This patch modifies several administration templates to use the
Bootstrap grid instead of YUI.
This patch also removes obsolete "text/javascript" attributes from
<script> tags in the modified templates.
To test, apply the patch and view the following pages, confirming that
they look correct at various browser widths:
- Administration -> Currencies and exchange rates
- View and edit currencies
- Administration -> Did you mean?
- Administration -> EDI accounts
- View and edit accounts
- Administration -> Library EANs
- View and edit EANs
- Administration -> Item search fields
- View and edit item search fields
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Having to write [% KOHA_VERSION %] for each url is bad because:
- It's easily forgettable when adding new <script> or <link>
- It prevents grep'ing for the full filename
- It violates the DRY principle
- If at some point we want to change the "force js and css reload"
mechanism, it will be tedious
This patch:
- adds a Template::Toolkit plugin that generates <script> and
<link> tags for JS and CSS files, and inserts automatically the Koha
version in the filename
- use the new plugin to remove all occurences of [% KOHA_VERSION %]
- remove the code that was adding KOHA_VERSION as a template variable
Test plan:
1. Apply patch
2. Go to several different pages in Koha (opac and intranet) while
checking your browser's dev tools (there should be no 404 for JS and
CSS files, and the Koha version should appear in filenames) and the
server logs (there should be no "File not found")
3. `git grep KOHA_VERSION` should return nothing
4. prove t/db_dependent/Koha/Template/Plugin/Asset.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When saving the "Did you mean?" setting, a popup with the
message "Successfully saved configuration" is shown, but
it cannot be translated. Make it translatable.
Test plan:
1) Go to Home -> Administration -> Did you mean?
2) Change the settings, click on "Save configuration"
3) Popup with "Successfully saved configuration"
4) Apply patch, update po-files, etc.
5) Check that the msgid "Successfully saved configuration"
is in fi-FI-staff-prog.po, and translate the message
6) install the fi-FI language
7) Change your UI language to finnish
8) Repeat 1, 2, 3. You should now see the same popup
message translated.
Signed-off-by: Pasi Kallinen <pasi.kallinen@joensuu.fi>
Signed-off-by: Roch D'Amour <roch.damour@inlibro.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the staff client "additional parameters"
administration templates so that JavaScript is included in the footer
instead of the header.
To test, apply the patch and test the JavaScript-driven features of
each page: All button controls, DataTables functionality, tabs, etc.
Signed-off-by: Simon Pouchol <simon.pouchol@biblibre.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch is amended to use the sysprefs search on all Administration
pages that do not have their own custom search.
To test:
1) Go to Administration
2) Notice Catalogue search at the top - seems out of place.
3) Apply patch and refresh page.
4) Notice admin / sysprefs search now shows and is more appropriate.
5) Confirm searching for sysprefs still works
This patch affects the following pages:
- admin-home.pl
- audio_alerts.pl
- authtypes.pl
- auth_tag_structure.pl
- authorised_values.pl
- biblio_framework.pl
- marctagstructure.pl
- branch_transfer_limits.pl
- branches.pl
- checkmarc.pl
- classsources.pl
- columns_settings.pl
- didyoumean.pl
- edi_accounts.pl
- edi_ean_accounts.pl
- fieldmapping.pl
- item_circulation_alerts.pl
- items_search_fields.pl
- items_search_field.pl
- item_types.pl
- koha2marklinks.pl
- matching-rules.pl
- oai_sets.pl
- oai_set_mappings.pl
- patron-attr-types.pl
- smart-rules.pl
- transport-cost-matrix.pl
- sms_providers.pl
Sponsored-by: Catalyst IT
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
There are several administration templates which still contain event
attributes. This patch move event definition to the JavaScript.
To test you must have the SMSSendDriver system preference set to
"Email." Apply the patch and go to Administration.
- In Global system preferences, change the value of any input or select
and then click the "Cancel" link for that section. After confirming
your choice, the page should reload with your changes reset.
- In Circulation and fine rules, edit any existing rule. In the editing
row, click the "Clear" button. The data for that rule should be
cleared.
- In Transport cost matrix, make any change to the matrix. Submitting
the form should work correctly.
- In MARC bibliographic framework, choose 'MARC structure' for any
framework.
- Checking or unchecking the 'Display only used tags/subfields'
checkbox should reload the page and change the display according to
your choice.
- In Did you mean?, make changes to the existing configuration.
- Clicking "Cancel" should reload the page and discard your changes.
- Clicking "Save configuration" should correcly save your changes.
- In SMS cellular providers, click to edit any existing provider.
Clicking the "Cancel" link should cancel the editing process and
return you to the list of providers.
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Fix sentence splitting by tags on didyoumean.tt leading to odd translations.
To test:
- Apply patch
- Go to Home > Administration > Did you mean?
- Verify that the information below the title displays properly and makes sense.
- Disable Javascript, reload page
- Verify that the warning about missing Javascript displays properly and makes sense.
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Works as descrived. Removed em tags for translation purpose
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Fixes several perlcritic complaints, and some overflow in the
configuration page. Also notes that Did You Mean is not yet
enabled on the staff client.
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Sorry about the problematic last attempt at uploading. I missed a
patch when squashing. It is now included.
When working with hierarchical subject headings, it is sometimes helpful
to do a search for all records with a specific subject, plus
broader/narrower/related subjects. This patch adds a suggestion plugin for
these "exploded" subject searches to Koha. Note that this patch depends on
both bug 8211 AND bug 8209.
To test (NOTE: this test plan covers both 8211 and 8726):
1) Make sure you have a bunch of hierarchical subjects. I created
geographical subjects for "Arizona," "United States," and "Phoenix,"
and linked them together using 551s, and made sure I had a half
dozen records linking to each (but not all to all three).
2) Do a search for su-br:Arizona (or choose "Subject and broader terms"
on the advanced search screen with "more options" displayed), and
check that you get the records with the subject "Arizona" and the
records with the subject "United States"
3) Do a search for su-na:Arizona (or choose "Subject and narrower terms"
on the advanced search screen with "more options" displayed), and
check that you get the records with the subject "Arizona" and the
records with the subject "Phoenix"
4) Do a search for su-rl:Arizona (or choose "Subject and related terms"
on the advanced search screen with "more options" displayed), and
check that you get the records with the subject "Arizona," the
records with the subject "United States," and the records with the
subject "Phoenix"
5) Ensure that other searches still work (keyword, subject, ccl,
whatever)
6) Use "Did you mean?" page in admin section to enable ExplodedTerms
plugin
7) Do a keyword search on the OPAC, confirm that searching for exploded
terms is suggested.
8) Do a subject search on the OPAC, confirm that searching for exploded
terms is suggested.
9) Do a non-keyword, non-subject search on the OPAC, confirm that
searching for exploded terms is NOT suggested.
10) Disable ExplodedTerms plugin and enable AuthorityFile plugin.
11) Do search on OPAC, confirm suggestions are made from authority file.
12) Sign off
Signed-off-by: wajasu <matted-34813@mypacks.net>
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Split into two patches. This patch includes only the functionality.
