Login will still break in opac-user.pl, but that seems a bigger problem
not from SCI module
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1 - Try to log in to opac with a superlibrarian
2 - Everythign goes wrong
3 - Apply patch
4 - Try to log in with superlibrarian
5 - You can sign in
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes C4::Templates::gettemplate set the KOHA_VERSION param
for the template. This way this template parameter, which is required by
(probably) all pages that include CSS/JS content is available in all
circumstances.
A noticeable problem with the current approach is when using the SCO and
SCI modules with wrong/forbidden users: C4::Auth short-circuits and
redirects to the login page, without setting the KOHA_VERSION param.
This patch solves it for good.
To test:
- Enable the SCI module
- Open the browser at
http://localhost:8080/cgi-bin/koha/sci/sci-main.pl
- Login with the db user (koha_kohadev / password)
=> FAIL: Login failure, but styling is broken
- Apply this patch
- Retry
=> SUCCESS: Everything looks as it should!
- Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the existing code for SCO use the new permissions schema
for self check modules. Specifically addresses this change:
circulate => self_checkout
becomes
slef_check => self_checkout_module
about.pl checks are dejusted too.
get_template_and_user gets refactored to avoid code duplication and the
conditions are adjusted for the new permissions.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the SCI module, and adapts C4::Auth to know about it.
The current behaviour is:
- Requires admin user initialization/login
- Uses the logged users' library
- A form allows to scan multiple barcodes
- A button sends the barcode list to the controller
to batch perform the checkins
- Successful and failed checkins are sent to the template
- Results are displayed
- Logout link
To test:
- Apply this patches
- Make sure you upgrade:
$ kshell
k$ perl installer/data/mysql/updatedatabase.pl
- Have 'SelfCheckInModule' disabled
- Go to http://kohadev.myDNSname.org:8080/cgi-bin/koha/sci/sci-main.pl [1]
=> SUCCESS: You are rejected because the feature is disabled
- Enable 'SelfCheckInModule'
- Go to the previous URL
=> SUCCESS: You are required to login
- Login with a user WITHOUT self_checkout permissions
=> SUCCESS: You are not allowed to log into the Self check-in module.
- Login with a user WITH self_checkour permissions
=> SUCCESS: You gain access, and are presented the UI
- Go through the several options
=> SUCCESS: All works as it should
- Click the 'Help' link
=> SUCCESS: A help text is displayed on a modal
- Sign off :-D
- Bonus points:
$ kshell
k$ qa -c 2 -v 2
=> SUCCESS: All tests green
[1] Adjust to your dev's OPAC setup
Signed-off-by: David Bourgault <david.bourgault@inlibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
CAS supports single logout, where if you logout of one application it
logs you out of all of them.
This bug implements this
You will need a CAS server (with single logout configure),
and at least 2 applications (one being Koha)
1/ In Koha login via CAS
2/ Login to the other application via CAS
3/ Logout of the other application
4/ Notice you are still logged into Koha
5/ Log out of Koha
6/ Apply patch
7/ Login to Koha via CAS, login to other app via CAS
8/ Log out of other app
9/ Notice you are logged out of Koha
If you dont have CAS, this patch should be a no op, you could test that
1/ Login and logout normally
2/ Apply patch
3/ Login and logout still work fine
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Patch works as described, local login still works correctly.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Needed when logging out and in again..
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Instead of basing the group searches on the group name, which is an
inherently touchy system, we should use the same checkbox style that
Jonathan introduced for the patron limits by group feature.
Test Plan:
1) Check to ensure existing group searches still show as they used to
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
On first login, Koha explodes before the logged in user does not exist
in DB.
This patch deals with that by adding several checks when it's needed.
Test plan:
Use the DB user to create a superlibrarian user.
The DB user should no be allowed to do anything else.
Signed-off-by: Signed-off-by: Jon McGowan <jon.mcgowan@ptfs-europe.com>
Bug 18403: Fix patron creation
memberentry.pl can be called to create a new patron, in that case the
patron does not exist yet.
Signed-off-by: Signed-off-by: Jon McGowan <jon.mcgowan@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Technical note:
To ease future changes we are passing a logged_in_user variable to templates.
It contains the Koha::Patron object representing the logged in patron.
This will be very useful for this patch and even after (for instance we will be
able to replace easily loggedinusername and loggedinusernumber).
Signed-off-by: Signed-off-by: Jon McGowan <jon.mcgowan@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test Plan:
1) Apply this patch set
2) Note your existing search groups have been ported over to the new
__SEARCH_GROUPS__ group if you had any
3) Create the group __SEARCH_GROUPS__ if one does not already exist
4) Add some first level subgroups to this group, add libraries to those groups
5) Search the library group searching in the intranet and opac
6) Note you get the same results as pre-patch
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This is a legacy mode that did not really work.
Test plan:
Play with frameworks and sysprefs and confirm the changes
(add/del/update) are taken into account.
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Similar to the full path test in sub themelanguage, this patch makes a
change in _get_template_file. This allows you to pass a template
outside the modules directory to get_template_and_user. (Note: the sub
badtemplatecheck already blocks bad paths.)
Especially, this would be helpful for plugins using templates. As can be
seen in Templates.pm, a change was made earlier to overwrite the filename
for a plugin in sub gettemplate. This exception can now be removed.
Also note the small change in Koha/Plugin/Base.pm; mbf_path is already
absolute and if we pass a full path, we do not need it. This allows use of
a regular Koha template or a shared template between plugins (as long as
badtemplatecheck allows the path).
What are the side-effects of this change?
[1] We should not pass absolute paths if we mean relative ones.
A follow-up patch deals with one occurrence in the codebase.
No regressions for regular use.
[2] Plugins can call get_template_and_user directly or go via get_template
in Koha/Plugin/Base (absolute paths don't go via mbf_path).
Note: replaced two single quotes in Auth.pm to show template name in test
description.
Test plan:
[1] Open some page on OPAC or staff client to trigger a template.
[2] Run t/db_dependent/Auth.t to verify not allowing some bad templates.
[3] Run t/db_dependent/Templates.t to verify an absolute path.
[4] Run t/db_dependent/Plugins.t to verify using templates in a plugin.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The bad template check in get_template_and_user can be removed, since
this check has been added in gettemplate on bug 18010.
The check moves here to a new sub in C4::Templates. And will be extended
in a follow-up.
Removed unused variable $path in gettemplatefile.
Test plan:
[1] Run t/db_dependent/Auth.t (get_template_and_user bad calls).
[2] Run t/db_dependent/Templates.t (bad call to gettemplate).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Indeed if RequireStrongPassword is set we need at least 3 characters to
match 1 upper, 1 lower and 1 digit.
We could make things more complicated to allow minPasswordLength < 3
but, really, 3 is already too low...
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Do not fill @return if retval == -1 for LDAP (see cfc484b17).
No need to call store after an DBIx update. Rearranged the if statement.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
A regression in commit cfc484b17 / bug #18314 breaks the local
authentication fallback for all external authentications like LDAP, CAS
and Shibboleth.
The regression itself is a logical error as "@return = (0)" is
considered to be "false" when checked with "unless" (line 1814). That's
wrong as "unless" tests the number of elements in a list.
This patch tries to simplify the logic by adding a $passwd_ok and
$check_internal_as_fallback flags to be more verbose and hopefully more
understandable.
The goal here is simply to restore back the same logic as before cfc484b17
Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
GetMember returned a patron given a borrowernumber, cardnumber or
userid.
All of these 3 attributes are defined as a unique key at the DB level
and so we can use Koha::Patrons->find to replace this subroutine.
Additionaly GetMember set category_type and description.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
C4::Members::GetBorrowersWithEmail can be easily replaced with
Koha::Patrons->search({ email => $email });
Test plan:
Confirm that you are still able to use PKI authentication
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To prevent brute force attacks on Koha accounts, staff and opac, we need to
implement an account lockout process to Koha.
After a number of failed login attempts a users account would become locked.
The user would then need to use the reset password functionality to send a reset
token to their email account. After a successful password reset the lockout flag
would be removed.
The number of failed login attempts before lockout is configurable using a new
system preference 'FailedLoginAttempts'.
How does it work?
When a patron enter an invalid password, the borrowers.login_attempts value
for this patron is incremented. When this value reach the value of the
pref FailedLoginAttempts, the password comparison is not done and the
authentication is rejected.
This login_attempts field is reset when a patron correctly logs in. When
the account is locked the patron has to reset his/her password using
the OpacResetPassword feature or ask a staff member to generate a new
password.
If the pref is not set (0, or '') the feature is considered as disabled,
but the failed login attempts are stored anyway.
Test plan:
0/ Apply patch and execute the update DB entry
1/ Switch on the feature by setting FailedLoginAttempts to 3
2/ Use an invalid password to login at the staff or OPAC interface
3/ After the third consecutive failures, you will be asked to reset your
password if OpacResetPassword is set, or contact a staff member
4/ Switch on OpacResetPassword and reset your password
5/ Confirm that you are able to login
6/ Play with the different combinations
QA details: The trick happens in C4::Auth::checkpw, to make things clear
I had to create a return value (note the awesome name: @return) and
replace the 3 successives if statements with elsif. Indeed if one of
the condition is reached, it will return inside the given block.
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Test plan:
1. Drop and recreate your db
2. Clear memcached
3. Go through the installer (to speed up this test plan install all
sample data so you dont have to create libraries, patron categories etc. later)
4. On the installer page login as the database user and notice that it
does not work on the first attempt ( you get 'Error: You do not have
permission to access this page')
5. Try logging in as database user for a second time and notice you are
logged in successfully this time
4. In staff interface create a patron account with superlibrarian permissions
5. Logout of the staff interface
6. Login as database user
7. Notice you cant log in. You get the 'Error:: You do not have permission to access this
page' error
8. Try a second attempt and notice you get the same error
9. Open the URL in a new tab and notice the staff interface appears
showing that you are logged in
10. log out and log back in as the superlibrarian user you created and
notice it works on first login attempt
11. Apply patch
12. Log out and try logging back in as database user and notice that you
can login successfully on first attempt
13. Repeat steps 1,2,3 and login as database user and notice the login
works on first attempt
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This features would add the ability to create clubs which patrons may be
enrolled in. It would be particularly useful for tracking summer reading
programs, book clubs and other such clubs.
Test Plan:
1) Apply this patch
2) Run updatedatabase.pl
3) Ensure your staff user has the new 'Patron clubs' permissions
4) Under the tools menu, click the "Patron clubs" link
5) Create a new club template
* Here you can add fields that can be filled out at the time
a new club is created based on the template, or a new enrollment
is created for a given club based on the template.
6) Create a new club based on that template
7) Attempt to enroll a patron in that club
8) Create a club with email required set
9) Attempt to enroll a patron without an email address in that club
10) Create a club that is enrollable from the OPAC
11) Attempt to enroll a patron in that club
12) Attempt to cancel a club enrollment from the OPAC
13) Attempt to cancel a club enrollment from the staff interface
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
When logging out from OPAC, plack-error.log log and/or opac-error.log
complain about 'uninitialized value $user' in C4/Auth.pm line 187. The
warning is not necessary, this patch removes it.
To test:
- try to trigger warning
- apply patch
- verify that warning no longer occurs
- prove t/db_dependent/Auth.t
- verifiy that SCO still behaves like before (especially if
you break out from sco path)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Updating to use they/them and skipping the ones changed to it
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Comments throughout the Koha codebase assume that
all librarians or borrowers are male by using the
pronoun 'he' universally. This patch changes to
'he or she' / 'him or hers'.
Testing plan:
- ensuring modifying tests still pass:
+ C4/SIP/t/06patron_enable.t
+ t/db_dependent/Circulation.t
+ t/db_dependent/Koha/Patrons.t
+ t/db_dependent/Reserves.t
Sponsored-By: California College of the Arts
No code changes detected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
By restoring some pieces of logic, with the name changed from $persona
to $emailaddress, the openid will work again for OPAC logins.
See https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10988#c68
for an excellent test plan.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Did not test it, but trust in author and signoffer
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
- Tests are now in t/db_dependent/Search/History.t
- There were 2 differents sysprefs in sysprefs.sql and in atomicupdate => fixed
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Added a syspref LoadHistory addSearchHistoryToTheFirstLoggedUser to select if you want the system to add the history of searches performed without session when you log in as registered user.
TEST PLAN
1 - Search in the catalogue, check you are not logged
2 - Log in : your last history should appear
4 - Log out
5 - Apply the patch
6 - Repeat 1 and 2
7 - Desactivate the syspref addSearchHistoryToTheFirstLoggedUser
8 - Repeat 1 and 2 : your last history shouldn't appear
The Unit test doesn't rollback but delete the added lines : the function get_template_and_user allway sets the autocommit to 1.
https://bugs.koha-community.org/show_bug.cgi?id=8010
Tested 3 patches together, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
From opac/opac-memberentry.pl, authnotrequired is set.
That means a patron can access the page without being logged in. It is
used on this page for the self registration feature.
From C4::Auth::get_template_and_user, we have
$userid = $q_userid;
$q_userid is previously set to the 'userid' CGI param.
We end up here if authonotrequired is set AND CGISESSID does not exist.
Test plan:
- Run:
$ prove t/db_dependent/Auth.t
=> FAIL: Regression test for checkauth fails
- Apply this patch
- Run:
$ prove t/db_dependent/Auth.t
=> SUCCESS: Tests pass.
- Sign off :-D
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This features would add the ability to create clubs which patrons may be
enrolled in. It would be particularly useful for tracking summer reading
programs, book clubs and other such clubs.
Test Plan:
1) Apply this patch
2) Run updatedatabase.pl
3) Ensure your staff user has the new 'Patron clubs' permissions
4) Under the tools menu, click the "Patron clubs" link
5) Create a new club template
* Here you can add fields that can be filled out at the time
a new club is created based on the template, or a new enrollment
is created for a given club based on the template.
6) Create a new club based on that template
7) Attempt to enroll a patron in that club
8) Create a club with email required set
9) Attempt to enroll a patron without an email address in that club
10) Create a club that is enrollable from the OPAC
11) Attempt to enroll a patron in that club
12) Attempt to cancel a club enrollment from the OPAC
13) Attempt to cancel a club enrollment from the staff interface
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
If a patron is not allowed to access the staff interface because its IP
address in the authorised range of IPs, the cookie should not contain
the CGISESSID.
If it is, the patron is logged in and will be able to access the staff
interface if he reload the page (or hit another one).
Test plan:
Confirm the that AutoLocation feature is now working as expected.
Note: It seems that this feature has never really worked as intended.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
At the OPAC, the AutoLocation feature should not be taken into account:
login to the OPAC from outside the IP range should work
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Those 2 prefs can be independent and it does not make sense to consider
AutoLocation only if IndependentBranches is set.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The example in branches.tt is:
Can be entered as a single IP, or a subnet such as 192.168.1.*
But actually the regex in C4::Auth does not handle subnets.
Test plan:
0/ Apply all the patches
1/ Switch AutoLocation on
2/ Define a subnet (192.168.0.* if your ip is like 192.168.0.X) in the IP
range of your library
3/ Log in on the staff interface
=> Should work
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Persona never really took off, and although many browsers currently
support it, very few services actually implement it.
This has lead to it's founders, Mozilla, to end the project. In their
own words:
=============================================================================
Persona is no longer actively developed by Mozilla. Mozilla has
committed to operational and security support of the persona.org
services until November 30th, 2016.
On November 30th, 2016, Mozilla will shut down the persona.org services.
Persona.org and related domains will be taken offline.
If you run a website that relies on Persona, you need to implement an
alternative login solution for your users before this date.
For more information, see this guide to migrating your site away from
Persona:
https://wiki.mozilla.org/Identity/Persona_Shutdown_Guidelines_for_Reliers
=============================================================================
Given the above, and that the Persona authentication methods as a whole
are no longer being actively maintained by anyone anywhere to ensure
ongoing security, we should deprecate the option from koha.
Test plan:
Apply this patch and make sure you do not find any references of Persona
Have a look at patches from bug 9587 and confirm that everything has
been reverted
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Code looks good to me.
Also ran several tests including: Auth.t, Auth_with_shibboleth.t.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
From C4::Auth:
my $patron = Koha::Patrons->search({ userid => $userid })->next;
This should be replaced with
my $patron = Koha::Patrons->find({ userid => $userid });
userid is a unique key
Caught with NYTProf:
# spent 78.9ms making 1 call to Koha::Objects::next
Test plan:
Login at the intranet
Reload the page
=> You must still be logged in
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested by enabling TrackLastPatronActivity and logging in again.
Verified lastseen column in borrowers.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Do not track when the pref has not been enabled.
This patch moves the conditional update in Auth.pm to Koha::Patron.
And adds a test for the new track_login method.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In order to add the ability to delete patrons who have been inactive for
more than a given time, we need to track down the last time they were
active.
To do that, we need a new DB column in the borrowers table (lastseen).
Note that the borrowers.lastseen column will not be initialised for existing
installations (set to NULL) so inactive existing patrons will never be
deleted.
A workaround would be to init them at the date when the new column will
be added.
Test plan:
0/ Set the new pref TrackLastPatronActivity on
1/ Log in as a patron (staff or OPAC)
2/ Check that the borrowers.lastseen field has been updated with the
current time
Sponsored-by: BULAC - http://www.bulac.fr/
Signed-off-by: Nicolas Legrand <nicolas.legrand@bulac.fr>
https://bugs.koha-community.org/show_bug.cgi?id=12276
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
