This patch adds the requirements that updating a system preference
requires a CSRF token. (Also, adding and deleting local system preferences.)
0. Apply patch
1. koha-plack --reload kohadev
2. Add local system preference
3. Update local system preference
4. Delete local system preference
5. Update normal system preference
6. Note no errors
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
</script> tags are interpreted in JSON strings as HTML, which can
lead to XSS attacks.
This patch puts HTML escaped JSON in the value of a hidden HTML element.
The Javascript then takes the value as a string, parses it as JSON,
and is able to use it to save search filters without triggering a
XSS attack.
This patch also adds DataTable's built-in HTML escaping for the query
and limits on the admin UI for the search filters.
Test plan:
0. Apply patch
1. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=SavedSearchFilters
2. Enable the system preference
3. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=e
4. Click "Save search as filter"
5. Checkbox "Show in staff interface?"
6. Type "E-TEST" into box and click 'Save'
7. Go to
http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=e
8. Click "E-TEST" under "Custom search filters"
9. Note that you see search results
10. Go to
http://localhost:8081/cgi-bin/koha/admin/search_filters.pl
11. Note that for "E-TEST" you see a "Query" like
{"operators":[],"operands":["e"],"indexes":[]}
12. Note that for "E-TEST" you see a "Limits" like
{"limits":[]}
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This change validates and escapes inputs for task scheduler.
Test plan:
0. Apply patch
1. koha-plack --reload kohadev
2. Go to http://localhost:8081/cgi-bin/koha/tools/scheduler.pl
3. Input a time a minute in the future and leave the date blank
4. Choose an existing report and output format
5. Type a malicious string which is also a valid email address
into the Email field
6. Click "Save"
7. Note that the job is added but the Email is wrapped in single
quotes
8. Try using a non-malicious email address with a single quote.
9. Note that the single quote is escaped, so that it will still
be used by runreport.pl
JD amended patch: tidy
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Removed pars for $email =~ regex, removed old commented lines.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch sets the $auth_state to failed when changing auth sessions,
so that the new login attempt gets processed correctly (instead
of skipping the authorization step).
Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?tab=&op=search&searchfield=baseurl
3. Log in as an OPAC user with 0 permissions
4. Note the auth screen "Error: You do not have permission to access this page"
5. Click "Log in"
6. Note that you're still shown a login screen (and that you've been logged out of
your previous authenticated session)
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
I think the correct behavior for this script should be that koha-foreach
will return 0 (success) if all the commands it tried to run succeeded, but
1 (failure) if any of the commands failed.
To test:
1. $ koha-create --create-db test
2. $ vi test.sh
if [ $USER = 'kohadev-koha' ]; then
echo "FAILED";
exit 1;
else
echo "SUCCESS";
exit 0;
fi
3. $ debian/scripts/koha-foreach sh test.sh
FAILED
kohadev: 1 status returned by "sh test.sh"
SUCCESS
4. $ echo $?
5. Note that the exit status is 0 (success)
6. Apply patch
7. $ debian/scripts/koha-foreach sh test.sh
FAILED
kohadev: 1 status returned by "sh test.sh"
SUCCESS
8. $ echo $?
9. Note that the exit status is 1 (failure)
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This change adds a unit test to test Koha::Auth::TwoFactorAuth::verify
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"
Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works
14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works
20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
At this time, we can specify fields to hide in SIP response at the login level. From a security perspective, it would be useful to also be able to specify which fields are allowed in a response.
Test Plan:
1) Apply this patch
2) prove t/db_dependent/SIP/Message.t
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
At the moment it's quite a lot of clicks to get from the basket
summary to the invoice something was received in. This adds a nice
shortcut by creating a new column for the invoicenumber in the basket
summary table.
To test:
* Make sure you have a basket with some received and unreceived
order lines
* Verify that the (received) shows for your received lines
* Verify no invoice number or link to it in sight
* Apply patch
* Verify that there is now a column for the Invoice containing
the invoice number as a link to the invoice
* Test with a staff patron, that doesn't have edit_invoices permission
* Verify that now instead of a link you see the invoice number as text
Be happy, sign off ;)
Note: this doesn't change the CSV export. The way the CSV is built is
quite different to the summary table, so it would be better handled
in a separate bug/patch. The columns are already quite different!
Sponsored-by: The Research University in the Helmholtz Association (KIT)
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Émily-Rose Francoeur <emily-rose.francoeur@inLibro.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the option to display sort1 and sort2 columns in the
view of the contents of a basket in acquisitions. The columns are
labeled "Statistic 1" and "Statistic 2" to match the labels in the
order creation/edit form.
The fields are hidden by default in the updated table configuration.
To test, apply the patch and restart services.
- Go to acquisitions and create a basket if necessary:
- Search for a vendor and click New -> Basket from the vendor
toolbar on the vendor search results screen.
- Create a basket, then click "Add to basket" from the basket details
page.
- Add an order to the basket.
- With at least one order in the basket, check the table of orders in
the basket.
- The columns should be unchanged.
- The table configuration button should show the two statistics fields
as hidden. Test that they can be displayed.
- Go to Administration -> Table settings.
- Under Acquisitions -> basket, try changing the settings for the
Statistic 1 and Statistic 2 fields, and check that your changes are
reflected in the basket view.
- Test with a vendor which has an EDI account:
- Enable the EDIFACT system preference.
- Go to Administration -> EDI accounts and create an account for your
vendor.
- Confirm that the table of orders in your basket still displays
correctly now that the "Supplier report" column is present.
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Ray Delahunty <r.delahunty@arts.ac.uk>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Before this patch set, a search for patrons from article requests or
reserves would search the attributes by default. They were not considered
'standard' searches, however.
This patch simply defaults to searching the 'standard' fields unless a value is passed
To test:
1 - Apply other patches
2 - Have patrons with searchable attributes
3 - From a title, click the holds or artickle requests tab
4 - Search for the attribute values and confirm patrons are not returned
5 - Apply this patch
6 - Search again, patrons are now returned
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
We'd missed an escape case in one of the calls to .split for the pipe
delimited split operations.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch moves the parsing of standard search_field into the buildPatronQuery subroutine
and adds a check for 'standard' field before adding attributes to the search
To test:
1 - Add a new attribute type and make it searchable
2 - Add a value to a patron
3 - Search for this value using 'Standard' fields, confirm you get the patron
4 - Search for the value using 'Cardnumber' field, confirm you get the patron - BAD!
5 - Apply patch
6 - Repeat cardnumebr search, confirm patron not found - Yay!
7 - Search standard, confirm patron is found
8 - Add a new field to 'DefaultPatronSearchFields
9 - Confirm it appears in patron search dropdown
10 - Confirm a search of this field with the attribute value does not return the patron
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The first column was named basket_number, but it's actually the
order_line.
To test:
* Edit column configuration for acquisition > basket
* Make sure to set at least one checkbox for 'basket_number'
* Apply patch, run database update
* Verify that the first column is now 'order_line', but your
settings have been preserved
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Moving to modalselect also has the effect of moving from comma delimited
to pipe delimitation for the preference contents
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
As requested by Katrin.. switch to the modal and expose all fields from
the borrowers database table
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the `DefaultPatronSearchFields` preference from
freetext expecting a comma delimited list of borrower fields to a
multi-select with a sensible list of fields available.
I opted to not use the Modal approach with all borrower fields listed as
I felt it made more sense to only expose a more limited subset of the
fields available to us.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This enhancement allows SIP to better handle recalled items - preventing the check-out of recalled items if they have been allocated to another patron, or fulfilling recalls if the item was recalled and allocated to this patron.
To test:
1. Run test `prove t/db_dependent/SIP/Transaction.t`
2. Confirm the test fails when trying to fulfill the recall
3. Apply the patch and restart services
4. Run test again `prove t/db_dependent/SIP/Transaction.t`
5. Confirm tests pass
Sponsored-by: Auckland University of Technology
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a replacement for jQueryUI sortable, a standalone
library called Sortable. The patch updates pages which previously used
jQueryUI for sorting.
The patch updates the style of most sortable elements to use the
"grip-vertical" Font Awesome icon.
To test, apply the patch and test the following pages, confirming that
sortable elements are sortable and that the newly sorted state is saved
correctly:
- Administration -> System prefernces -> I18N/L10N
- With multiple languages installed, test that languages listed in the
'language' and 'OPACLanguages' preferences can be sorted and that
after saving your changes the interface relfects your changes: In
the footer and header of the OPAC and in the footer of the staff
interface.
- Administration -> MARC bibliographic framework -> MARC structure ->
Edit subfields of a tag.
- Test using a tag with multiple subfields, e.g. MARC21 245.
- Test that you can click and drag to reorder the tabs in the
subfield edit view.
- Test that when you save your changes, including changes to the
"New" tab position, that fields are ordered correctly both in the
display on this page and in the basic MARC editor.
- Perform the same tests on Authorities: Administration -> Authority
types -> MARC structure -> Edit subfields of a tag.
- Authorities -> New (or edit) authority
- Multiple subfields of a tag should be sortable.
- Multiple copies of the same tag should be sortable relative to each
other.
- Confirm that your changes are saved correctly and that the detail
view of your updated authority record is correct.
- Perform the same tests on Cataloging -> New (or edit) record in the
basic MARC editor.
- Enable the StockRotation system preference if necessary.
- Go to Cataloging -> Stock rotation
- If necessary, create a new rota and add multiple stages
- In the "Manage stages" view you should be able to click and drag
to reorder stages. The new position should be saved immediately
via AJAX.
Signed-off-by: paul <paul.poulain@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
In UNIMARC instances, the run time of link_bibs_to_authorities.pl
can be reduced by up to 80% and the number of DBI calls
can be reduced by up to 90% with a very simple fix that
optimises the constructor of the C4::Heading::UNIMARC object.
Currently, the constructor resets the $bib_heading_fields hash
*in each invocation* (i.e. for every field the bibliographic
record contains), then populating it again with the results
fetched from the database! This is inefficient.
The patch/fix is trivial: we take advantage of the fact that
$bib_heading_fields is declared at the top of the
C4::Heading::UNIMARC module and is thus a package variable
that is in scope for the entire execution of the program
(more info here: https://stackoverflow.com/q/75317862).
Placing the section that generates the $bib_heading_fields
hash inside a "unless ( defined $bib_heading_fields )" code
block is enough to cause a significant reduction in the
number of "expensive" SQL SELECT queries that must be run.
Test plan:
0) Have a UNIMARC instance with some sample data (the KTD one
will do just fine for this experiment).
1) Run the following commands:
$ ktd --shell
k$ DBI_PROFILE=1 ./misc/link_bibs_to_authorities.pl -t
Observe the output from the script and the DBI profiling info.
[You may want to play with different DBI_PROFILE levels (such as
2, 4, 6, 8, etc.) to see what's going on under the hood DBI-wise,
for reference see: https://metacpan.org/pod/DBI::Profile]
2) Apply this patch.
3) Rerun the script from step 1), it should run a lot faster!
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If checkin or renew failed, we should not refresh the table or it will
hide the error message.
Test plan:
Apply the DO NOT PUSH patch
Do a renew
=> No error in the table
Apply this patch
Do a renew
=> You see the error
Revert the DO NOT PUSH patch
Do a renew
=> The table is refreshed
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Since Bug 30952 the feature from Bug 10902 does not work anymore.
The class "currentlibrary" is there but no background color in CSS.
Bug 30952 removed it :
- background-color: #E6FCB7;
This patch restores this rule plus '!important' that is used by
class 'ac-currentlibrary'
Test plan:
1) Perform a patrons search
2) Check you see green background color for patrons with same branch as
currently logged in.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch replace GetAllIssues in readingrec.pl which is the only
occurrence in the staff code.
To test this patch you will need several items in your checkout history
in order to confirm that the display is the same before and after the
patch.
However there is one change! And it's a bug fix (or an enhancement, it
depends on how you see things). It includes checkouts with deleted items, which is
a long standing bug (see bug 8483).
Performance will be compared as well.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Adds target="_blank" to the vendor website and interface URLs,
as we can expect them to be external sites.
Also changes mark-up a little so that the URL is shown without
an additional space in front, lining up with the other fields.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds markup around the vendor details interface URL so that
it is a clickable link.
To test, apply the patch and go to Acquisitions.
- Search for a vendor
- If you don't have a vendor with interfaces defined, edit one
- Under Interfaces -> Interface details, fill out the form, including
the URI field.
- Add more than one interface
- Save your changes and then view the vendor details page
- In the Interfaces section the interfaces you defined should have
clickable links.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch removes the GetReservesControlBranch method, and replaces its
uses with the newly introduced method.
To test:
1. Apply this patch
2. Verify that placing holds from the OPAC works
=> SUCCESS: Things work as expected
3. Run:
$ kshell
k$ prove t/db_dependent/Reserves* \
t/db_dependent/Hold* \
t/db_dependent/Koha/Hold* \
t/db_dependent/Koha/Biblio.t
=> SUCCESS: Tests pass!
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This simple method takes care of calculating the control branch for an
item and a patron, depending on a syspref.
It targets replacing C4::Reserves::GetReservesControlBranch
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Item.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 30403 had wrong syspref name in its
atomic update file. This patch fixes this in
db_rev 221200018.pl and adds new atomic
update file.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Useless use of a constant ("Dies if sip user cannot be found") in void context at t/db_dependent/SIP/Message.t line 582.
We should remove the comma..
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
There were a lot of failures (in the context of bug 34841)
t/db_dependent/SIP/Message.t .. 2/16
# Failed test 'Found AH field as timestamp in response'
# at t/db_dependent/SIP/Message.t line 820.
# Failed test 'Found AH field as SQL date in response'
# at t/db_dependent/SIP/Message.t line 825.
# Looks like you failed 2 tests of 8.
t/db_dependent/SIP/Message.t .. 3/16
# Failed test 'Desensitize flag was set for patron category not in inhouse_patron_categories'
# at t/db_dependent/SIP/Message.t line 1133.
# got: 'N'
# expected: 'Y'
# Failed test 'Desensitize flag was set for empty inhouse_patron_categories'
# at t/db_dependent/SIP/Message.t line 1139.
# got: 'N'
# expected: 'Y'
Because renewalsallowed is 0 for upgraded DB, when it's 5 for new
install.
We need to set the value.
This patch also adds some missing transaction
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 29093 had a dbrev without comment, but added comment to
kohastructure.
Test plan:
Check (or remove) comment on article_requests.toc_request.
Run dbrev.
Check if comment was added (if you removed).
Run t/db/Koha/Database/Commenter.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Our toolbar component is not flexible enough, we cannot:
* have something else than a router-link
* have a link outside of the app (it needs to be a Vue route)
This patch adds a ToolbarButton component that is used for existing
button. But other buttons can be added without being a router-link.
Test plan:
No change in behaviour here! Test the buttons in the 4 existing toolbar
(in the ERM module)
Sponsored-by: BULAC - http://www.bulac.fr/
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the quick spine label popup so that the footer uses
the same markup as the recently updated Z39.50 popup window in
cataloging.
To test, apply the patch and rebuild the staff interface CSS.
Go to Cataloging -> Quick spine label creator.
- Test the form with both an existing barcode and a non-existent
barcode.
- In the pop-up window, confirm that the footer looks correct and
that the buttons in the footer, in both cases, work correctly.
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>