/ When searching an order, there is no way not to set a "all" value for
additional fields linked to AV.
5/ When searching an order and the search does not return any results,
the field should contain what the user filled in.
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15774#c10
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This also moves the admin page for additional fields for all tables to a
single common screen, and factors out display/input parsing logic.
Test plan:
1. Create an additional field for a subscription (under Serials -> Add
subscription fields).
2. Apply patch.
3. Visit Additional fields under administration, and verify that
the field created above still shows under the list for the
subscription table.
4. Create at least four fields for aqbasket for each combination of
searchable/not-searchable and with/without an authorized value.
5. Create an order basket, and verify that all fields are visible and
correctly save.
6. Edit the basket, verifying that changes to these additional fields
are saved.
7. Add an order to the basket (contents are irrelevant).
8. Go to advanced search within acquisitions.
9. Verify that only the searchable fields show in the form, and that
their contents may be searched.
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
The automatic rebase after bug 21206 required a helping hand.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>