- in various acquisition pages and serials home
- in database : biblioitems.ean
- adds ean and its mapping in default english bibliographic framework
- adds ean mapping in default french bibliographic framework
- ean search is not enabled for MARC21
The required mapping between the ean marc field and the biblioitems.ean
database field will be automatically added on an existing unimarc installation.
However, if you already have records with ean, you will have to
run misc/batchRebuildBiblioTables.pl to populate biblioitems.ean
Signed-off-by: jmbroust <jean-manuel.broust@univ-lyon2.fr>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Passed QA at second run. Removed a merge marker only.
This adds a new syspref: AllowPKIAuth. It can have one of three states:
* None
* Common Name
* emailAddress
If a) this is set to something that's not "None", and b) the webserver
is passing SSL client cert details on to Koha, then the relevant field
in the user's certificate will be matched up against the field in the
database and they will be automatically logged in. This is used as a
secure form of single sign-on in some organisations.
The "Common Name" field is matched up against the userid, while
"emailAddress" is matched against the primary email.
This is an example of what might go in the Apache configuration for the
virtual host:
#SSLVerifyClient require # only allow PKI authentication
SSLVerifyClient optional
SSLVerifyDepth 2
SSLCACertificateFile /etc/apache2/ssl/test/ca.crt
SSLOptions +StdEnvVars
The last line ensures that the required details are
passed to Koha.
To test the PKI authentication, use the following curl command:
curl -k --cert client.crt --key client.key https://URL/
(look through the output to find the "Welcome," line to indicate that a user
has been authenticated or the "Log in to Your Account" to indicate that a
user has not been authenticated)
To create the certificates needed for the above command, the following series
of commands will work:
# Create the CA Key and Certificate for signing Client Certs
openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt
# This is the ca.crt file that the Apache config needs to know about,
# so put the file at /etc/apache2/ssl/test/ca.crt
# Create the Server Key, CSR, and Certificate
openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
# We're self signing our own server cert here. This is a no-no in
# production.
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key \
-set_serial 01 -out server.crt
# Create the Client Key and CSR
openssl genrsa -des3 -out client.key 1024
openssl req -new -key client.key -out client.csr
# Sign the client certificate with our CA cert. Unlike signing our own
# server cert, this is what we want to do.
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key \
-set_serial 02 -out client.crt
openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12
# In theory we can install this client.p12 file in Firefox or Chrome, but
# the exact steps for doing so are unclear, and outside the scope of this
# patch
Signed-off-by: Jared Camins-Esakov <jcamins@cpbibliography.com>
Tested with Common Name and E-mail authentication, as well as with PKI
authentication disabled. Regular logins continue to work in all cases when
SSL authentication is set to optional on the server.
Signed-off-by: Ian Walls <koha.sekjal@gmail.com>
QA comment: synchronized updatedatabase.pl version of syspref with sysprefs.sql
version, to avoid divergent databases between new and upgrading users.
- system preference RoutingSerials and user permission routing
should be taken into account
- print routing list should be independent from routing permission
To test, compare to master and check:
1) If system preference RoutingSerials is OFF, routing list functionality is
not visible in the templates.
2) If system preference RoutingSerials is ON, but user doesn't have routing
permission, routing list functionality is not visible in templates,
with exception of 'print list' on the serial collection page.
3) If system preference RoutingSerials is ON and user has routing permissions,
all routing links are visible (serial collection, serials navigation,
result list of serial search)
Additional changes:
Changed labels on templates to match HTML4 rule from coding guidelines.
http://wiki.koha-community.org/wiki/Coding_Guidelines#Upper_and_Lower_cases_in_strings
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
This patch adds a C4::Search to subscription-detail.pl to compensate for a removed
one from auth.pm during the denesting effort.
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
Bug 7546 Do not call routine as bareword
Fixes compilation errors due to calling routine without parens
Also nothing was gained (and obfuscation added) by forcing
the return into a hash ref have changed variable to hash
tidied up the if else chain
These routines should be refactored out future
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
bug 7546 follow-up, enabled_staff_search_views problem
* enabled_staff_search_views was not exported by C4::Search, should have been
* serials/serials-edit.pl were also missing it
Comments:
* checked with for file in */*.pl; do perl -wc $file; done that no script was still having this problem
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
Final sign off for all 3 patches
Note: I had some problems with tests, but it is probably related to my data and not this patch.
getroutinglist returns a count variable to indicate how many elements
are in the array. This is almost always a serious code smell. (We are
programming in a list manipulating language) The routine was executing
am unnecessary loop just to maintain that var.
Removed the variable from the routine and perldoc
refactored calls of the routine removed the c-style loops for
more idiomatic and maintainable for loops
renamed some opaquely named variables
removed a call to the routine where nothing was done with the data
moved some html out of the calling script and into the template
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Paul Poulain <paul.poulain@biblibre.com>
- Adds location dropdown to subscription edit form
- Pulls authorised value for display on subscription detail page
- Adds function for pulling authorised value description based
on category and value
This patch does NOT implement automatic preselection of the shelving
location form field on the serial add item screen. This must be
worked out in order for the bug to be closed.
Signed-off-by: Colin Campbell <colin.campbell@ptfs-europe.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Two duplicate calls to GetSerials appear to have been merged in
to no purpose other than to generate warnings
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
If we really wanted to delete all items linked to a subscription when we delete a subscription
we should change the database structure as such :
ALTER TABLE serialitems ADD FOREIGN KEY ( itemnumber ) REFERENCES items (itemnumber) ON DELETE CASCADE ;
ALTER TABLE serial CHANGE subscriptionid subscriptionid INT( 11 ) NOT NULL
ALTER TABLE serial ADD INDEX subscription ( subscriptionid )
ALTER TABLE serial ADD FOREIGN KEY ( subscriptionid ) REFERENCES subscription (subscriptionid) ON DELETE CASCADE ;
Remove some superfluous variables
Simplify some loops over lists
Fix generated warnings
Strip whitespace from line endings
Signed-off-by: Galen Charlton <gmcharlt@gmail.com>
Before this patch, we used to test for flags == 1, which was wrong when patron had all privileges.
This patch just adds a %2 to check that patron has superlibrarian privilege, and maybe something else we don't care.
I think I fixed it everywhere except in acquisition, that will be addressed by BibLibre new acquisition module.
Signed-off-by: Galen Charlton <galen.charlton@liblime.com>
When viewing the subscription details page of a bib that already
has at least one subscription, clicking on the 'New Subscription'
button in the toolbar will fill in the biblionumber and title
in the new subscription form.
Clicking on the 'New Subscription' button in other context (e.g.,
when viewing the results of a search) will leave the biblionumber
and title fields unpopulated, as there is no specific bib to
use.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
This patch resolves bug 1580 and addresses the modification of firstacquidate as per hdl's comments.
I have also removed some useless javascript from subscription-detail, and just reported the number of
irregular issues there (previously was reporting nothing since the js was broken).
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
The history start date and enddate is also useful to modify manually for the same reason : your serial collection may be older than your Koha serial management.
This commit reintroduce the feature.
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
librarian can edit only subscriptions on branches of his or subscription with no branch now.
cannotedit is a calculated value in Mysql and transfered for process.
Signed-off-by: Chris Cormack <crc@liblime.com>
Signed-off-by: Joshua Ferraro <jmf@liblime.com>
So this implies quite a change for files.
Sorry about conflicts which will be caused.
directory Interface::CGI should now be dropped.
I noticed that many scripts (reports ones, but also some circ/stats.pl or opac-topissues) still use Date::Manip.
