On bug 29844 we decided to remove wantarray from Koha::Objects->search.
Reviewing the difference occurrences I found some unnecessary uses of ->as_list,
where iterators should be used instead.
This patch only removes the obvious places, not the tricky ones.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds Flatpickr assets to the OPAC (JS and SCSS). A few pages
are updated to use Flatpickr instead of jQueryUI datepickers.
jQueryUI CSS files are updated because they contain some font family
definitions which are simple to remove but overly complicated to
override. Without this change some Font Awesome icons are broken when
they appear inside jQueryUI widgets like tabs.
We don't run the risk of having this change overwritten by a future
jQueryUI upgrade because there won't be any more.
To test, apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- Log into the OPAC and check that date pickers on the following pages
work correctly, including month selection, year selection, forward
and back arrows, and "Clear date" controls:
- Go to the "Your personal details" page.
- Check the "Date of birth" field.
- With SuspendHoldsOpac enabled, view the "Your summary" page for a
patron with pending holds.
- Click "Suspend" to confirm that the "Suspend until" datepicker
works correctly for more than one hold.
- From the catalog search results page, select multiple results and
click the "Place hold" link.
- On the hold confirmation page, click "Show more options" to test
the "Hold starts on date" (with OPACAllowHoldDateInFuture enabled)
and the "Hold not needed after" fields.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch builds on Bug 22318 to move the OpacNavBottom system
preference into the "Additional contents" system, making it possible to
have language- and library-specific content.
To test you should have some content in the OpacNavBottom system
preference. To make testing easier it's also a good idea to have content
in the OpacNav preference.
- Apply the patch and run the database update process.
- In the staff client, go to Tools -> HTML customizations and verify
that the content from OpacNavBottom is now stored there. When you
edit the entry you should see content from the OpacNavBottom system
preference under the "default" tab.
- The publication date for the entry should be today's date.
- Confirm that the previous contents of OpacNavBottom were added
correctly.
- Go to Administration -> System preferences -> OPAC and verify that
the OpacNavBottom preference has been removed.
- Update and reinstall active translations (for instance fr-FR):
- cd misc/translator/
- perl translate update fr-FR
- perl translate install fr-FR
- View the OPAC and confirm that the contents of the OpacNavBottom
system preference displays in the left-hand sidebar.
- Test as many pages as possible to confirm that wherever the
OpacNavBottom content is displayed, OpacNavBottom is also displayed.
- Test also using the updated translation.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch builds on Bug 22318 to move the OpacNav system
preference into the "Additional contents" system, making it possible to
have language- and library-specific content.
To test you should have some content in the OpacNav system
preference. To make testing easier it's also a good idea to have content
in the OpacNavBottom preference.
- Apply the patch and run the database update process.
- In the staff client, go to Tools -> HTML customizations and verify
that the content from OpacNav is now stored there. When you
edit the entry you should see content for each of the enabled
translations in your system under each tab.
- Confirm that the previous contents of OpacNav were added
correctly.
- Go to Administration -> System preferences -> OPAC and verify that
the OpacNav preference has been removed.
- Update and reinstall active translations (for instance fr-FR):
- cd misc/translator/
- perl translate update fr-FR
- perl translate install fr-FR
- View the OPAC and confirm that the contents of the OpacNav system
preference displays in the left-hand sidebar.
- Test as many pages as possible to confirm that wherever the
OpacNavBottom content is displayed, OpacNav is also displayed.
- Test also using the updated translation.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 24223: (follow-up) Add date to OpacNav additional content entries
This follow-up modifies the atomic update so that it inserts today's
date as the "Published on" date. Without that information the system
considers the item unpublished and will not display the content.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 24223: (follow-up) Make logged-in user's branchcode available to template
This patch makes a couple of corrections for problems I discovered
while working on Bug 24224: The variables required for correct display
of news items by branch and language were not consistently available to
the templates.
In opac-readingrecord.pl, the "lang" variable was being overwritten. On
this and other pages the logged-in patron's brachcode was not made
available. I've corrected instances of KohaNews.get() to use the
globally-available "logged_in_user.branchcode" instead.
To test, apply the patch and follow the original test plan, with the
addition of instances of the OpacNav additional contents item which
have a specific library selected.
Confirm that such items are correctly displayed according to the
logged-in user's home library. If there is no logged-in user the
library-specific OpacNav should not display.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 24223: (follow-up) Updates to conform to new practices
- The patch now works with new "Additional contents" system
- The database update follows new skeleton.pl
- Add "OpacNav" option to the additional contents template
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 24223: (follow-up) Add missing "return" to atomicupdate
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 24223: (QA follow-up) Link OpacNav to HTML customizations now
In the pref description of OpacNavBottom. (Before obsoleting that
one too somewhere soon.)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Modified breadcrumbs to be accessible, in particular for a
screen-reader. Also ensured the breadcrumbs were all consistent.
Made the block of breadcrumbs to be a <nav id="breadcrumbs"
aria-label="Breadcrumb" class="breadcrumbs"> with an ordered list
inside. The last breadcrumb also has aria-current="page" to specify that
it is the current page.
To test, apply the patch and rebuild the OPAC CSS (https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client)
- Confirm that OPAC templates are updated consistently to use
breadcrumbs markup beginning with '<nav
id="breadcrumbs" aria-label="Breadcrumb" class="breadcrumb">'
- Pages in the OPAC should look consistent, with the last breadcrumb
styled as text and with the "aria-current" attribute "page."
Sponsored-by: Catalyst IT
Signed-off-by: Henry Bolshaw <bolshawh@parliament.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
- Enable the system preference PatronSelfRegistration
- Make sure PatronSelfRegistrationBorrowerUnwantedField does not
contain cardnumber.
- Set the system preference GDPR_Policy to "Enforce".
- In the OPAC click "Log in to your account" and "Register here".
- Fill out the form with valid data, but make sure you leave the
checkbox under "GDPR consent" unchecked.
- Submit the form
- You will get back the form with the error message "You have not filled
out all required fields. Please fill in all missing fields and
resubmit."
- Without patch: cardnumber is not editable, and there is no input
element for borrower_cardnumber (so the cardnumber will be lost when
resubmitting the form)
- With patch: cardnumber is editable.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The gender/sex and GDPR inputs were slightly misaligned (by
1.5em). Now they are aligned with the other inputs which have a width
of 10em (9em width + margin 1em). The label assignments and required
attributes for input elements are made also consistent.
To test:
1) Enable GDPR_Policy syspref
2) Apply patch, run "yarn build --view opac", restart plack
3) Go to /cgi-bin/koha/opac-memberentry.pl
4) Check that the GDPR input box shows the required text now in red
color
5) Check that the alignment of sex/gender and GDPR input matches with
the other inputs perfectly.
Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
- Display the value in the patron detail page
- Adds support for BorrowerUnwantedField (staff)
- Removes unecessary code in opac/opac-memberentry.pl
Sponsored-by: CCSR ( http://www.ccsr.qc.ca )
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the "Main Contact Method" field in the borrower
modification form.
This field is useful for reporting purposes, or to
know which contact method to use first when trying to contact a borrower.
Test plan:
0) Apply patch
1) updatedatabase.pl
2) In the staff client, edit a patron's contact info. There should be a new dropdown select to choose the main contact method
3) In the opac page, edit the personal details.There should be a new dropdown select to choose the main contact method.
4) Save the form. It should work.
Sponsored-by: CCSR ( http://www.ccsr.qc.ca )
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the patron entry form in the OPAC so that if street
types are defined in authorized values, the OPAC description is
preferred.
To test, apply the patch and go to Administration -> Authorized values.
- Add or edit entries in the "ROADTYPE" category.
- Some entries should have only the "Description" set, while others
should have "Description" and "Description (OPAC)".
- In the OPAC, open the patron registration page. Check the "Stree type"
drop down in the "Main address" section.
- For entries which have an OPAC description, this value should show.
- For entries without an OPAC description the default should show.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
1. Add some values to the ROADTYPE authorized value
2. Go to PatronSelfRegistrationBorrowerUnwantedField and make sure B_streettype is NOT checked
3. Go the self reg form, no alternate address street type field
4. Apply patch
5. Check the self reg form, B_streettype should be there with all the options defined in ROADTYPE a.v.
6. Check the self modification form, B_street type should be there.
7. Make sure PatronSelfRegistrationBorrowerUnwantedField and PatronSelfModificationBorrowerUnwantedField hide the field correctly.
8. Make sure PatronSelfRegistrationBorrowerMandatoryField properly makes the field required.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
1. Add some values to the ROADTYPE authorized value
2. Go to PatronSelfRegistrationBorrowerUnwantedField and make sure
streettype is NOT checked
3. Go the self reg form, no street type field
4. Apply patch
5. Check the self reg form, streettype should be there with all the
options defined in ROADTYPE a.v.
6. Check the self modification form, street type should be there.
7. Make sure PatronSelfRegistrationBorrowerUnwantedField and
PatronSelfModificationBorrowerUnwantedField hide the field correctly.
8. Make sure PatronSelfRegistrationBorrowerMandatoryField properly makes
the field required.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Changed each of the pages in the OPAC to have one <h1> tag showing that describes the page, rather than the <h1> describing the logo.
The hierarchy of heading tags may be broken in many pages, but this will be dealt with in a follow up patch or bug.
To test:
1) Go to the OPAC
2) Apply patch
3) Go to each of the pages and check that they have an obvious and
descriptive heading
4) Ensure that the heading in the page is <h1>
Sponsored by: Catalyst IT
Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz>
Signed-off-by: Henry Bolshaw <bolshawh@parliament.uk>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Changed the titles of each page on the OPAC to display the unique
information first, and the name of the website (e.g. Koha library
catalog). This is fot accessibility reasons, such as when a
screen reader user is going through tabs, they do not have to waste time
listening to the website name, they can just find the unique page title
first.
To test:
1) Go to the OPAC
2) Apply patch
3) Go to each of the pages and check that the page title has the unique
information about the page first, and the name of the website is at the
end
Sponsored by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds an inline "text-transform:uppercase" style attribute to
the OPAC self-registration CAPTCHA field so that the user doesn't have
to match the case of the CAPTCHA they're shown.
To test, apply the patch and start the process of self-registration in
the OPAC.
- At the end of the form, under verification, confirm that any text you
type in the verification field is uppercase by default.
- Confirm that the CAPTCHA is accepted when you submit the form.
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch improves the way we handle required fields in the patron
entry/update form in the OPAC. Instead of doing multiple checks for each
field using mandatory.defined(), the template now loops over a list of
fields and sets a "required" variable for any which are required.
Then, for each form field, the "required" variable is used to set
classes on labels, input fields, and the "required" text hints. The
class on form fields acts as a hook for the jQuery validator plugin. The
class on the text hints allows us to hide the text hint using CSS,
eliminating the necessity of using a template conditional.
The patch also adds the missing validator-strings include which enables
translation of the jQuery validator plugin's validation error messages.
To test, apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- Go to Administration -> System preferences and enable
PatronSelfRegistration.
- Select multiple fields to be required using the
PatronSelfRegistrationBorrowerMandatoryField preference.
- In the OPAC, start the process of registering for an account.
- The fields you designated as mandatory should each have a "Required"
label under them.
- Try to submit the form without entering any data. The required fields
should now be highlighted in red and have another label, "This field
is required."
- Fill in the required fields and submit the form. It should submit
correctly.
- Modify the PatronSelfRegistrationBorrowerMandatoryField preference
and select all fields as mandatory. Confirm that all fields in the
patron entry form work correctly.
- Test that form validation works correctly when modifying a logged-in
patron's existing account.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the patron entry form in the OPAC so that if there
is only one library to choose from, the input is hidden and the single
library displays as text.
To test, apply the patch and enable PatronSelfRegistration.
- Modify the PatronSelfRegistrationLibraryList system preference to
include only one library.
- Go to the self-registratoin page in the OPAC.
- Under "Home library," you should see the library name. If you inspect
the source you should see the library branchcode in a hidden form.
- Confirm that the form submission includes the correct library
information.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix a typo lenght for length
If category strong password is not set, then we fall back to the preference, but that can be "" - which should be treated as 0
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch fixes the bug when there is no patron category available for
selection in self registration form. It uses PatronSelfRegistrationDefaultCategory
to get patron's password length and strength.
To test:
1. Do not apply this patch
2. Allow SeflRegistration, set PatronSelfRegistrationDefaultCategory to
a valid patron category and finally add categorycode to PatronSelfRegistrationBorrowerUnwantedField
3. Go to opac and enter self registration form
CHECK => There is no patron category available for selection
=> Password's info alert shows "Password must contain at least
undefined characters"
4. Fill the form setting a password and send.
CHECH => You get an exception saying "You must provide a patron's
category to validate password's strength and length"
5. Apply this patch and restart_all
6. repeat steps 3 and 4
SUCCESS => Password's info alert message shows a number instead of
"undefined"
=> Password's strength and length checks are working
=> If you change default category's lenght or strength parameter it get's reflected when you refresh the page
=> When you click send, patron is saved
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The assumption on bug 26119 was wrong. We actually store patron's
attributes during self-registration if
PatronSelfRegistrationVerifyByEmail is not enabled.
Test plan:
Test the different combinations of PatronSelfRegistration and PatronSelfRegistrationVerifyByEmail
Confirm that the patron's attributes appears during self-registration if
PatronSelfRegistrationVerifyByEmail is not set.
Confirm that the patron's attributes are stored when they are displayed
on the self-registration form
Confirm that you can edit the patron's attributes in any cases (if they
are marked as editable at the OPAC)
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the capability to override minPasswordLenth and RequireStrongPassword settings by category
To test:
1. koha-shell kohadev
2. koha-mysql kohadev
3. drop database koha_kohadev;
4. create database koha_kohadev;
5. go to admin page and start webinstaller. There continue the steps until onboarding.
6. reach step 3 of onboarding and create a new administrator patron
CHECH => Password control woks as normal (Minimum length 3 and strong required)
7. finish Koha installation and enter admin with your new administrator
8. set minPasswordLength to 3 and RequireStrongPassword to “Don’t require”
9. Create a new category (CAT2 from now on.. CAT1 is the category you made in onboarding process) and set minimum password length to 8 and require strong password
10. Create two new patrons, one with CAT1(patron1) and one with CAT2 (patron2)
CHECK => In both cases, try different combinations of length and strength. For patron1 the only requirement is to have 3 letters, but for patron2 the minimum length will be 8 and will require strong password.
CHECK => Try changing patron category before saving. Password requirements will change with category change.
11. Edit CAT1 and set minimum password length to 5
12. Go to patron1 details page, and change password.
CHECH => Now password minimum length is 5, but still it doesn’t require strong password
13. Edit CAT1, leave blank minimum password length and set require strong password to yes.
14. Go to patron1 details page, and change password.
CHECH => Password minimum length is back to 3, but now strong password is required
15. Set minimum password length in CAT2 to 12.
16. Go to patron2 details page, and click to fill a random generated password
CHECK => generated password should be 12 characters length
17. Set PatronSelfRegistration to Allow in admin settings
18. Go to OPAC and fill self registration from.
CHECK => Play with patron category. For each change in category, password requirements are modified.
CHECK => Set CAT1 as patron category, set ‘aA1’ as password (or another valid password for CAT1) and before hitting submit button, change to CAT2. Form should enter invalid state, and CAT2 password requirements should be displayed as error in password input.
19. Create a patron for CAT1 and another for CAT2, leaving password blank
CHECK => For CAT1’s patron, generated password length is 8 (minimum length for generated passwords), but for CAT2’s patron should be 12
20. In admin set PatronSelfRegistrationVerifyByEmail to require
21. Fill self registration form again with CAT2 as category
CHECK => Password requirements works as previous case.
22. Leave password blank and click submit
23. select * from message_queue;
24. Copy the link in the message and paste it in OPAC
CHECH => Generated password is 12 characters long. (Copy user id for next steps)
25. In admin set OpacResetPassword to Allow
26. Go back to OPAC, reload and click on “Forgot password?” link
27. Paste user id and click submit
28. Repeat steps 23 and 24
CHECK => Info message says “Your password must contain at least 12 characters, including UPPERCASE, lowercase and numbers.”
CHECK => enter an invalid password and you’ll get the same message in warning.
29. Login OPAC with the last user and your newly created password
30. Go to “Change your password” option
CHECK => Info message says “Your password must contain at least 12 characters, including UPPERCASE, lowercase and numbers.”
CHECK => enter an invalid password and you’ll get the same message in below “New password” input.
31. prove t/db_dependent/AuthUtils.t t/db_dependent/Koha/Patron/Category.t
32. Sign off
Sponsored-by: Northeast Kansas Library - NEKLS
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates the version of Bootstrap in the OPAC from 2.3.1 to
4.5.0. The Bootstrap JavaScript files have been replaced with custom
builds of the 4.5.0 JavaScript source files. The Bootstrap CSS is now
built into the OPAC CSS by loading the required Bootstrap 4.5.0 SCSS
files in node_modules.
OPAC SCSS now starts with Bootstrap customizations:
/* Bootstrap variable customizations */
$headings-color: #727272;
...
Followed by loading the necessary Bootstrap SCSS files:
/* Bootstrap imports */
@import "../../../../../node_modules/bootstrap/scss/functions";
@import "../../../../../node_modules/bootstrap/scss/variables";
...
Followed by our CSS. The build process for generating compiled CSS now
creates a file which bundles Bootstrap CSS and ours. Removed from the
Koha source: Bootstrap CSS files, Bootstrap "glyphicons" images.
The upgrade to Bootstrap 4 involved a lot of markup changes to conform
with new Bootstrap classes, especially in classes related to the grid.
Besides duplicating the grid we used before, this upgrade adds some new
features made possible by Bootstrap 4.5's use of flexbox as a layout
tool. This includes custom ordering of columns based on class names:
https://getbootstrap.com/docs/4.5/layout/grid/#order-classes.
Other areas where the most changes have been made: Navigation menus,
breadcrumb menus, buttons, dropdowns.
Bootstrap's JavaScript file is now "bootstrap.bundle.min.js" to reflect
the fact that a required JavaScript asset is now distributed separately
in Bootstrap 4. The "bundle" version includes Popper.js.
Unrelated changes: Indentation corrections, removal of invalid
"//<![CDATA[" markers, removal of invalid script type attributes.
To test, apply the patch and run 'yarn install' to install Bootstrap as
an npm module. Run 'yarn build --view opac' to regenerate the OPAC CSS.
Test as many aspect of the OPAC as possible, viewing pages at various
browser widths to confirm that everything adjusts well. Test with
various OPAC interface system preferences enabled and disabled.
Test self checkout and self checkin.
Known issues: RTL support has not been updated.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
As this has been a little controversial, this patch undoes
the change to "None specified / Prefer not to say" to be
"None specified" again as before this patch set.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds "Other" as an option, and also changes the wording of
"None specified" slightly.
To test:
1) Apply the patch
2) Check that there is an "Other" radio button in the patron record, and
that the wording of "None specified" has changed to "None specified /
Prefer not to say".
3) Check that you can save changes to the gender of this patron record,
both on create and modify.
4) Check that these changes also work in the Opac Self-Registration
functionality.
Correct typos in previous commit
Signed-off-by: Devinim <kohadevinim@devinim.com.tr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
There is no good reason remove the ability to edit patron's attributes
if PatronSelfRegistrationVerifyByEmail is set.
We cannot have them in the self-registration form (because we don't
store patron's attributes during self-ref), but we can have them when
a patron show/edit their information.
Test plan:
0. Enable PatronSelfRegistrationVerifyByEmail and create patron's
attributes that can be edited at the OPAC
1. Create a new patron using the self-reg feature
=> You don't have the ability to fill in the patron's attribute
2. Edit your personal details (OPAC)
=> Without this patch you still don't see the patron's attribute that
can be edited at the OPAC
=> With this patch applied you can!
3. Notice the wording change on the "Modify patron attribute type" form
and confirm it makes sense
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
- Set 1+ patron's attribute(s) mandatory
- Use the self-registration feature and confirm that you cannot selfreg
if the attribute has no value (or empty string)
- Same with the modification form (logged in)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1) update database, restart memcached/plack
2) Go to Administration -> System preferences -> OPAC tab. Enable the
new PatronSelfRegistrationConfirmEmail system preference. Enable other
required self registration sysprefs.
3) Go to the OPAC home page. (You may need to log out). Click the
'Register' link so you are redirected to the member entry form.
4) Notice the 'Confirm primary email' field after the 'primary email'
field. Put 'a@a.com' in primary email, and 'b@b.com' in the confirm
field. Scroll to the end of the form and Submit.
5) Confirm the form is not successfully submitted, and an error message
is shown to indicate the email addresses do not match.
6) Confirm you cannot cut, copy or paste in either the primary email or
confirm primary email fields. Confirm the right click menu doesn't work
in these fields.
7) Disable javascript in your browser.
8) Repeat steps 3 and 4.
9) Confirm there is an error message to indicate the email addresses do
not match.
10) Re-enable javascript. Fill in the form correctly with matching email
addresses and confirm it successfully submits.
11) Disable the PatronSelfRegistrationConfirmEmail syspref.
12) Attempt to register an account on the OPAC again. Confirm the
'confirm email address' field is gone and form works as expected.
13) Re-enable the PatronSelfRegistrationConfirmEmail syspref.
14) Log in to the OPAC and go to your personal details
15) Edit the primary email field
16) Confirm you are able to submit your changes (you should not see an
error about emails not matching).
Sponsored-by: Bibliotheksservice-Zentrum Baden-Württemberg (BSZ)
Signed-off-by: holly <hc@interleaf.ie>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To test:
1 - Verify on staff side that patron can be edited to opt in our out of auto renewal
2 - Check out some items to a patron opted in to auto renewal
3 - Ensure the items are checked out and set to autorenew
4 - Login on the opac at the patron
5 - Verify items cannot be renewed as scheduled for auto-renewal
6 - On staff side, opt patron out of auto renewal
7 - Verify on opac items are no longer marked for auto renewal
8 - Run the auto renewal cron job, items are not renewed
9 - Set 'no renewal before' to a setting that would prevent renewal
10 - Verify that opting patron in or out of auto renewal changes only the reason items cannot be renewed
11 - Set 'no renewal before' to a setting that would allow for renewal
12 - Verify that opting patron in/out changes their ability to renew
13 - Verify that when opted out cron does not renew
14 - Verify that when opted in the item is auto renewed
15 - Reset the due date, opt out, verify manual renewal succeeds
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Apply 'Break lines on chained methods' to the new JS code introduced in
this patchset to prevent really long lines.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patchset makes opac-memberentry.pl use the API instead of the old
svc scripts for ajax calls, for setting privacy configuration in the
OPAC.
To test:
1) Disable OPACPrivacy
2) Enable AllowPatronToSetCheckoutsVisibilityForGuarantor
3) Enable AllowPatronToSetFinesVisibilityForGuarantor
4) Have a known patron be the guarantee of someone (so things display)
5) Log into the OPAC, go to the 'your personal details' tab
6) Change 'Allow your guarantor to view your current checkouts?' and
click the 'Update' button.
=> SUCCESS: Operation succeeds
7) Reload the tab
=> SUCCESS: The page reflects the expected changes (i.e. the API did it
right)
8) Repeat 6 and 7 with the 'Allow your guarantor to view your current
fines?' option
=> SUCCESS: It works as well
- Sign off :-D
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds two preferences
1. AllowPatronToSetFinesVisibilityForGuarantor: Allow/Don't allow patrons to choose their own privacy settings for showing the patron's fines to the patron's guarantor
2. AllowStaffToSetFinesVisibilityForGuarantor: Allow/Don't allow staff to set the ability for a patron's fines to be viewed by linked patrons in the OPAC
Also adds a tinyint, non nullable, default to 0 column in borrower and deletedborrower named privacy_guarantor_fines.
1. privacy_guarantor_fines = 0 => don't allow guarantor to see guarantee's fines
2. privacy_guarantor_fines = 1 => allow guarantor to see guarantee's fines
To test:
1) git reset --hard master
2) apply patches (including dependencies)
3) perl installer/data/mysql/updatedatabase.pl
4) dbic
5) restart_all
6) in intranet search for AllowPatronToSetFinesVisibilityForGuarantor and AllowStaffToSetFinesVisibilityForGuarantor preferences
SUCCESS => both preferences should be present
7) search for a patron with guarantor
SUCCESS => in details tab, in "Library use" section you should see a row labeled "Show fines to guarantor"
8) edit
CHECK => in Guarantor information there is no "Show fines to guarantor" select
9) set AllowStaffToSetFinesVisibilityForGuarantor preference to "Allow"
10) return to patron with guarantor and edit
SUCCESS => in Guarantor information section there is a "Show fines to guarantor" select
11) change "Show fines to guarantor" select to "Yes" and save
SUCCESS => Value is saved
12) go to details tab
SUCCESS => in "Library use" section you see a row labeled "Show fines to guarantor" with value "Yes"
13) set OPACPrivacy preference to "Allow"
14) open 2 opacs, one with a patron that has a guarantor and another that hasn't and go to "your privacy" tab.
CHECK => in both opacs you should not see a "Allow your guarantor to view your current fines?" select
15) in intranet set AllowPatronToSetFinesVisibilityForGuarantor to "Allow"
16) refresh both opacs
SUCCESS => in Patron that has guarantor you see a "Allow your guarantor to view your current fines?" select
=> in Patron without guarantor you don't see a "Allow your guarantor to view your current fines?" select
17) in Patron with guarantor change value of select and save
SUCCESS => Value is saved
18) in intranet set OPACPrivacy preference to "Don't allow" and AllowPatronToSetFinesVisibilityForGuarantor to "Don't allow"
19) got to "your personal details" in both opacs
CHECK => in both opacs you should not see no Privacy section with a "Allow your guarantor to view your current fines?" select
20) in intranet set AllowPatronToSetFinesVisibilityForGuarantor to "Allow"
21) refresh both opacs
SUCCESS => in Patron that has guarantor you see a "Allow your guarantor to view your current fines?" select in a Privacy section
=> in Patron without guarantor there is no Privacy section
22) in Patron with guarantor change value of select and update
SUCCESS => Value is saved
23) Sign off
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the ability to set an unlimited number of guarantors
for a given patron. As before, each guarantor may be linked to another
Koha patron, and all the behavior that applies to a given guarantor
remains the same.
Test Plan:
1) Apply this patch
2) Run updatedatabase.pl
3) Find some patrons with guarantors, verify the still have their guarantor
4) Test adding and removing guarantors on a patron record, both Koha users and not
5) Verify the "Add child" button works
6) Verify NoIssuesChargeGuarantees still works
7) Verify tools/cleanborrowers.pl will not delete a guarantor
8) Verify the guarantors are displayed on moremember.pl
9) Verify the guarantor is removed by members/update-child.pl
10) Verify the guarantor is removed by misc/cronjobs/j2a.pl
11) Verify import patrons converts guarantor_id, relationship, contactfirstname,
and contactsurname into a guarantor
12) prove t/Patron.t
13) prove t/db_dependent/Circulation.t
14) prove t/db_dependent/Circulation/NoIssuesChargeGuarantees.t
15) prove t/db_dependent/Items.t
16) prove t/db_dependent/Koha/Patrons.t
17) prove t/db_dependent/Members.t
18) prove t/db_dependent/Patron/Relationships.t
Signed-off-by: Kim Peine <kmpeine@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Agustin Moyano <agustinmoyano@theke.io>
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Test plan:
Toggle value of pref AddressFormat and verify change on opac-memberentry.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To test:
PatronSelfRegistration = Allow
PatronSelfRegistrationDefaultCategory = PT (or some other real category)
GDPR_Policy = Enforced
PrivacyPolicyURL = Some URL
- Go to <opac>/cgi-bin/koha/opac-memberentry.pl and verify that the text "privacy
policy" displays a link to the current page, not the URL in PrivacyPolicyURL
- Go to Administration > System preferences > Patrons > Privacy
- Verify that the descriptions of GDPR_Policy and PrivacyPolicyURL does not
mention that PrivacyPolicyURL needs to be set if GDPR_Policy is set.
- Apply the patch
- Verify that opac-memberentry.pl now links to the URL in PrivacyPolicyURL
- Verify that the syspref descriptions mention the relationship between them
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Bin Wen <bin.wen@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch modifies a few templates in the OPAC so that all available
information on password requirements is displayed for each case where
the patron is setting a password:
- If the RequireStrongPassword system preference is set, a message
should appear listing strong password requirements and minimum
password length.
- If RequireStrongPassword is not set, the message should only ask for
a minimum password length.
To test, apply the patch and enable the PatronSelfRegistration and
OpacResetPassword preferences.
On the following pages, test with RequireStrongPassword both on and
off. The correct messages should appear.
- OPAC -> Forgot password. Follow the process to reset your password
until you reach the step where you are entering the new password.
- OPAC -> Register here. Check the password section of the registration
form.
- OPAC -> Log in -> Change your password.
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Bug 13618 took care of the KohaDates output but not if it is called
with a parameter (eg. [% var | $KohaDates with_hours => 1 %]).
We could avoid unnecessary processing by removing the extra html filter.
Patch generated with the following command:
% perl -p -i -e 's/KohaDates([^%\|]*)\s?\|\s?html\s?/KohaDates $1/g' **/*.inc **/*.tt
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch has been generated with the script provided on bug 21576.
It only affects variable used in the href attribute of a link *when*
href it the first attribute of the node (grep "a href")
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
We add a section for the GDPR consent in opac-memberentry (only for the
self-registration). Not when editing personal details.
Test plan:
[1] Enable selfregistration (with confirm) and GDPR policy.
[2] Register a new account in OPAC. Verify that the GDPR checkbox is
required.
[3] After you submit, you should see a date in borrower_modifications
field gdpr_proc_consent.
[4] When you confirm, verify that the consent is visible on your consents.
[5] Enable selfregistration without confirmation mail. Register again.
[6] Check your consents tab again.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>