We inadvertantly adding a little more than just the bookings table js
into it's own asset. This patch moves that code back and also renames
the asset file to /tables/bookings.js from /bookings-table.js as is the
scheme we're attempting to follow now (see '/modals/').
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
No functionality change, follow the original test plan and make sure the
table is displayed correctly on both screens:
<intra>/cgi-bin/koha/circ/circulation.pl?borrowernumber=
<intra>/cgi-bin/koha/members/moremember.pl?borrowernumber=1
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
For reusability
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch makes it so that the patron bookings table loads properly from teh checkout page. Previously, it was only loading correctly from the details page.
To test:
1. Create an item bookable.
2. Book an item for a patron.
3. Go to the patron's checkout page.
4. See they have a Booking (1) in their tab.
5. Click this tab, but nothing appears.
6. Apply patch, restart_all
7. See they still have a Booking (1) in their tab.
8. Click this tab, table loads as expected.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch adds placeholder text to the OPAC search bar, with JavaScript
to change the placeholder based on the user's search type selection.
To test, apply the patch and go to the OPAC.
- The search bar should by default have the placeholder "Search the
catalog by keyword"
- Change the search type (Author, Title, etc). The placeholder text
should change accordingly.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
APPLY PATCH and restart_all
1. Have a patron with and some holds and different priority.
2. Go to the patron account and click Print > Print summary
3. Notice the new holds priority column.
Note: Table settings don't work on these tables. See Bug 36475.
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch moves the IntranetmainUserblock system preference into HTML
customizations, making it possible to have language- and
library-specific content.
To test you should have some content in the IntranetmainUserblock
system preference before applying the patch. Apply the patch and run
the database update process.
- In the staff client, go to Tools -> HTML customizations and verify
that the content from IntranetmainUserblock is now stored there.
- The HTML customization entry form should offer IntranetmainUserblock
as a choice under "Display location."
- Update and reinstall active translations (for instance fr-FR):
- perl misc/translator/translate update fr-FR
- perl misc/translator/translate install fr-FR
- Enable the translation if necessary under Administration -> System
preferences -> language.
- Edit the IntranetmainUserblock HTML customization and add unique
content to the "fr-FR" tab.
- Go to the staff client home page. You should see the
content you added to the IntranetmainUserblock HTML customization.
- Switch to your updated translation and confirm that the content you
added for your translation shows up correctly.
- Go to Administration -> System preferences and search for
"IntranetmainUserblock." It should return no results.
Sponsored-By: Athens County Public Libraries
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
CAS is an abbreviation and should use capital letters.
Test plan:
1. Enable the casAuthentication system preference.
2. Logout and view the login form.
3. Note that it says "Cas login".
4. Apply the patch.
5. Refresh the login page.
6. Note that it now says "CAS login".
7. Sign off.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Set up autorenewals bu adjusting circulation rules:
'Automatic renewal' -> 'Yes'
'No automatic renewal before' -> 5
2. Set 'AutoRenewalNotices' to 'according to patron messaging preferences'.
3. Set an AUTO_RENEWALS and AUTO_RENEWALS_DGST notice to include branch info. I am using this to test:
Branchcode: [% branch.branchcode %]
Branch name: [% branch.branchname %]
Branch address: [% branch.branchaddress1 %]
Branch address2: [% IF branch.branchaddress2 %][% branch.branchaddress2 %][% END %]
Branch city: [% branch.branchcity %], [% branch.branchstate %] [% branch.branchzip %]
4. Make sure your branch has the proper infro. filled out in Libraries administration.
5. Find a patron and adjust the messaging preferences so they receive automatic renewal notices. Also make sure the patron has an email.
5. Check out some items and make them due with the next 5 days.
6. Run the automatic_renewal cron job:
perl /kohadevbox/koha/misc/cronjobs/automatic_renewals.pl -c -v
7. Notice no branch information displays.
8. APPLY PATCH
9. Checkout items from multiple issuing branches to a single patron.
10. Make sure the patron's messaging prefs are set to revieve NON-digestable notices.
11. Run the automatic renewal job, each notice should include the branch information from the issuing library.
12. Change the patron's messageing preferences to receieve digestable notices.
13. Run the job without the --digest-per-branch flag. You should get a single notice with the branch info. coming from the patron's home branch.
14. Run the job with the --digest-per-branch flag. You should get seperate digested notices with the branch info. coming from the issueing library branch.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
If suggestions are archived before their status is changed to something other than "Pending", they still appear on the intranet home page and the acquisitions home page as suggestions to be managed.
WITHOUT PATCH:
1. Go to Acquisitions > Suggestions
2. Click on New purchase suggestion
3. Fill in the form (title only is fine)
4. Click on Submit your suggestion
5. Go to the home page (click the Koha logo)
--> Notice it says that there is 1 pending suggestion
6. Go to Acquisitions
--> Notice it says that there is 1 pending suggestion
7. Go to Suggestions
8. Click on the up arrow to the right of the Edit button and choose Archive
--> There are no more pending suggestions
9. Go to the home page (click the Koha logo)
--> Notice it says that there is 1 pending suggestion
10. Go to Acquisitions
--> Notice it says that there is 1 pending suggestion
The search function was fetching suggestions without considering the
"archived" field. I now pick only suggestion that are pending AND not
archived.
WITH PATCH:
9. Go to the home page (click the Koha logo)
--> Notice it says that there is no pending suggestion
10. Go to Acquisitions
--> Notice it says that there is no pending suggestion
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
The bug report addresses an issue where the message "Item was not checked in" erroneously appears during the second POST after a manual or modal check-in process.
1. In circ/returns.pl:
- Introduced a new hash `%rinot_returned` to track items not returned across pages.
- Updated the logic to capture the "not returned" status from the query parameters.
- Adjusted the input processing loop to include `not_returned` status.
- Modified the section handling barcode check-ins to appropriately initialize and update the `not_returned` status.
2. returns.tt:
- Added hidden input fields in the template to include `not_returned` status in the form submissions.
The changes ensure that the "not_returned" status is correctly tracked and displayed, preventing the erroneous message from appearing on subsequent POST requests.
1. Perform a manual check-in of an item, but make some warning modal appear: for ex., transfer: check-in the item in not home library.
2. Press OK on the modal. There will be a POST transition again to redraw the checked-in items list.
3. Verify that the "Item was not checked in" message appears erroneously near the item's row.
4. Apply the patch.
5. Repeat steps 1-3 and check that there will be no erroneous "Item was not checked in" message.
Signed-off-by: Tadeusz „tadzik” Sośnierz <tadeusz@sosnierz.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch fixes an incorrect usage of the API which was only returning 20 results.
Test plan:
1) Go to ERM module and make sure you have more than 20 data providers stored in your database.
1) (Optional) Run the following command (k-t-d) to create 21 data providers:
perl -MKoha::Database -e '
my $schema = Koha::Database->schema;
$schema->resultset("ErmUsageDataProvider")->create({
name => "name ".$_
}) for (1..21)
'
2) Go to eUsage / reports and create new report (cgi-bin/koha/erm/eusage/reports)
3) Check that only the first 20 data providers are displayed in the drop down
4) Apply patch
5) yarn build or reset_all to rebuild the javascript
6) Repeat steps 1-3, all providers should now be displayed
PA amended patch: Updated commit message test plan
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Somewhere along the line we lost the 'bookings_count' class in the
bookings tab display on the patron details and circulation page.
This patch restores is and as such also restores the correct count
numbers on 'place booking' and 'cancel booking' actions on those pages.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
I actually already started to remove this in another bug, but it makes
sense to do it here where we're introducing the 'active' filter. I'm in
agreement that this should probably always have been an 'active' rather
than 'future' filtering.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Currently the bookings tab on a biblio details and patron details use 'filter_by_future'
which lists upcoming bookings.
Libraries would like to see upcoming, and active bookings in these cases, and we should add a filter
for bookings that have not ended.
NOTE: This removes the only uses of filter_by_future, but I preserve this for Martin's decision as the creator
of the bookings module
To test:
1 - Make an item bookable from the items tab on a record details
2 - Return to details view and place a booking
3 - Note sidebar says "Bookings (1)"
4 - Make the booking current from the DB:
UPDATE bookings SET start_date=NOW() WHERE biblio_id={biblionumber};
5 - Reload the page
6 - Note the count is now "Bookings (0)"
7 - View the patron's details page - note "Bookings (0)" and none listed
8 - Apply patch
9 - Reload biblio details, note Bookings(1)
10 - Reload patron details, note Bookings(1) and booking is listed
11 - End the booking:
UPDATE bookings SET end_date=NOW() WHERE biblio_id={biblionumber};
12 - Confirm booking no longer listed on biblio or patron details
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Transfering a rotating collection will mark the items contained in the collection as "Transit pending..." and it will trigger a javascript error in the bibliographic record detail page that breaks the holdings table, leaving it caught in the "Processing..." message. This patch fixes that.
The javascript messages gives this error in the console tab:
Uncaught TypeError: Cannot read properties of undefined (reading 'str')
The error comes from using from_library_ insted of from_library in the file koha-tmpl/intranet-tmpl/prog/en/includes/html_helpers/tables/items/catalogue_detail.inc
Test plan:
1 Create a rotating collection
2 Add at least an item to the collection
3 Transfer the rotating collection
4 Check the detail page of the bibliography record of any of the items that belong to that collection in the Intranet. Notice that the holdings table gets stuck "Processing..." and that there is a Javascript error
5 Apply patch, restart services
6 Repeat step 4. Now the holdings tab works as intended and the item from the collection shows up with the text "Transit pending from..." in the Status column
7 Sign off
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch removes cud- from the search op and chanegs the form
submission to GET
To test:
1 - Search authorities on OPAC for 'a'
2 - Click page 2
3 - You get the search form
4 - Apply patch, restart all
5 - Repeat search, confirm it works
6 - Click page 2
7 - Confirm you get next results
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Linking an authority subfield to an authorized value just leaves a blank
in the form rather than creating a <select>, because there's a stray cud-
in the type returned from build_authorized_values_list.
Test plan:
1. Without the patch, Administration - Authority types - Actions menu for
Default - MARC Structure
2. Actions menu for 040 - Subfields
3. Edit subfields - Tab b - Authorized value - set to LANG - Save changes
4. Authorities - New authority - Default
5. In 040 tag, click CATALOGING SOURCE to expand the tag
6. Note that subfield b has a blank space rather than a dropdown menu
7. Apply patch, restart_all
8. Authorities - New authority - Default
9. In 040 tag, click CATALOGING SOURCE to expand the tag
10. Note that subfield b has a dropdown menu listing language names
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
1. In Administration - Patron attribute types verify you have the default
SHOW_BCODE using the YES_NO authorized value
2. Tools - Batch patron modification, add a patron card number or
borrowernumber and continue
3. For Patron attribute select Show barcode on the summary screen item
listings, and note that you get a blank text input rather than a select
menu with Yes and No choices
4. Apply patch, restart_all
5. Repeat step 2 and 3, but note that you now get a Yes/No select menu
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Adjust aqbudgets.pl and currency.pl to check for the correct op value
To test:
Part 1 - Delete a fund
1. Go to Acquisitions > Funds
2. Try to delete a fund
--> Confirmation page shows fund name as '' and fund amount as 0.00
3. Click "Yes, delete this fund"
--> The fund is still there
Part 2 - Delete a currency
3. Go to Acquisitions > Currencies
4. Try to delete a currency
--> Confirmation shows empty values for currency and rate
5. Click, "Yes, delete this currency"
--> An error message appears and the currency is not deleted
6. Apply patch and restart_all
7. Repeat steps 1-5
--> Confirmation pages display correct information, and deletions
occur successfully
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
The scripts for managing both bib and authority frameworks are now expecting
an op 'cud-delete_confirm' but delete_confirm isn't cud, it's just a GET of a
page asking if you are sure. The scripts just need to expect the op they are
actually getting, delete_confirm.
Test plan:
1. Administration - MARC bibliographic framework - New framework
2. Give the framework any code and description and Submit
3. Actions menu for your new framework - Delete
4. Note the message says 'Confirm deletion of framework '' ()?" rather than
having the code and description included.
5. Click Yes, note that deleting failed
6. Administration - Authority types - New authority type
7. Give the authority type any type and description and Submit
8. Actions menu for your authority type - Delete
9. Note the message again says '' () rather than 'desc' (FOO)
10. Click yes, note that deleting failed
11. Finally! Apply patch, reset_all
12. Repeat steps 1-10, this time noting that you get 'desc' (FOO) rather than
'' (), and that deleting works.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1. Go to Acquisitions > EDI Accounts
2. Create an EDI account if one is not already there
3. Try to delete the EDI account
--> Page refreshes and nothing happens
4. Apply patch, restart_all, and refresh the page
5. Try to delete the EDI account again
--> A confirmation page displays with correct information
6. Click "Yes, delete"
--> The EDI account is deleted
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
For reasons unknown, GetOptions is inserting an empty string into the letter_code list. If you are running the script with a letter code filter, the empty string is added to the OR so it functions. If no letter_code is passed, the search requires the letter code to be an empty string, which will of course fail. Even more perplexing is that this does not happen for the type list which is essentially identical code.
Test Plan:
1) Generate some messages in the message queue
2) Run `process_message_queue.pl -v -c`
3) Note nothing happens
4) Apply this patch
5) Repeat step 2
6) Messages are sent!
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This removes the MySQLism for FIELD(..).
In this case we just want to get the non-default records in
the front. So we can just test lang=default. And prevent inserting
$lang in the expression. And so prevent execution in ORDER BY.
No longer needing the ->quote call too.
Test plan:
Run Koha/AdditionalContents.t again.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
Run Koha/AdditionalContents.t without next patch.
Should fail on the sleep execution.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Same change.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Test plan:
Try to access opac-page.pl with a language not in OPACLanguages.
Verify that this 'language' was not passed to sql. Simplest perhaps
by debugging AdditionalContent.pm. Something like:
sub translated_content {
my ( $self, $lang ) = @_;
+warn "L137: $lang";
Now have a public additional_contents page and hit it:
/cgi-bin/koha/opac-page.pl?page_id=5&language=badsql
Check your log and find:
[2024/05/16 07:25:53] [WARN] L137: en at [etc] line 137.
So badsql was caught.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test:
1/ create a file named something like 'execute`curl blog.bigballofwax.co.nz`.zip'
Where the domain is one you can watch the logs from
2/ Upload this file as a cover image
3/ Check /var/lib/koha/sitename/tmp/koha_sitename/ and see unescaped filenames
4/ Choose process, check the logs of the webserver see the connection has been made
5/ Apply the patch
5/ Repeat 2 & 3 and see the filename is now escaped
6/ Choose process and check no errors but no no remote execution occurs
7/ Test uploading actual zip file and images still works
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+- to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Actually in _get_tt_params
The following query will delay the response
SELECT `me`.`biblionumber`, `me`.`frameworkcode`, `me`.`author`, `me`.`title`, `me`.`medium`, `me`.`subtitle`, `me`.`part_number`, `me`.`part_name`, `me`.`unititle`, `me`.`notes`, `me`.`serial`, `me`.`seriestitle`
, `me`.`copyrightdate`, `me`.`timestamp`, `me`.`datecreated`, `me`.`abstract`
FROM `biblio` `me`
WHERE `biblionumber` = '1) AND (SELECT 1 FROM (SELECT(SLEEP(6)))x)-- -'
ORDER BY field( biblionumber, 1 ) AND (
SELECT 1
FROM
SELECT SLEEP( 6 ) x
) -- - )
To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+- to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch refactors checkpw_internal to remove the SQL code, use patron ojbects, and return the
patron that correctly matches the userid/caerdnumber when auth is successful
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This patch moves some patron fetching code in C4/Auth to use to patron returned from the validation
methods and only try to fetch the patron (to check if locked, update attempts, etc) if we didn't authenticate
To test:
1 - Set a user to have userid = BANANA password = Password1
2 - Set a user to have cardnumber = BANANA password = Password2
3 - Hit the patron authentication API:
http://localhost:8080/api/v1/auth/password/validation
with data:
{ "identifier": "BANANA", "password":"Password1" }
and:
{ "identifier": "BANANA", "password":"Password2" }
4 - Note you receive the same response for both
5 - Apply patch, restart all
6 - Repeat the API and confirm you get the correct patron for the password submitted
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
This test is useless it seems, it is not testing background jobs
behaviour.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
We usually test if C4::Context->userenv, so we need to undef when
unsetting, not {} (evaluated true)
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Same pattern in Koha::Database
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Same pattern, remove dbh stack
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
