Reimplements Paul Poulain's original OPAC Privacy patch, with some minor improvements and changes to wording
If the library enables the OPACPrivacy system preference along with the opacreadinghistory preference, and sets
an AnonymousPatron (must be a valid patron number in the database), the user will see a new tab upon login to
the OPAC, My Privacy. From there, the user can:
- Set their OPAC Privacy to one of three values
0 - Forever. This keeps their reading history unless they explicitly delete it; the bulk anonymiser won't touch it
1 - Default. Keep reading history until either they delete it or the library does
2 - Never. Instantly anonymises reading history upon item return
- Instantly delete their reading history
There is a warning and a popup to confirm. I've removed Paul's extra confirm checkbox, which seemed redundant
A note of which preference the patron has selected is added to the Patorn Details page in the staff client. This is read-only.
This patch also consolidates Privacy system preferences into the Privacy section of the OPAC tab.
Thank you to BibLibre for the original implmentation of this patch, and Los Gatos Public Library for funding and
testing the reimplementation.
Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
applied to git tag 'v3.02.00-rc'
Frédéric Demians:
- Rebased this patch to HEAD
- Solved a merge conflict
- The patch works as described here:
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=4289
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Jared Camins-Esakov <jcamins@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
- Auth.pm put the noItemTypeImages preference under "intranet only."
Moved it to "OPAC or intranet."
- Added check for the preference on the OPAC advanced search page.
- Improved logic for displaying images on the reading history page.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Per the following koha-devel thread, the use of
staff user subpermissions, AKA granular permissions, is
now the default behavior in Koha. This patch removes
the GranularPermissions system preference.
[1] http://lists.koha-community.org/pipermail/koha-devel/2010-February/033670.html
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Previous code would only allow for an auxiliary stylesheet on the same server. This checks for
http in the opaccolorstylesheet syspref. If it's found, sets a different variable pointing to the
remote server location. If not found, retains the previous css directory path.
Also modifies the description of opaccolorstylesheet in the installer files to reflect current
usage as an auxiliary stylesheet.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Reverts part of commit 7b12e07 that removed references
to the Syndetics sysprefs in C4::Auth for no apparent reason.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Since this fix enables the previously-missing variable
'AmazonEnabled' in Auth.pm, this will also enable other
Amazon content in the staff client like Product
Descriptions and Amazon Similar Items (See Bug 3863)
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Added new HTML template variable, using_https, for use
of OPAC or staff-side templates that may need to know
whether to use http:// or https:// links to off-site
content.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
This patch adds XSLTDetailsDisplay and XSLTResultsDisplay variables
for the staff client, OPACXSLTDetailsDisplay and OPACXSLTResultsDisplay
variables to the OPAC. Note that the XSLTResultsDisplay doesn't actually
do anything because no one has added an XSLT version of search results
to the staff client.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
- Add two syspref:
- OPACXSLTResultsDisplay
- OPACXSLDetailsDispay
- Add them to .pref files and dispatch them beetween OPAC and Search
tab.
- Upgrade DB version to 3.2 .113
- Fix something wrong in UNIMARCslim2intranetDetail.xsl
- Display OPAC result and detail pages using those syspref.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
This doesn't define borrowernumber = 0 if a borrower is NOT logged.
We know borrowernumber 0 is mysqluser... So in virtualshelves, a non logged user have all permissions.
In the current OPAC, there is no easy way to search a particular library.
By default, a user searches all libraries, or with SearcMyLibraryFirst turn on,
the user's home library. In dev_week, a library pulldown menu existed in the search masthead.
This commit adds the option to bring that pulldown menu back
by turning on the system preference OpacAddMastheadLibraryPulldown
- the XSLTParse4Display sub now has a new parameter : the interface (intranet or opac)
- the XSLTdisplay sysprefs is common to staff & opac (Auth.pm)
- added UNIMARC xslt in intranet templates (modified to deal with staff/opac differences)
Enables ppl to store their search history and delete the whole history
Adding Storable required by Opac-Search-History
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Auth, after verifying the session/logging in the user, calls to the database
to get the users borrowernumber. This call is probably unnecessary because
borrowernumber is part of userenv. Check userenv before going to the database.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
This preference allows library staff to decide whether to show
the fines tab in the OPAC for logged in patrons.
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Without this, the mainenance page would not display because of:
Cannot use undefined value as a HASH reference in C4/Auth.pm
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
These don't belong every template, only on OPAC:
~ opacstylesheet
~ opaccolorstylesheet
~ opacsmallimage
The latter 2 were already being populated in C4::Auth anyway.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
$intflags was never used or returned if hashref instead of userid was passed.
Also cleaned up needless passing of $dbh.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
Allows specification of how many issues of a subscription to display
at a global and subscription-specific level. Also adds a link to the
detail page to a specific subscription.
Signed-off-by: Daniel Sweeney <daniel.sweeney@liblime.com>
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
This patch resolves a number of problems related to Enhanced Content:
1. Previously, there was no syspref for controlling whether or not to display
Amazon.com cover images apart from other content. This had the side effect
of preventing use of amazon.com content alongside use of another provider's
images. This patch introduces AmazonCoverImages and OPACAmazonCoverImages,
and changes the name of AmazonContent to AmazonEnabled.
So, for instance, you can now enable OPACAmazonSimilarItems yet utilize
SyndeticsCoverImages for displaying those similar items.
NOTE TO DOCUMENTATION TEAM: please update references to AmazonContent
and OPACAmazonContent to comply with the above.
2. Fixes some semantically incorrect uses of AmazonContent (now OPACAmazonEnabled)
on the OPAC side.
3. Resolves once and for all, the normalization of ISBN,UPC,EAN and OCLC numbers
for all enhanced content elements; These elements can be normalized using the
new functions in C4::Koha; I've replaced use of the various previously used
variables $xisbn,$norm_isbn,$clean_isbn, etc with $isbn, and the template
variable normalized_isbn.
We finally have a single, consistant place to retrieve normalize values for
these fields given a particular record.
4. Adds Syndetics attribution statements to display of all Syndetics content
'enhanced content provide by Syndetics' or 'Enhanced Description from Syndetics'
5. Adds an option to view the large cover image on the detail page on the OPAC
when using SyndeticsCoverImages; this option is controlled by a new system
preference: SyndeticsCoverImageSize which has two values: MC (medium) LC (large)
6. Adds UPC and OCLC numbers for Syndetics enhanced content queries especially
helpful for finding enhanced content for DVD and Music materials
7. Adds capability to display Syndetics images to opac-user for checkouts and overdues
8. Updates to systempreferences.sql, and updatedatabase.pl database revision 015
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
This patch also includes a new function to retrieve the index
page from Syndetics and parse it for available content prior to
retrieving content; this is done to speed up syndetics content
by not retrieving content that doesn't exist for an item. However,
Syndetics continues to be a very slow service compared to Amazon.com
and other enhanced content services
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
Following suggestion by Vincent Danjean for Debian
packaging, 0755 -> 0644 for non-executable
files.
Also removed shebang from a few modules in C4.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
This patch updates the queries for the shelf browser in opac-detail.pl for a
slight performance gain. It also adds a param for dateformat to C4::Auth to
fix a warning.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
Ror a poorly understood (by me) reason, use of 'use
UNIVERSAL' and 'use C4::Auth' in the SIP2 code is resulting
in a compilation error, thus blocking SIP2 from working.
The error (prior to this patch) could be reproduced as follows:
cd C4/SIP
perl -I. -wc Sip/MsgType.pm
"get_session" is not exported by the C4::Auth module
Can't continue after import errors at /home/gmc/koha/dev/C4/VirtualShelves.pm
line 51
BEGIN failed--compilation aborted at /home/gmc/koha/dev/C4/VirtualShelves.pm
line 51.
Compilation failed in require at /home/gmc/koha/dev/C4/Auth.pm line 34.
BEGIN failed--compilation aborted at /home/gmc/koha/dev/C4/Auth.pm line 34.
Compilation failed in require at Sip/MsgType.pm line 21.
BEGIN failed--compilation aborted at Sip/MsgType.pm line 21.
or more minimally
perl -ce 'use UNIVERSAL; use C4::Auth;'
This patch works around the problem by making C4::Auth
and C4::VirtualShelves not import any symbols
from each other.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
It appears that Perl 5.10 does not like ${@$foo}[0] but rather wants $foo->[0]
The latter is also much more readable. This patch makes the change.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
Adding code to refresh "Lists" button lists display in OPAC masthead.inc
Adding javascript to force refresh of parent window to update "Lists" button menu
Adding query limits and ability to specify row count and offset in queries related to Virtualshelves.
Also added the ability to return total record counts for specified virtualshelves.
Adding C4::VirtualShelves::GetRecentShelves which returns a list of the most recently modified shelves for
a given set of parameters. This allows the user to be offered active private and open lists to add books
to in drop down menus while also allowing drop down menus to be limited to a reasonable length.
This also limits the shelves stored in the user's session to a fixed number. A further enhancement might
be to add a syspref to enable a staff member to define the limit. Currently it is hardcoded at 10 per
list type (private/public-open).
Adding pagination to list/shelf related screens
Moving refresh shelves code into C4::VirtualShelves::RefreshShelvesSummary and tidying up a bit
Correcting several inconsistancies in the shelves templates as well as handling shelf management on
the intranet side correctly.
Correcting "Add To:" drop-down list to show only lists the patron has permission to add to
Correcting a few C4::VirtualShelves::GetShelvesSummary API calls
Modifications for template consistancy
Breaking up a 1367 char line of javascript in opac-results.tmpl
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
GetMemberDetails() returns only one hashref now,
not two. In all cases where the caller was
expecting two output values, the $flags return
was ignored anyway.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
This patch allows patrons to update their messaging preferences. This
includes methods in C4::Members to manage patron messaging preferences.
added cgi script to allow patron to edit their messaging preferences
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
I'd like to add another template parameter to geta_template_and user, but found it diffiult due to unreadability.
I stanadardized the whitespace in a portion of get_template_and_user,
alphabetized the parameters, finding a duplicate in one spot,
and then extracted the common template parameters that are set the same
regardless of template type.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
NOTE: This patch introduces code which generates an anonymous session when a patron first browses to OPAC.
This anonymous session contains a minimal amount of information including the results of a query to discover
all public lists/shevles. When the user logs in, the anonymous session is cleared and a new session created
for that user.
kohabug 1875 - fix error when editing a patron record
C4::Auth::checkauth was not distinguishing between a
'userid' input from an OPAC or staff login form and
a 'userid' input from (e.g.,) the patron editor.
Consequently, adding or editing a patron record would
result in Koha trying to log in as the new patron.
To resolve this, added a hidden input to all login
forms, 'koha_login_context', to explicitly signal
when a login is occurring. The value of this input
can be 'opac', 'intranet', or 'sco' - the value is
not used at present, but may be of use later.
C4::Auth - added debug flag to two warns
kohabug 1875 - create anonymous sessions only for OPAC
No need to create an anonymous session for the intranet.
set yuipath correct for login pages
When preparing the template parameters for a login form,
C4::Auth was overriding the value of yuipath set
by C4::Output::gettemplate(), thus causing 404 errors
if the 'yuipath' syspref was set to 'local'.
kohabug 1875 - avoid warns viewing lists anonymously
During an anonymous OPAC session, the $loggedinuser variable
is not set. As the undefined value causes warns in
C4::VirtualShelves::Page::shelfpage, for the purpose of the
shelfpage call the loggedinuser is set to -1, which should
not correspond to any real borrower number.
This is admittedly a hack to avoid digging through all
of C4::VirtualShelves to deal with lists viewed anonymously.
kohabug 1875 Refactoring of &ModShelf to avoid overwriting list owner needlessly
kohabug 1875 Avoid warning if can't find owner of shelf
Since virtualshelves.owner is not a true FK of borrowersnumber.number,
set ownername to '' if can't find the patron
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
Calculate OPACBaseURL from the
CGI environment variables instead of using the
system preference. As a result of this patch,
it should be possible to change the hostname,
protocol, or port of the OPAC without having to
reset a system preference.
Also added a FIXME to opac/unapi - the URL of
the SRU/W server has no necessary relationship
to the URL of the OPAC.
Once this patch is confirmed, the syspref can
be removed.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
Three scripts were incorrect setting the HTTP type
header to 'utf-8' instead of something appropriate
like 'text/html' - Firefox evidentally can ignore that
mistake, but IE7 does not.
Fixed by replacing an invalid print of the HTTP header
and template output with a call to
C4::Output::output_html_with_http_headers.
Also corrected POD in C4::Auth and InstallAuth to
reflect correct use of output_html_with_http_headers.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
now yuipath is added in C4::Output and uses themelang
In my opinion, all the general variables that are used in output should get in C4::Output (since there is theme lang computed.)
rather than in C4::Auth
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
Enhanced the permission-checking functions in C4::Auth
(e.g., get_template_and_user, checkauth, check_api_auth, etc.).
If the CheckSpecificUserPermissions syspref is OFF, the behavior
of those APIs is unchanged.
If CheckSpecificUserPermissions is ON, then the value of each
key in the flagsrequired hash is considered during
the permissions check:
1. if the value is 1, the staff user must have
all privileges for the userflags flag (or module)
referred to by the hash key, e.g.,
{ flaqsrequired => { tools => 1 } }
In terms of the database, this means that the
corresponding bit must be set in borrowers.flags.
2. If the value is '*', the staff user must
have at least one of the permissions for the
userflag/module, but it doesn't matter which one.
In terms of the database, this means ether that the
corresponding bit must be set in borrowers.flags or
that there at least is one row in user_permissions
for the staff user and bit/module combination.
3. If the value is any other string, it must be
a permissions code defined in the permissions table.
The staff user must have that specific permission
or have access to all functions of the module
In terms of the database, this means ether that the
corresponding bit must be set in borrowers.flags or
that there is a matching row in user_permissions
for the staff user, bit/module, subpermission
code combination.
In addition, get_template_and_user is modified so that the
CAN_user_XXX variables that it sets also includes the
subpermissions available (CAN_user_XXX_YYY, e.g.,
CAN_user_tools_import_patrons). The template variables
for the specific permissions are set regardless of whether
CheckSpecificUserPermissions is ON or OFF so that the templates
don't have to test for that syspref explicitly.
In addition, the meaning of CAN_user_XXX has changed slightly -
CAN_user_tools, for example, is set to 1 in the template if the
user has access to *any* of the tools functions. This was done
to simply the logic for deciding whether to display a menu
item in the staff interface are not. This does mean that
when specific subpermissions are added to (say) the circulate
module, each use of CAN_user_circulate will need to be examined
to see if the intent is to allow the user to get at a circ
menu or page or if the user really should be required to have
all circulate functions.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
adding some parameters to the call to opac-auth.tmpl in C4::Auth::checkauth
This displays the additional navigational links in the masthead on the login page to unauthenticated users.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
