clubs-tab get the patron's id from the parameter. At the OPAC we must
use the one from the logged in user, to prevent leak to other users
Test plan:
Have 2 clubs: A, B
Enroll to A with patron borrowernumber=1
Enroll to B with patron borrowernumber=2
Log in with patron 1 and hit:
http://localhost:8080/cgi-bin/koha/clubs/clubs-tab.pl?borrowernumber=1
=> OK
Now hit
http://localhost:8080/cgi-bin/koha/clubs/clubs-tab.pl?borrowernumber=2
=> oops
Apply this patch, try again.
The "borrowernumber" parameter is no longer used to fetch the club list.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e51ef7ef76a4ee523b302d724d80118185030e60)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the jQuery validation plugin in both the staff
interface and the OPAC to the latest version, 1.20.0.
To test, apply the patch and clear your browser cache if necessary.
Test various pages in the staff client to confirm that form validation
works as expected:
- Patron password change form:
- Password must conform to minPasswordLength
- Password must not contain leading/trailing spaces
- Passwords must match
- Administration -> Add or edit budget:
- Description, start date, and end date are required
- Start date must be before end date
- Administration -> Add or edit Z39.50/SRU server:
- Server name, hostname, port, and database are required
- Port, rank, and timeout must be a number
Perform the same check of the "Change password" form in the OPAC.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 8deffec3155f54b7209f1465942fd8fbea23da5e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Note: This is handled now just like opac-reserve.
Test plan:
Disable ArticleRequests and hit the page.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8afcbe0bbb556cb19ff2e33e56cf3bcb8dd13d11)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
It seems safer to pass the logged in user and session info at the end of
the sub.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 199b47e51220a22110436a2357481dc89d498537)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
If we hit the auth page we were not passing sessionID to the template
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 95098d23e0c0bfc5291464a625ff6422b8288888)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit eb3166a6650d25cb7410e50966ab507173771b13)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This code is a bit weird, its purpose it to auto select the library depending on the IP.
A problem appears if the same IP is used, then the user's choice will
might be overwritten randomly by another library.
To recreate the problem:
Turn on AutoLocation
Use koha/koha @CPL for test
And the following config:
*************************** 1. row ***************************
branchcode: CPL
branchname: Centerville
branchip: 172.18.0.1
*************************** 2. row ***************************
branchcode: FFL
branchname: Fairfield
branchip: 172.18.0.1
*************************** 3. row ***************************
branchcode: FPL
branchname: Fairview
branchip: 172.18.0.4
Connect and select CPL. Randomly FFL will be picked instead.
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested this on top of 35890 and 35904 because git bz said they were required dependencies.
Figured out the IP Koha was seeing me as coming from in /var/log/koha/kohadev/plack.log.
Added that IP to the branchip for Centerville, Fairfield and Fairview. Set AutoLocation = Yes.
After this I could recreate the problem: If i left the "Library" field in the login screen
at "My Library" I got logged into a random library selected from the three i had set
branchip for. Applying the patches fixed this, as expected.
Tests pass, with AutoLocation off.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 4efe74fe12075298680965db3605f717f1da10d0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit e00cfb3c7b3954e545ad4b363bff48a8f4345d0a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 85717a99c7ba20d3bef8e9ba15df6d0a86f368c6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 94e570d6af38c0061aeaad2ea25ab26bed2186f5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
It is never used and add confusion
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 0ce8cc4c05bc96503172018775ba574e41b40ecb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch suggests to add a new flag do_not_print to
C4::Auth::checkauth to not print the headers and allow to test this
subroutine more easily.
We do no longer need to mock safe_exit and redirect STDOUT to test its
return values.
There are still 3 left:
1.
733 # checkauth will redirect and safe_exit if not authenticated and not authorized
=> Better to keep this one, not trivial to replace
2.
806 # This will fail on permissions
This should be replaced but testing $template->{VARS}->{nopermission}
fails, I dont' think the comment is better.
3.
828 # Patron does not have the borrowers permission
Same as 2.
2. and 3. should be investigated a bit more.
This patch also move duplicated code to set patron's password to a
subroutine set_weak_password.
Test plan:
Read the code and confirm that everything makes sense.
QA: Do you have a better way for this? Yes it's dirty!
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit db173d3276455a43939dca68ccc6502839fa2a55)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The 'new' method in Koha::Plugins returns undefined if
plugins are disabled. Therefore, calls to this method
must be guarded by a check that plugins actually are enabled.
Test plan:
* Code inspection of patch, alternatively
* Activate the ill system by installing a backend such as
koha-illbackend-libris:
https://github.com/Libriotech/koha-illbackend-libris
* Make sure plugins are disabled in koha-conf.xml
* In the staff interface, go to ILL requests.
* The page should load without getting an error 500.
PA amended commit message: This is not related to ILL backends being plugins or not
This is about ILL batches, where checking for metadata enrichment plugins was missing 'enable_plugins' guard
Additionally, unrelated to batches, it's also about ILLAvailability, where checking for ILL availabililty plugins was missing enable_plugins guard
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Hans Pålsson <hans.palsson@hkr.se>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit fee4368cd8)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch just tidies the moved blocks to get us past the QA script
check.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit b577b65670)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Currently we get the userenv before we have set it correctly for the session
To test:
1 - Sign in as a user with fast cataloging permission
2 - Bring up a patron, type gibberish into barcode field to get a fast cataloging link
3 - Check the link, it should have your current signed in barcode
4 - Sign in to a different browser with a different user and at a different branch
5 - Bring up a aptron in circulation and type gibberish into barcode field to get a fast cataloging link
6 - It may have your branch, but it may also have the other user's branch from the other window
7 - Keep entering gibberish to get a link until one user has the correct branch
8 - Then switch to the other browser, and keep entering gibberish, watch the branchcode change
9 - Apply patch, restart all
10 - Test switching between browsers. generating fast cataloging links
11 - Users should now consistently have the correct branch
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 90b6f68616)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Adapt code to the change of return value type of checkpw
introduced in bug 34893
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5f9e9e5df2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Tests currently fail due to a modal remaining open. This patch closes the modal to make the tests pass
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 269d6f6444)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
AssertionError: Timed out retrying after 10000ms: Expected to find element: `main div[class='dialog message']`, but never found it.
We moved from message to alert.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f1b32b5316)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch fixes some templates where the messages include was appearing
in the wrong place, for instance above the left-hand sidebar instead of
at the top of the main content.
The patch also adds the new include to some templates which lacked it.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit daeccd84c6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
* cc is an abbreviation, so updated to CC
* Adding consistency with punctuation for error messages
* Updated a borrower to patron
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e8c3142d81)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds further delivery details to the notices tab in patron
details in the staff client.
Once a message is sent, we display the 'from:', 'to:' and 'cc:'
addresses in the 'Delivery note' column when they exist.
Test plan
1. Enable KTD to send email [1] (without email configured the
delivery note displayed "Unhandled email failure, check the logs for
further details").
2. Add email addresses to two patrons and to KohaAdminEmailAddress,
and run misc/cronjobs/process_message_queue.pl after generating
notices.
3. For the two patrons with email addresses, make one a guarantor.
4. Sent Welcome messages (Patron account > More > Send welcome email) -
nothing in delivery note column.
5. Checkout out an item to the guarantee (item checkout email enabled) -
nothing in delivery note column.
6. Send the notices by running misc/cronjobs/process_message_queue.pl
again.
7. Now the 'Delivery note' columns should contain from:, to: and cc:
address details.
[1] Option 1 - smpt-sink (aka the sandboxes way)
- Install the postfix package inside ktd (sudo apt install postfix)
When asked in the wizard, I named mine 'local'
- Start smpt-sink with
`nohup smtp-sink -u root -D mail 127.0.0.1:25 100 </dev/null >/dev/null 2>&1 &`
Option 2 - To test sending emails using a Google account:
- Set up an App password for your Google Account
- Edit /etc/koha/sites/kohadev/koha-conf.xml file and add this
configuration near the end (where <user_name> = your Google email
address; <password> = your APP password, not your Google account
password):
<smtp_server>
<host>smtp.gmail.com</host>
<port>587</port>
<timeout>5</timeout>
<ssl_mode>STARTTLS</ssl_mode>
<user_name>GOOGLEACCOUNTUSER</user_name>
<password>GOOGLEAPPPASSWORD</password>
<debug>1</debug>
</smtp_server>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 137376ab4b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit d7a633048e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1 - Install the Kitchen Sink plugin
2 - Restart all
3 - Enable 'CronjobLog' system preference
4 - perl misc/cronjobs/plugins_nightly.pl
5 - Note you see on the command line 'Remember to clean the kitchen' - this indicates the plugin cron ran
6 - Tools->log viewer, select 'cronjob' and view
7 - Note you only see 'plugins_nightly.pl' Run and End lines
8 - Apply patches
9 - perl misc/cronjobs/plugins_nightly.pl
10 - View logs agian
11 - Note you now see Run and End lines for 'Koha::Plugin::Com::ByWaterSolutions::KitchenSink'
12 - Confirm they look like the other lines
13 - Edit KitchenSink.pm and add 'die "Kittens";' to the cronjob nightly
14 - perl misc/cronjobs/plugins_nightly.pl
15 - View logs, confirm there is a FAILED error message for the KitchenSink cron
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit ea30aaff62)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When running the plugins_nightly.pl cronjob, we should record the plugins that have a nightly method, logging the start and end of each plugins routine
Test Plan:
1) Enable CronjobLog
2) Install a plugin with a nightly cronjob ( e.g.
https://github.com/bywatersolutions/koha-plugin-book-list-printer )
3) Run plugins_nightly.pl
4) Note new entries in the cronjob viewer for the start and end of the
plugin's nightly cronjob run
5) Edit the plugin, add a line like "die 'this is a test';" to the
plugin's nightly cronjob
6) Run plugins_nightly.pl
7) View the action logs, not the log for the error you added!
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit c4b777b056)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Compile module, run qa tools.
Search for the use of C4::Items in C4/Biblio.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3385142d7c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Staging modal area had issues listing availability checks for each request in the batch creation process
To test:
1) Run bash <(curl -s https://raw.githubusercontent.com/ammopt/koha-ill-dev/master/start-ill-dev-plus.sh)
2) Install a metadata enrichment plugin, e.g. https://github.com/PTFS-Europe/koha-plugin-api-pubmed/releases
3) Install and configure an availability plugin, e.g. eds https://github.com/PTFS-Europe/koha-plugin-ill-avail-eds/releases
4) Enable ILLCheckAvailability sys pref
5) Create a new ILL batch and input some pubmedids, i.e. 34898594, 31452466
6) Verify that the availability results show and are working, for each request in the batch
Signed-off-by: Edith Speller <Edith.Speller@ukhsa.gov.uk>
Sponsored-by: UKHSA (UK Health Security Agency)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit fb02affd57)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
As Katrin spotted, we need to not forget the sidebar menu.
Test plan:
Check if the item is visible/invisible on the sidebar menu of
Circulation. (Depending on StockRotation pref.)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit acafc292b6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Test plan:
Disable StockRotation pref. Check if report is hidden on circ home.
Enable. Check if report is visible.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f7aeff5235)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 133e2458ba)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adjusts the tests to mock the Background to ensure it is called
and directly generate the pseudonymized transactions for testing
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit a34593a95a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a new background job for pseduonymization
To test:
1 - Download the benchmarking script
2 - Ensure your koha has bcrypt_settings in koha-conf.xml
See bug 28911
3 - perl perf_check_pseudo.pl
4 - Note the slowdown after pseudonymization enabled
5 - Apply patches, restart all
6 - perl perf_check_pseudo.pl
7 - Note improvement
8 - Enable pseudonymization in sytem preferences
9 - Perform some checkouts and returns
10 - Verify the background jobs complete successfully
11 - Verify the pseudonymized_transactions table is updated correctly
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1. Apply patch
2. Add item level hold to a record/item, make sure patron has no other
holds on that record
3. Go to /cgi-bin/koha/reserve/request.pl?biblionumber=xxx where xxx is
the record you placed the hold for
4. Under "Existing holds" table, in "Details" column you should see
"Only item <barcode>" dropdown
5. Select "Next available" from the dropdown
6. Click Update hold(s)
7. Observe dropdown is gone and cell value has changed from
"Only item <barcode>" to "Next available"
8. Cancel the hold and add two item level holds for the same patron
9. Under "Existing holds" table, in "Details" column you should see
"Only item <barcode>", but no select dropdown
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Anneli Österman <anneli.osterman@koha-suomi.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit c20f4568ad)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When an existing report is saved and an incorrect AV category is selected,
the UI is asking "do you want to save anyway", but the "Update SQL" button
leads to a blank page and the report is not saved.
On bug 33966 the value is been adjust to 'update_sql' but this incorrect
was left.
To test you need to use the browser inspector to adjust the value of the
selected option.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit b5ccd83c6f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
* Enable AcqEnableFiles system preference
* Go to acquisitions
* Search for a vendor and receive shipment
* Enter an invoice number and create new invoice
* Finish receive
* Click on 'manage invice files' link
* Upload a sample file
* Verify the table is missing the usual white background
* Apply patch
* Verify the the table now displays with the usual white
background
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 731a549b71)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch fixes even more markup errors and HTML validation issues.
Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5b58afd466)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Without this patch the "Add a new checkout" label showed
up twice in the Checkouts section of the API documentation.
This adds (public) to the end of one, to make it possible
to distinguish them.
To test (ON YOUR HOST MACHINE):
1. Run:
$ cd api/v1/swagger
$ docker run --rm -v $(pwd):/api --workdir /api redocly/cli \
build-docs swagger.yaml --output index.html
2. Open the generated index.html in your browser
3. Verify doubled up headings
4. Apply patch
5. Re-run docker command form 1.
6. Verify there are now 2 different labels and "(public)" is on the
right one.
Note: if you have wrong permissions on the file, chown it to your
own user to open it in the browser.
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit dbc67ce351)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>