Commit graph

29936 commits

Author SHA1 Message Date
357d51c8c4 Bug 19127: (follow-up) Fix Stored XSS in csv-profiles.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:51 -03:00
Amit Gupta
b90662073f Bug 19127: Fix Stored XSS in csv-profiles.pl
To Test
1. Hit the page /cgi-bin/koha/tools/csv-profiles.pl?op=add_form
2. Add a text in the field Profile name, Profile description
   and Profile MARC fields that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:51 -03:00
914577fdb7 Bug 19108: (follow-up) Fix Stored XSS in biblio_framework.pl
Prevent software error
Template process failed: undef error - text: filter not found at
/home/vagrant/kohaclone/C4/Templates.pm line 121.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:51 -03:00
Katrin Fischer
624eb9e1f5 Bug 19108: (follow-up) Fix Stored XSS in fieldmapping.pl and items_search_fields.pl
To test:
- Add a framework with script in the description
- Access the Keywords to MARC mapping page
- Add an item search field where both name and label are script
- Try to edit/delete the added mapping

With the patch no script should be executed and everything
should still work ok.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:51 -03:00
Amit Gupta
a482880352 Bug 19108: Fix Stored XSS in biblio_framework.pl and marctagstructure.pl
To Test
1. Hit the page /cgi-bin/koha/admin/biblio_framework.pl?op=add_form
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Click on Actions -> MARC structure
6. Apply patch and reload, the js is escaped

Fixed for both the pages biblio_framework.pl and marctagstructure.pl

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:51 -03:00
Amit Gupta
ec85c6b0a2 Bug 19108: Fix Stored XSS in fieldmapping.pl
To Test
1. Hit the page /cgi-bin/koha/admin/fieldmapping.pl
2. Add a text in the field Field name that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:50 -03:00
Amit Gupta
6a68fd0330 Bug 19108: Fix Stored XSS in authtypes.pl
To Test
1. Hit the page /cgi-bin/koha/admin/authtypes.pl?op=add_form
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:50 -03:00
Amit Gupta
b09750ca2b Bug 19108: Fix Stored XSS in classsources.pl
Fixed for both Classification sources & Classification filing rules

To Test
1. first case classification source: Hit the page
   /cgi-bin/koha/admin/classsources.pl?op=add_source
   second case classification filing rules:
   Hit the page /cgi-bin/koha/admin/classsources.pl?op=add_sort_rule
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:50 -03:00
Amit Gupta
bfbba2339f Bug 19108: Fix Stored XSS in items_search_fields.pl
To Test
1. Hit the page /cgi-bin/koha/admin/items_search_fields.pl
2. Add a text in the field Name and Label that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Fixed for new and edit page

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:50 -03:00
Amit Gupta
d1aa11c51c Bug 19108: Fix Stored XSS in oai_sets.pl
To Test
1. Hit the page /cgi-bin/koha/admin/oai_sets.pl
2. Click on New set
3. Add a text in the field setSpec, setName that contains js
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:47 -03:00
ab7b35fe24 Bug 19103: (follow-up) Fix Stored XSS in itemtypes.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:46 -03:00
Amit Gupta
233741e937 Bug 19103: Fix Stored XSS in matching-rules.pl
To Test
1. Hit the page /cgi-bin/koha/admin/matching-rules.pl
2. Click on new record matching rule
3. Add a text in the field Description that contain js.
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:46 -03:00
Amit Gupta
617e2f8221 Bug 19103: Fix Stored XSS in patron-attr-types.pl
To Test
1. Hit the page /cgi-bin/koha/admin/patron-attr-types.pl
2. Click on new patron attribute type
2. Add a text in the field Description that contain js.
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:46 -03:00
Amit Gupta
9374c646e1 Bug 19103: Fix Stored XSS in itemtypes.pl
To Test
1. Hit the page /cgi-bin/koha/admin/itemtypes.pl
2. Add a text in the field Description, Checkin message that contains js
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:46 -03:00
b3734f02e1 Bug 19128: Fix Stored XSS in admin/authorised_values.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:46 -03:00
Katrin Fischer
b4608887f6 Bug 19128: Fix Stored XSS in patron-attr-types.pl, authorised_values.pl and categories.pl
Preparation:
- Add a branch with script in the branch name
- Add a patron category with script in the category name
- Add a new authorised value cateogory with script
- Add a new authroised value for this category with script
  in all possible fields

- Test editing patron categories
- Test editing patron attribute types
- Test viewing and editing authorised values

Verify that with this script there is no more script executed
and everything works fine.

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:45 -03:00
Katrin Fischer
2d30845601 Bug 19125: Fix Stored XSS in members.pl
In preparation to test this patch:
- Add a patron list named <script>alert("patron list")</script>
- Add a library named <script>alert("library")</script>
- Add a patron category named <script>alert("patron category")</script>

To test:
- Access patron search page and do a search
- Verify that the alerts added above are executed
- Apply patch
- Verify that no alerts are displayed

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:45 -03:00
Katrin Fischer
0bbe968fe5 Bug 19086: Fix Stored XSS in subscription-detail.pl
Add script to the callnumber field on adding a subscription.

Verify script is executed without this patch, but not with it.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:45 -03:00
Katrin Fischer
13e65432ce Bug 19086: (follow-up) Fix Stored XSS in supplier.pl
In preparation:
Make sure you enter <script>alert("sth")</script>
in all fields of a new vendor that are not validated
and save.

1) Access vendor summary page.
2) Verify scripts are executed
3) Apply patch
4) Verify scripts are on longer executed

This works in combination with the other patches for XSS
on this bug.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:45 -03:00
Amit Gupta
ec86950780 Bug 19086: Fix Stored XSS in subscription-add.pl
To Test
1. Hit the page /cgi-bin/koha/serials/subscription-add.pl
2. Add a text in the field Public note and Nonpublic note
   that contains js (Internalnotes, notes)
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:45 -03:00
Amit Gupta
6d22674da5 Bug 19086: Fix Stored XSS in supplier.pl
1. Hit the page /cgi-bin/koha/acqui/supplier.pl?op=enter
2. Add a text in the field company_postal, physical, company_fax,
   accountnumber, contactposition, contact_fax, contact_notes, notes that contains java script
3. Save the page.
4. Notice js is execute
5. Apply patch and reload the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:45 -03:00
50dcae4b50 Bug 19086: Fix Stored XSS in circulation.pl
1/ To test add a message to a borrower that contains js
2/ hit /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number]
  where number is the borrowernumber of the borrower you set the message
  for
3/ Notice js is execute
4/ Apply patch, reload, js is escaped

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:44 -03:00
c176b8ceef Bug 19086: Fix Stored XSS in members/member.pl
To test
1/ hit /cgi-bin/koha/members/member.pl?&searchmember=<script>alert('XSS Payload')</script>
2/ Notice js is executed
3/ Apply patch, reload
4/ js is now escaped

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-29 12:20:44 -03:00
ae86b7ca9e Bug 19385: Fix random t/Calendar.t failure - clear the cache before
The cache 'exception_holidays' may be populated when we run these tests,
we need to clear it before the tests are run.

Test plan:
  prove t/db_dependent/Circulation/CalcDateDue.t  t/Calendar.t

Without this patch, t/Calendar will fail with:
  #   Failed test 'Exception holiday is not a closed day test'
  #   at t/Calendar.t line 159.
  #          got: '1'
  #     expected: '0'
  # Looks like you failed 1 test of 38.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-28 15:19:57 -03:00
Lari Taskula
b4e525e4f6 Bug 18282: operationId must be unique
operationId has the following documentation:
 "Unique string used to identify the operation. The id MUST be unique among all
  operations described in the API."

This patch modifies operationIds to be unique accross our API operations.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 12:02:39 -03:00
Olli-Antti Kivilahti
256c66752f Bug 18290: Fix t/db_dependent/Koha/Object.t, Mojo::JSON::Bool is a JSON::PP::Boolean :)
Mojolicious 7.21 onwards, no longer returns Mojo::JSON::Bool-objects but JSON::PP instead.
Which might be pretty smart.

This version is required by bug 18137 and so this patch for the tests is
needed.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Tested along with 18137 and its dependencies (libs).

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:06 -03:00
2bf98402a2 Bug 18137: (QA followup) Make sure the session exists and is expired on expiration tests
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Lari Taskula <lari.taskula@jns.fi>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
47b6026c6a Bug 18137: List Mojolicious::Plugin::OpenAPI and JSON::Validator as dependencies
Edit (tcohen): I've changed the version numbers to match those Mirko has already
successfully packaged and are known to work for this patchset.

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
fbda925f85 Bug 18137: (follow-up) Sort definitions.json
Before this file grows, we should sort it alphabetically.

To test:
1. prove t/db_dependent/api/v1

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
6c93ea0be1 Bug 18137: (QA-follow-up) Fix pod fail
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
2918cc9c27 Bug 18137: (follow-up) Fix handling DBIx::Class::Exception messages
- DBIx::Class::Exception should use ->{msg}

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
1f9e262ab5 Bug 18137: Remove x-mojo-around-action
Mojolicious::Plugin::OpenAPI does not support x-mojo-around action. This patch
removes it from our specification document.

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
047508bb8d Bug 18137: Make /holds Mojolicious::Plugin::OpenAPI compatible
Also
- adding some missing and new response definitions into Swagger spec.
- fixing failing tests due to Bug 17932's change of boolean values

To test:
1. prove t/db_dependent/api/v1/holds.t

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
b007919e35 Bug 18137: Make /cities Mojolicious::Plugin::OpenAPI compatible
Also:
- adding some missing and new response definitions into Swagger spec.

To test:
1. prove t/db_dependent/api/v1/cities.t

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
915963ba7f Bug 18137: Make /patrons Mojolicious::Plugin::OpenAPI compatible
Also:
- adding some missing and new response definitions into Swagger spec.
- fixing failing test due to Bug 17932's change of boolean values

To test:
1. prove t/db_dependent/api/v1/patrons.t

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:05 -03:00
Lari Taskula
e2fc524701 Bug 18137: Migrate from Swagger2 to Mojolicious::Plugin::OpenAPI
This patch migrates from Swagger2 to Mojolicious::Plugin::OpenAPI as Swagger2 is
no longer actively maintained.

This migration involves some minor changes to our Swagger specification documents
and to controllers. Each operation is migrated in following patches separately.
Please see Mojolicious::Plugin::OpenAPI and its tutorial for more documentation.

The patch also refactors some API authentication -related code by taking advantage
of Koha::Exceptions. Authentication is now handled via Mojolicious's "under->to"
functionality. The actual authentication & authorization checks are moved to
Koha::REST::V1::Auth. Added a HTTP 503 response for when database update is
required, instead of returning an authentication failure as before.

To test:
1. prove t/db_dependent/api/v1/auth.t

Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:04 -03:00
Lari Taskula
ea6c6f3026 Bug 18137: Add useful Koha::Exceptions
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi>

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-21 11:27:04 -03:00
164b13690a Bug 19119: Remove definitions.t
This patch removes t/db_dependent/api/v1/swagger/definitions.t

Its goal is not simple to achieve, and worth moving into the QA tools instead.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-20 16:07:33 -03:00
779089a62a Bug 18508: Fix t/db_dependent/api/v1/swagger/definitions.t (follow-up of 6758)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-20 16:07:07 -03:00
Lari Taskula
50a2efdcc1 Bug 18508: Fix t/db_dependent/api/v1/swagger/definitions.t (follow-up of 18137)
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-20 16:07:07 -03:00
402c7f7567 Bug 19173: Add opac payment and marc conversion plugins to the pulldown filter list
Edit: fixed tab-for-space errors (tcohen).

Signed-off-by: Magnus Enger <magnus@libriotech.no>
New categories are added to the pulldown and work as expected.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:52 -03:00
323b1553b0 Bug 19173: Make OPAC online payments pluggable
While PayPal is fairly universal, there is a plethora of online
payment system that are far more localized, servicing a single
country ( e.g. Bug 18968 ) or even a single  city! Instead of
adding support for each and every one of these payment options
directly into Koha, it makes more sense to add the ability to
create online payment plugins.

Test Plan:
1) Apply this patch
2) Download and install the Kitchen Sink plugin version 2.1.1 or later
   https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases
3) In the plugin options, enable the opac payments option
4) Create a patron with one or more fines
5) Log into the opac as that patron, note you now have the option
   to pay online via KitchenSink ImaginaryPay
6) Make an online payment
7) Note the payment was processed correctly

Sponsored-by: Washoe County Library System

Signed-off-by: Kyle M Hall <kyle@gmail.com>

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Awesome enhancement! I know we want to add at least one Norwegian
payment service at some point.
I followed the test plan and everything works as advertised. Turning
off the "opac payments option" makes the option dissappear cleanly
from the OPAC. I have *not* looked at the code or done any
considerations about security.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:52 -03:00
4270d24338 Bug 6758: DBRev 17.05.00.008
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:23 -03:00
cfbcafb7bc Bug 6758: DBIC Schema changes
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:20 -03:00
889fee7313 Bug 6758: Use 'is' instead of 'ok' in tests
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:16 -03:00
5803d746a4 Bug 6758: [QA Follow-up] Typo popular vs populate
Typo popular resolved.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:11 -03:00
b57088868e Bug 6758: Add new patron column for date of renewal
Test Plan:
1) Apply this patch
2) Run updatedatabase
3) Create a new patron
4) Note the new column date_renewed is NULL
5) Renew the patron
6) Note the date in the column date_renewed is today's date

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 14:15:06 -03:00
8088e3a337 Bug 19195: Do not explicitely force scalar context when unecessary
These ones are already called in scalar context

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 11:57:10 -03:00
Aleisha Amohia
e98c178c08 Bug 19195: Preventing noisy warns when creating or editing a basket
To test:
1) Open the koha intranet error log
2) Go to Acquisitions -> Find or create a vendor
3) Create a new basket, filling all fields
4) Notice warns in error log
5) Edit this basket
6) Notice warns in error log
7) Apply patch
8) Create another basket, confirm warns do not show
9) Edit this basket, confirm warns do not show

Sponsored-by: Catalyst IT

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 11:47:34 -03:00
Dobrica Pavlinusic
6ce1cc6aad Bug 19332 - Basket grouping PDF and CSV exports empty
This bug was introduced in commit 2bf3ce268d
Bug 17196: [QA Follow-up] Additional fix on acqui/basketgroup

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2017-09-19 11:47:33 -03:00