If a different branch is selected after an incorrect login, the previous
branch will be used.
To recreate:
* login with foo/bar, select CPL => FAIL
* login with koha/koha, select another branch => OK but CPL is picked!
It was caused by a dup of "branch" in CGI param list (and first was
picked).
This patch patch also removes "koha_login_context" to not have it twice.
You can also open the source of the page to confirm that form#loginform
contains "branch" and "koha_login_context" in hidden inputs.
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested in KTD. Works as advertised.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This changes how the required appears. Now it will display 'our'
text for requires fields instead of using the browser default.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
There were references to ForceLibrarySelection and ForceLibrarySelection (notice
the additional d) in the patch.
Standardized to: ForceLibrarySelection
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds the ability to force staff to select a library when
logging into the staff interface. This is done via a new system
preference: 'ForcedLibrarySelection'
To test:
1) Apply patch, restart_all, and updatedatabase
2) Log out of the staff interface. Notice the login form looks the same
and the "Library:" dropdown has 'My Library" selected as default. Log
back into the staff interface.
3) In Administration, search for the system preference
"ForcedLibrarySelection". Set it to 'Force' and press save.
4) Log out of the staff interface. Notice that this time, the "Library:"
dropdown is required and has a blank selection as the default.
5) Fill in the username and password but do not select a library. Click
'Log in'
6) Notice you cannot log in and are asked to 'Please select an item in
the list'
7) Select a library from the drop down and click 'Log in'
8) Notice the login was successful and you were logged in to the library
you selected.
9) Try loggin in with some other libraries to verify it works as
expected
10) Sign-off :)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates various templates so that title tags can be more
easily translated. Some templates have been updated for consistency as
well: Harmonizing page title, breaddrumb navigation, and page headers.
To test, apply the patch and confirm that the following pages have the
correct title tags:
- Staff interface -> Log in
- Staff interface home page
- Error page (e.g. for a missing page 404 error)
- About page
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
The form for entering your authentication code shoudl not suggest
previous codes.
To test:
* Activate TwoFactorAuthentication
* Go to your patron account in staff
* More > Manage 2-factor authentication
* I used "Google authenticator" on my phone, so:
* Open app on your phone, add new and scan the QR code
* Enter activation code
* Log out of staff interface
* Log back in, you are now also asked for an authentication code
as second step
* Look up code in app, enter, get logged in
* Log out, log back in - the form now suggests the previous code
when you click on it
* Apply patch
* Reload things (restart_all on ktd)
* Verify that you no longer get the suggestion
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Changed the error message for authentication providers to use
"in" instead of "with".
To Test:
Review the patch file closely and verify changes.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
There is a missing wait_for_ajax call at after we click but wait_for_ajax
is waiting for the return of success, and the alert is there.
22:01:57 koha_1 | STRACE: /usr/share/perl5/Try/Tiny.pm:123 in Selenium::Remote::Driver::catch {...}
22:01:57 koha_1 | /usr/share/perl5/Selenium/Remote/Driver.pm:361 in Try::Tiny::try
22:01:57 koha_1 | (eval 541):1 in Selenium::Remote::Driver::__ANON__
22:01:57 koha_1 | (eval 543):2 in Selenium::Remote::Driver::__ANON__
22:01:57 koha_1 | /usr/share/perl5/Selenium/Remote/Driver.pm:654 in Selenium::Remote::Driver::_execute_command
22:01:57 koha_1 | t/db_dependent/selenium/authentication_2fa.t:282 in Selenium::Remote::Driver::get_alert_text
22:01:57 koha_1 | /usr/share/perl/5.32/Test/Builder.pm:334 in main::__ANON__
22:01:57 koha_1 | /usr/share/perl/5.32/Test/Builder.pm:334 in (eval)
22:01:57 koha_1 | /usr/share/perl/5.32/Test/More.pm:809 in Test::Builder::subtest
22:01:57 koha_1 | t/db_dependent/selenium/authentication_2fa.t:291 in Test::More::subtest
22:01:57 koha_1 |
22:01:57 koha_1 | # Looks like you planned 7 tests but ran 4.
22:01:57 koha_1 |
22:01:57 koha_1 | # Failed test 'Enforce 2FA setup on first login'
22:01:57 koha_1 | # at t/db_dependent/selenium/authentication_2fa.t line 291.
22:01:57 koha_1 | Error while executing command: no such alert at /usr/share/perl5/Selenium/Remote/Driver.pm line 411.
22:01:57 koha_1 | at /usr/share/perl5/Selenium/Remote/Driver.pm line 356.
22:01:57 koha_1 | # Looks like your test exited with 255 just after 4.
22:01:57 koha_1 | [20:59:37] t/db_dependent/selenium/authentication_2fa.t
Test plan:
Confirm that the test pass (execute it in a loop, hundreds of times)
Confirm that the behaviour of 2FA "enforced" (see bug 30588) is still
working as expected.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch makes changes the button markup in various assorted
templates so that all submit buttons and any buttons that should should
be styled as primary buttons have the Bootstrap class "btn btn-primary."
To test, apply the patch and view the following pages to confirm that
everything looks correct. In most cases there are no visible changes.
- Staff interface login
- Authorities -> Add/edit
- Authorities -> Merge
- ILL -> ILL requests
- Tools -> Patron lists
- Administration -> Manage plugins -> Upload plugin
- Point of sale
- Point of sale -> Transaction history
- Holds
- Suggestions
- Tags
- Calendar
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lukasz Koszyk <lukasz.koszyk@kit.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lukasz Koszyk <lukasz.koszyk@kit.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 28786 added the ability to turn on a two-factor authentication,
using a One Time Password (OTP).
Once enabled on the system, librarian had the choice to enable or
disable it for themselves.
For security reason an administrator could decide to force the
librarians to use this second authentication step.
This patch adds a third option to the existing syspref, 'Enforced', for
that purpose.
QA notes: the code we had in the members/two_factor_auth.pl controller
has been moved to REST API controller methods (with their tests and
swagger specs), for reusability reason. Code from template has been
moved to an include file for the same reason.
Test plan:
A. Regression tests
As we modified the code we need first to confirm the existing features
are still working as expected.
1. Turn off TwoFactorAuthentication (disabled) and confirm that you are not able to
enable and access the second authentication step
2. Turn it on (enabled) and confirm that you are able to enable it in your account
3. Logout and confirm then that you are able to login into Koha
B. The new option
1. Set the pref to "enforced"
2. You are not logged out, logged in users stay logged in
3. Pick a user that does not have 2FA setup, login
4. Notice the new screen (UI is a bit ugly, suggestions welcomed)
5. Try to access Koha without enabling 2FA, you shouldn't be able to
access any pages
6. Setup 2FA and confirm that you are redirected to the login screen
7. Login, send the correct pin code
=> You are fully logged in!
Note that at 6 we could redirect to the mainpage, without the need to
login again, but I think it's preferable to reduce the change to
C4::Auth. If it's considered mandatory by QA I could have a look on
another bug report.
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 28786 let librarians enable a Two-factor authentication but force them to use
an application to generate the TOTP token.
This new enhancement add the ability to send an email containing the token to the
patron once it's authenticaed
The new notice template has the code '2FA_OTP_TOKEN'
Test plan:
- Setup the two-factor authentication (you need the config entry and the
syspref ON)
- Enable it for your logged in patron
- Logout
- Login and notice the new link "Send the code by email"
- Click on it and confirm that you received an email with the code
- Use the code to be fully logged in
QA question: Is 400 the correct error code to tell the email has not
been sent?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Sponsored-by: Rijksmuseum, Netherlands
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
And a few minor fixes when they where causing issues for
translatability.
And rephrased a string about password reset to have it identical to
other strings with the same meaning.
Simplified via wrapping strings with <span> to split to huge
concatenated strings with a lot of %s everywhere.
== Test plan ==
This patch needs mainly proof reading. Still it's possible to do some
basic testing to demonstrate that adding a <span> in an IF doesn't
break anything.
Pick in one of the 110 modified templates a string that you know how to
display. Otherwise:
1. acquisitions => vendor => basket => add to basket =>
search "from existing record" => add order
2. Cancel the order
3. You see without issue "Bibliographic record will not be deleted"
4. administration => Patron categories
5. Try to delete a used and unused category
6. You see as expected
Category XXXX is in use. Deletion not possible!
and
Confirm deletion of category XXXX
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Paul Derscheid <paul.derscheid@lmscloud.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch adds a new page opac-reset-password where a user cna enter their login
(userid or carndumber), current password, and new password.
If the user has a password expiration date and the current password is correct and
the new passwords match and meet requirements their password will be updated and the
expiration date reset
A patron whose password does not expire will be reidrected to login to change their password
To test:
1 - Apply patch, updatedatabase, enable new syspref EnableExpiredPasswordReset
2 - Set 'Password expiration' for a patron category
Home->Administration->Patron categories->Edit
3 - Create a new patron in this category with a userid/password set, and an email
4 - Update the patron with an expiration to be expired
UPDATE borrowers SET password_expiration='2022-01-01' WHERE borrowernumber=51;
5 - Give the borrower catalogue permission
6 - Attempt to log in to Straff interface
7 - Confirm you are signed out and notified that password must be reset
8 - Click 'Reset your password' link
9 - You should see the reset password page with fields for: login, current password, new password, conmfirm password
10 - enter invalid/incomplete credentials
11 - Confirm you are notified of invlaid credentials
12 - Fill in all fields, but enter current password as new password
13 - Confirm you are notified of no change
14 - Set minimum password length / strong password requirement for category
15 - Confirm you receive error if new password too short or not secure
16 - Enter a valid new password and submit and confirm update is successful
17 - Confirm you have buttons to go to OPAC or Staff and that both work
18 - Confirm you cna log in (i.e. expiration has been reset)
19 - Expire the users password
20 - Remove catalogue permission
21 - Reset password again and confirm only OPAC link
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds the ability to define password_expiry_days for a patron
category.
When defined a patron's password will expire after X days and they will
be required to reset their password. If OPAC resets are enabled for the
catgeory they may do so on their own, otherwise they will need to
contact the library
To test:
1 - Apply patch, updatedatabase
2 - Set 'Password expiration' for a patron category
Home-> Administration-> Patron categories-> Edit
3 - Create a new patron in this category with a userid/password set,
and an email
4 - Confirm their password_expiration_date field is set
SELECT password_expiration_date FROM borrowers WHERE borrowernumber=51;
5 - Create a new patron, do not set a password
6 - Confirm their password_expiration_date field is NULL
7 - Update the patron with an expiration to be expired
UPDATE borrowers SET password_expiration_date='2022-01-01' WHERE borrowernumber=51;
8 - Give the borrower catalogue permission
9 - Attempt to log in to Straff interface
10 - Confirm you are signed out and notified that password must be
reset
11 - Attempt to sign in to OPAC
12 - Confirm you are signed out and notified password must be reset
13 - Enable password reset for the patron's category and perform a
password reset
Note: you will have to find the link in the message_queue unless
you have emails setup on your test environment
SELECT * FROM message_queue WHERE borrowernumber=51;
14 - Confirm that you can now sign in and password_expiration_date field
is set 10 days in the future
15 - Expire the patron's password again
16 - Change the patron's password via the staff interface
17 - Confirm they can sign in and the expiration is updated
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
TEST PLAN:
1) Enable shibboleth by adding shibboleth to koha-conf.xml, you can do
this by following
https://wiki.koha-community.org/wiki/Shibboleth_Configuration#Using_AD_FS_Metadata
2) If you are logged in Koha, log out, on the login screen the text
at the top should say the following, "Log in using a Shibboleth
account"
Sponsored-by: Catalyst IT
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch cleans up login.css a little bit so that the same style rules
which apply to the login screen apply to the 2FA input form as well.
The patch also changes the "Log out" link on the 2FA form to a "Cancel"
link alongside the "Verify" button.
To test, apply the patch and start the process of logging in to the
staff client using an account with 2FA enabled.
On both the login form and 2FA code views, confirm that everything is
styled consistently.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patchset introduces the Two-factor authentication (2FA) idea in
Koha.
It is far for complete, and only implement one way of doing it, but at
least it's a first step.
The idea here is to offer the librarian user the ability to
enable/disable 2FA when logging in to Koha.
It will use time-based, one-time passwords (TOTP) as the second factor,
an application to handle that will be required.
https://en.wikipedia.org/wiki/Time-based_One-Time_Password
More developements are possible on top of this:
* Send a notice (sms or email) with the code
* Force 2FA for librarians
* Implementation for OPAC
* WebAuthn, FIDO2, etc. - https://fidoalliance.org/category/intro-fido/
Test plan:
0.
a. % apt install -y libauth-googleauth-perl && updatedatabase && restart_all
b. To test this you will need an app to generate the TOTP token, you can
use FreeOTP that is open source and easy to use.
1. Turn on TwoFactorAuthentication
2. Go to your account, click 'More' > 'Manage Two-Factor authentication'
3. Click Enable, scan the QR code with the app, insert the pin code and
register
4. Your account now requires 2FA to login!
5. Notice that you can browse until you logout
6. Logout
7. Enter the credential and the pincode provided by the app
8. Logout
9. Enter the credential, no pincode
10. Confirm that you are stuck on the second auth form (ie. you cannot
access other Koha pages)
11. Click logout => First login form
12. Enter the credential and the pincode provided by the app
Sponsored-by: Orex Digital
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adjust:
Intranet login
Opac-main
Opac-main - 'log in to your account modal'
To test:
Login at the three places above
Confirm html shows autocomplete off on the fields
Confirm logins work
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
In most authentication forms we see :
Fields "Login:" and "Password:" with a submit button "Log in".
In some places submit button contains "Login", which is confusing for translation.
It is not correct according to terminology https://wiki.koha-community.org/wiki/Terminology#L
Also in opac-user.pl ":" is missing, it generates new translation entries.
Test plan:
1) Log out if you are logged in
2) Go to staff interface
3) Check you see button "Log in"
4) Go to OPAC page /cgi-bin/koha/opac-user.pl
5) Check you see fields "Login:" and "Password:"
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Swapped the order of the page titles to have the unique information
first, i.e. the name of the specific page displays first, and the name
of the website (e.g. Koha) displays at the end.
To test:
1) Apply patch
2) Esnure each othe files auth.tt, admin/transfer_limits.tt and
circ/transfers_to_send.tt have page titles that are swapped around to
display the most unique information first, and the wensite name is at
the end
3) Esnure the pages displayed on the Staff Client that correspond to
these files also display the changes
Sponsored-by: Catalyst IT
JD amended patch: remove dup "IP address change"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Indentation fixes for readability
Cleaned up a few places where the ability to login otherwise was leakign through
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
JD amended patch: Remove trailing spaces
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch replaces remaining instances of <script type="javascript"> in
templates with "<script>."
To test, apply the patch and check the changes to the template. Verify
that the changes look correct.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix "submit is not a function error"
A submit button should not be named "submit", in this case, it's id.
https://stackoverflow.com/questions/833032/submit-is-not-a-function-error-in-javascript
Fix some uses of get_attribute()
Fix a fail by setting a global implicit_wait_timeout, default value is 0
in our lib. Other libs set it higher which helps to not have to manually
deal with part of the timing issues.
Fix: remove usage of click_when_visible() because it doesn't work with
elements not in the top of the page. Because they are off screen.
Fix: use $driver->quit() in error_handler to not forget an open Firefox.
With the current version, it fills /dev/shm and fails with around 5
Firefox opened.
Also use quit() it at the end of every script.
Fix: filling item fields, to fill only the displayed one (not those
with display:none)
== Test plan ==
1. Update selenium/standalone-firefox to the latest version [1]
2. prove t/db_dependent/selenium/authentication.t
3. It fails with: arguments[0].form.submit is not a function
4. Apply patch
5. Retest
6. Success
[1] In koha-testing-docker you can do it with
docker-compose.yml:
selenium:
- image: selenium/standalone-firefox:2.53.1-americium
+ image: selenium/standalone-firefox
Signed-off-by: Mason James <mtj@kohaaloha.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch updates the html_helper for the cash register selection block
to remove the 'empty option' such that it can be correclty set for each
select case and updates all existing cases where we used the process
block previously to include the relevant blank option '-- Select an
option --', '-- None --', 'Library default' and finally the new '-- All
--' options introduced with this bug.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The hidden attribute for loading an element hidden is known to have
issues and inconsistencies accross browsers.
This patch instead updates the relevent input options to use an inline
style of 'display: none' to hide the elements on page load and then
.show, .hide for subsquent changes linked to the library branch picker
change.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch hides the register selection option from the login page if no
registers have yet been defined on the system.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The trailing space after branch in the class attribute for the register
select options cause issues in the 'hasClass' javascript selector
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates 'Branch default' to 'Library default' on the login
page to match the coding terminology guidelines.
We also update the table heading on the cash registers management page
to match the terminology above for clarity.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If no branch is selected (i.e. 'My library') then we should default to
'branch default' if one is defined for the users library at login.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the saved reports page so that it remembers, for the
duration of the browser session, the last active tab.
To test you should have multiple reports in multiple report groups.
Apply the patch and go to Reports -> Saved reports.
- Select a tab to filter the table of saved reports to a particular
report group.
- Navigate away from the page
- Return to the save reports page. The tab you previously selected
should be selected again.
- Restart your browser and return to the saved reports page. The tab
should no longer be preselected.
Update: The tabs filtering JavaScript has been moved to a separate
function so that the function can be triggered by both the "create"
event (when the tabs are initialized) and the "activate" event (when a
tab is selected).
Update II: Persistence is now enable through localStorage instead of
Cookies. The localStorage item is now cleared during the logOut
function.
Update III: The logOut() function in staff-global.js is now called by
auth.tt to ensure that tabs are not remembered across sessions.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
I missed a case on the authentication page with the prior patch of the
same name.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
You should be able to add desk choice when you are logging in or
changing library.
Test plan:
1. apply patch
2. have at least three libraries, one without desk, one with one and
one with a few.
3. At login, when choosing a library, it should enable all desks it
has. Pick one.
4. the desk id and name should be set in your session and appear in
the top right, next to the library name.
5. change library and desks from intranet (at the set-library.pl page)
6. you should have the same behaviours
7. if you have a library without a desk, it should prompt you a '---'
option and no desks will be attached to the session.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch removes the use of jquery.cookie to store "last patron"
information, using localStorage instead. jquery.cookie.js is obsolete.
See Bug 24624.
localStorage has been chosen as an alternative in this situation because
it does not require transmission between the client and the server. See
Bug 12410.
Because there is no "session only" option with localStorage, additional
handling of the showLastPatron data is added to the login page. That
takes care of "stale" last patron information if user didn't log out but
the session expired for some reason.
To test apply the patch and enable the showLastPatron system preference.
1. Load a patron's account for checkout
2. Navigate away from patron-related pages: Perform a catalog search
from the search header form and open the detail page from the search
results. Confirm that the correct last patron information still
shows.
3. Load another patron's account for checkout
- There should now be a "Last patron" link in the breadcrumbs bar
which links to the patron in step 1. Hovering your mouse over the
link should display a tooltip containing the patron's name and
card number.
- Click the "X" to clear the last patron information. The last
patron link should go away.
4. Log out and log back in. The last patron information should be gone.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The return URL that is part of the link to CAS login is double-escaped on the staff login page.
It appears that this is the same issue as bug 21973 but in the staff intranet template. I have attached an identical patch for the intranet auth.tt file.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes the templates relying on the OpacResetPassword syspref
use the introduced TT plugin method instead by changing:
[% IF Koha.Preference('OpacResetPassword') %]
=>
[% IF Categories.can_any_reset_password %]
To test:
- Verify that all the places in which the 'forgot password' link is
displayed in OPAC keep working, provided there's at least one category
that has the flag set
- Attempt to recover the password for a patron that belong to a valid
category (i.e. that has the flag set)
=> SUCCESS: You can go through the normal process
- Attempt to recover the password for a patron that belongs to a
category with the flag unset.
=> SUCCESS: Once Koha identifies your category, you are told you are not
allowed to do it
- Sign off :-D
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>