TO test:
1 - Be signed in to Koha
2 - Add a manual invoice to an account, works fine
3 - Now do it via url: http://localhost:8081/cgi-bin/koha/members/maninvoice.pl?borrowernumber=5&type=test&amount=5&add=Save
4 - Apply patches
5 - Test that everything continues to work as expected (but more securely)
6 - Try adding a new invoice via URL
7 - Should get 'internal server error' and wrong csrf token in logs
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a required JS asset to the patron API key interface.
Without it, JS-based functions in the toolbar do not work.
To test you must have RESTOAuth2ClientCredentials enabled.
- From a patron detail page, choose More -> Manage API keys.
- Test the toolbar buttons on this page, especially "Search to hold"
and the various print options.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
No need to add more information here, it's self-explanatory...
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Move memcached from suggested to depends for Debian packages.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
libhttp-oai-perl in Stretch is 4.03 and broken. Koha depends on
libhttp-oai-perl << 4 for that reason. To make the installation of Koha
on Stretch as easy as possible, this patch adds the alternative
libhttp-oai-3.27-perl which we provide in the Koha repository.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This reverts commit f489d2034b.
This commit breaks the install process when using debian packages.
Reverting as we are very close to the 18.05.00 release
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
translated_language is not a Koha::Patron's method but a simple variable
sent to the template.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Hmm. I would have liked the opac parameter even better ;)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This is the alternative patch of Kyle's
"""
If a hold is 'waiting' for the patron to collect then the patron should
be prevented from cancelling the hold via their account in the opac.
If a patron tries to cancel the hold, Koha will give an 'are you sure'
alert and when you click Yes the page just refreshes and the hold
remains.
Staff can cancel the hold from the staff interface but they can then
action the waiting hold.
I think therefore that it is correct behaviour that a patron cannot
cancel a hold when it reaches waiting state via the opac but it would be
useful to either have a warning to prevent the cancellation or a useful
message when they attempt to do so.
The template was using a method that tells Koha if *staff* can cancel a
hold,
instead of patron.
Test Plan:
1) Set up a waiting hold
2) Try to cancel it from the opac
3) Note you cannot
4) Apply this patch
5) Reload the page
6) Note the cancel button has disappeared for found holds
"""
It sounds better to keep the ->is_cancelable method, for readability
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The RoutingListAddReserves feature currently doesn't work as
expected (see bug 2894) and should be turned off for new
installations until properly fixed.
To test:
- Run the web installer
- Confirm that RoutingListAddReserves is set to "Don't place"
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Before there is no href.
After there is.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
As we don't have a fix yet to link to the right translated manual,
this adds /en to the links from the help files to the manual to
make them work again.
Check with both patches applied, that the links work.
You will have to change 17.11 to 18.05.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The numbering in front of the chapter file names has been removed,
so the links need to be adapted accordingly.
Note:
Testing this in master currently won't work for 2 reasons:
- We are still using 17.11 as version variable, will be 18.05 later.
- We are missing the lanugage code before /html and this leads
to an outdated version of the 18.05 manual.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
We need to call Koha::Hold->set_waiting to correctly
calculate the expiration date.
It fixes a regression introduced by
commit 26634151db
Bug 12063 - Fix QA failures
The expiration date has to be set for waiting holds
== Test plan (time to execute: less than 4min) ==
1. Set ReservesNeedReturns to "Don't automatically"
2. Place a hold on a specific item
3. Check it in and confirm hold
4. The hold should have an expiration date
record page → Hold → "Expiration" column
5. It should be listed in staff:/cgi-bin/koha/circ/waitingreserves.pl
6. Set ReservesNeedReturns to "Automatically"
7. Place a hold on a specific item
(which should also behave like we check the item in to
keep it for the patron)
8. The hold should have an *empty* expiration date
record page → Hold → "Expiration" column
9. Holds awaiting pickup page should crash
staff:/cgi-bin/koha/circ/waitingreserves.pl
10. Cancel the hold to remove the corrupted data
record page → Hold → the red X
11. Apply this patch
12. Place a hold on a specific item
13. The hold should have an expiration date (not empty)
14. It should be listed in staff:/cgi-bin/koha/circ/waitingreserves.pl
15. Celebrate!
Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Until HTTP::OAI is patched so it actually works, and bug 17704 fixes the API change Koha-side, we need to explicitly pull the right version. Otherwise people using Debian 9+ derived distros (Ubuntu 16.04+) are seeing production issues.
This implies packaging our custom libhttp-oai-perl distribution in the meantime.
This patch makes Koha require a version lower than 4.0.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Auto-generated file.
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Add CGI::Emulate::PSGI to PerlDependencies.pm
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
t/Koha_Template_Plugin_KohaPlugins.t is DB dependent.
This patch moves it to t/db_dependent/
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
And not only if the entry is missing. We should do the same for other
entries.
Also, use Koha::UploadedFile->temporary_directory to know the fallback
value.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Upload creates its own upload folder in the temp folder, so there is no
need to add another level in temporary_directory.
Removing the creation of this folder in koha-create-dirs too.
Also removing the use Koha::UploadedFiles in about.pl. No longer needed.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Line 463 lists valid parameters, but it was missing
upload-tmp-path: which resulted in the koha-create
saying it is an invalid parameter.
TEST PLAN
---------
1) apply all patches but this.
2) sudo perl ~/misc4dev/cp_debian_files.pl
3) restart_all
4) sudo koha-create --create-db --upload-tmp-path unique-path
awesome-test-name
-- Fails to run.
5) apply this patch
6) repeat 2-4
7) sudo vi /etc/koha/sites/awesome-test-name/koha-conf.xml
-- the upload_tmp_path entry should have unique-path
in it.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes about.pl warn about a missing upload_tmp_path entry in
koha-conf.xml. It also mentions the effectively used tmp dir.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes Koha::UploadedFile->temporary_directory try to use the
new configuration entry. It will fallback to File::Spec->tmpdir
otherwise.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds an option to the koha-conf.xml file for specifying
a temporary uploaded files directory.
The koha-create script is adjusted to handle it and a convenient option
switch is added. If ommited, it will default to
/var/lib/koha/<instance>/uploads_tmp.
koha-create-dirs is patched to create the required directory with the
right permissions.
The docs get the new parameter documented.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Extended patron attributes are a very useful feature that should be
more obvious. We should activate them by default for new installations.
For testing:
- Run the web isntaller on an empty database
- Check that after installation ExtendedPatronAttributes is turned on
Signed-off-by: Charles Farmer <charles.farmer@inLibro.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Easy change, should be able to verify with code review or testing with
dummy values
To test:
1 - Put some values in baker and taylor prefs (don't need to be valid)
2 - Do a search on the opac (and have some items with isbns)
3 - Inspect the cover images links to ensure they are formed correctly
4 - prove -v t/External/BakerTaylor.t
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1 - Setup a staff patron with permissions:
- catalogue
- reserveforothers
- course_reserves
2 - Log in to staff client as that patron
3 - Find a record and click to place a hold
4 - Type more than three letters into the search bar but don't submit
5 - Note that you will not receive autocomplete results
6 - Either submit, or try to visit any page in staff client
7 - Your session has been expired, you must log in again
8 - Log in, go to course reserves
9 - As before, trigger the autocomplete search in the instrcutor field
10 - Again your session has been terminated
11 - Apply patch
12 - Repeat above actions, this time you will not be kicked out
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a message to the user to let them know the subscription
have been renewed successfully.
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
- No string extrapolation needed on SQL queries
- '== undef' must be written 'if not defined'
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
Run t/db_dependent/Budgets.t.
Without both patches, running the test is slower than with only the first
or both patches.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patches reduces the number of SQL calls by combining multiple calls to the recursive functions GetBudgetSpent(), GetBudgetOrdered(), etc. into 4 big queries.
It also removes duplicate function calls from acqui-home.pl
Test plan:
0) Visit Acquisition home
0) Apply patch
1) Refresh page. It shoud look identical.
2) prove t/db_dependent/budgets.t
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If PatronSelfRegistrationVerifyByEmail and
PatronSelfRegistrationEmailMustBeUnique are set, it should not be
possible to register twice with the same email.
However the test is made on already created patron cards when the
registration is done.
Which means it is possible to register several times with the same
email address and click on the registration link to finalise the
registration.
This patch adds a test when the registration link is clicked and display
the "Registration invalid" generic message if the same email is used
Test plan:
1. Patron submits self registration form using the same email address 3
times
2. Patron receives 3 verification emails
3. Patron clicks on 3 verify token URLs
=> Only the first registration should succeed, the 2 others must fail
Maybe we should display a more specific message?
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
