This patch defaults the holds pickup location to the items homebranch or the patron's branch when a group option is selected
for the hold fulfillment policy and the patron is not allowed to choose the branch on the OPAC
To test:
1 - Set 'Default checkout, hold and return policy' -> 'Hold pickup library match' to item's hold group or patron's hold group
2 - Set OPACAllowUserToChooseBranch to 'Don't allow'
3 - Try to place an item level hold on the opac
4 - Ka-boom, etiher:
The method Koha::Item->patrongroup is not covered by tests!
The method Koha::Item->itemgroup is not covered by tests!
5 - Apply patch
6 - Repeat
7 - Note the pickup location is set to either the patron's branch or the items homebranch
8 - Repeat plan with the other group setting
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1) Go to Admin -> system preferences and enable the TrackClicks syspref
(set to Track or Track anonymously)
2) Find a record in the staff client with an item. Edit the item and put
two external URLs in the Uniform Resource Identifier field, e.g.
"https://www.google.com/ | https://twitter.com/"
3) Search for that record in the OPAC. Notice the two links in the
holdings table.
4) Click a link and confirm that you are directed to a 404.
5) Apply the patch and refresh the page
6) Click a link and confirm that you are directed to the page as
expected
7) Go back to edit the record in the staff client and remove one of the
links from the URI field
8) Go back to the OPAC and confirm you can still access the link as
expected when there is only one URI
Sponsored-by: Catalyst IT
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The check methods were positioned under the 'Internal methods' section
of the meodule but are used externally.
It also felt strange to have a noop or die method. Instead, I propose
renaming them to `repeatable_ok` and `unique_ok` and returning a
boolean denoting their state.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If the pref KohaAdminEmailAddress was not set correctly (invalid email)
and has been used to generate message, the message_queue table can contain
some messages that are not sent (pending) and will be processed each
time a new self-reg is done.
The PatronSelfRegistrationVerifyByEmail feature must send only the
notice we just generated, not the whole pending queue.
Test plan:
1. Do not apply the patches
2. Set KohaAdminEmailAddress to an invalid email (root@localhost for
instance)
3. Turn on PatronSelfRegistrationVerifyByEmail
4. Self-reg a patron
5. Boom (that must be fixed on a separate bug report)
6. Set KohaAdminEmailAddress to a valid email (root@example.org)
7. Self-reg a patron
8. Still Boom! (because it's processing the first invalid email)
9. Apply the patches, restart_all
10. Self-reg a patron
=> The email is sent!
Notice the change in DB, the first email is still there with status
"pending" and second email is sent!
QA: at step 10. TODO first email must be 'failed' (highlight in tests)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch moves C4::Biblio::GetMarcNotes to
Koha::Biblio->get_marc_notes. This is so get_marc_notes can be
used in templates and notices.
To test:
1. Find a record that has a note (3xx for UNIMARC, 5xx for MARC21).
Confirm the notes still show as normal under the Descriptions tab.
2. Add the record to the cart.
3. View your cart and click 'more details'. Confirm notes show as
normal.
4. Log in to the OPAC. Find the record and add it to the cart
5. View the cart and click 'more details'. Confirm notes show as
normal.
6. View the record detail page and confirm the notes show as normal
under the Title Notes tab.
7. Confirm tests pass:
- t/Biblio.t
- t/db_dependent/Koha/Biblio.t
Sponsored-by: Bibliotheksservice-Zentrum Baden-Württemberg (BSZ)
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a new type of system preference entry option: patron
category. A preference with this type will show either a <select> with
patron categories to choose from or a multiple-select menu for choosing
one or more.
This prevents possible errors from incorrect category codes being
entered manually.
To test, apply the patch and run the database update.
- Go to Administration -> System preferences.
- Test each of the updated preferences to confirm that the available
options are correct and that your selections are correctly saved.
- Single category selections, PatronSelfRegistrationDefaultCategory
and GoogleOpenIDConnectDefaultCategory. With each of these you
should see a dropdown where you can select of all the existing
patron categories.
- Multiple selections, OPACHoldsIfAvailableAtPickup and
BatchCheckouts: These preferences should have an option for
selecting one or more system preferences at once.
- Test the pages affected by the updated system preferences:
- With BatchCheckouts enabled, confirm that the batch checkout page is
correctly limited by patron category.
- Set the OPACHoldsIfAvailableAtPickup preference to "Don't allow" and
select at least one patron category in the
OPACHoldsIfAvailableAtPickupExceptions preference.
- Log in to the OPAC as a patron whose category was not selected in
the OPACHoldsIfAvailableAtPickupExceptions preference.
- Try to place a hold on an item which is available at a library.
- When confirming the hold, the libraries where the item is available
should be disabled in the "Pick up location" dropdown.
- Repeat the process as a patron whose category was selected in
OPACHoldsIfAvailableAtPickupExceptions. There should be no disabled
pickup locations.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
$template->param(
+ koha_news => @all_koha_news,
We must not pass an array, the number of elements of the hash passed to the template may be inconsistent.
It's working because of an error earlier in the script:
+ @all_koha_news = &GetNewsToDisplay($news_lang,$homebranch);
GetNewsToDisplay returns an arrayref
Test plan:
Define at least 2 news to display on the OPAC main page
Hit opac-main.pl
=> All news are displayed
Click one
=> You see the single news you selected
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It seems that we don't really need all this overhead.
YesNo must be a boolean and contain 1 or 0.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If categorycode is selected in
PatronSelfRegistrationBorrowerUnwantedField and
PatronSelfRegistrationVerifyByEmail is turned on, the patron self registration
fails with
[You must provide a patron's category to validate password's strength
and length] at /usr/share/perl5/Exception/Class/Base.pm line 88
Test plan:
0. Select categorycode in PatronSelfRegistrationBorrowerUnwantedField
and turn on PatronSelfRegistrationVerifyByEmail
1. Self register a patron
2. Confirm that it works as expected with this patch applied.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch renames the systempreference to be a bit clearer and uses
explicit options rather than a yes/no
Additionally it standardizes the export from the advanced cataloging editor
with that from the details page
To test:
1 - Apply patches
2 - Update database and restart all the things
3 - Open a record in the advanced editor and save it as marc and xml
4 - Note the file name is 'bib-{biblionumber.{format}'
5 - Edit the syspref 'DefaultSaveRecordFileID' to be control number
6 - Repeate 3-4 on a record with and without a control number
7 - If control number present fiule name should be 'record-{controlnumber}.{format}'
8 - Otherwise it should be as above
9 - Repeat tests from the details page of a record
10 - Repeat tests from the opac details page of a record
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
There is a difference between YAML::Load and YAML::XS::Load
From YAML::XS pod:
"YAML::XS only deals with streams of utf8 octets"
Test plan:
We are going to test 1 occurence and QA will confirm others don't
contain typos.
0. Don't apply the patches
1. Create a new itemtype with code=❤️
2. Create a new item using this itemtype (to biblionumber=1 will work)
3. Fill OpacHiddenItems with
itype: [❤️]
4. Search for "street shuffle" or any terms that will return the biblio
Notice that the item is there (there is an error in logs)
5. Apply the patches
6. Repeat 4 and confirm that the item is now hidden
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
From tht YAML pod:
"""
This module has been released to CPAN as YAML::Old, and soon YAML.pm will be changed to just be a frontend interface module for all the various Perl YAML implementation modules, including YAML::Old.
If you want robust and fast YAML processing using the normal Dump/Load API, please consider switching to YAML::XS. It is by far the best Perl module for YAML at this time. It requires that you have a C compiler, since it is written in C.
"""
See also
https://gitlab.com/koha-community/qa-test-tools/-/merge_requests/35
Test plan:
Try some place where YAML::XS is not used and confirm that it works
correctly
QA note: This patch removes some uses of YAML that were not useful
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
There is an input filter but it does nothing
Test plan:
You need 2 differents users, U1 and U2
Create several (at least one) suggestions for each of them
Test the following with and without OPACViewOthersSuggestions:
With U1 logged in, go to the suggestions tab and use the input to filter
the suggestions.
It should work correctly.
Also play with the "Suggested by" options
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1 - Apply patch
2 - Search on staff and opac side
3 - Confirm you can paginate results
4 - Confirm you see 10 pages on pagination if under page 10
5 - Confirm you see 20 pages in pagination if over page 10
6 - Confirm you can go to first or last page
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
JD amended patch: perltidy
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This feature is not used as far as we know and it's not known to work.
It's preferable to remove it.
Test plan:
Make sure the OpacGroupResults pref code is removed, as well as the
PazPar2 files and code.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The value of PatronSelfRegistrationLibraryList is used to display the dropdown
list of the libraries, but not after the form is submitted.
Test plan:
1. Empty PatronSelfRegistrationLibraryList
2. Self register a new patron
=> Confirm the dropdown list with the libraries contain all the
libraries
3. Fill in PatronSelfRegistrationLibraryList with branchcodes (eg. "CPL|MPL")
4. Self register a new patron
5. Edit the HTML form and replace the option's value with another
branchcode (FPL)
6. Save
=> Without this patch the branchcode FPL is used
=> With this patch applied an ugly 500 is returned
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When a patron edit their personal details at the OPAC, the password must
be removed from the mandatory fields
Test plan:
0 - Don't apply the patch
1 - Set PatronSelfRegistrationBorrowerMandatoryField to require password
2 - Create or sign in as a patron on the opac
3 - Click 'Your personal details'
4 - Attempt to edit
5 - Save changes
=> They are rejected because not all required fields are populated
6 - Apply the patch
7 - Repeat 3 to 5
=> details are saved successfully
8 - Test the self registration feature and confirm that the password is
required
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch renames the reviewson system pref to OPACComments
Test Plan:
1. In Koha Administration, search for the reviewson system preferance
2. Note the presence of the reviewson system preferance
3. Apply the patch and run updatedatabase.pl
4. Repeat steps 1 and 2. The reviewson preferenace should be gone
5. Seach for and note the OPACComments system preferance
6. Ensure that the OPACComments system preferance operates correctly, as
if it were reviewson
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
https://bugs.koha-community.org/show_bug.cgi?id=27484
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch uses the ErrorDocument middleware to use Koha's
custom error pages instead of generic Plack error responses
Test plan:
0. Apply patch
1. vi /usr/sbin/koha-plack (and change "development" to "deployment")
2. vi ./opac/opac-main.pl
3. Add "die" to line 2
4. vi ./mainpage.pl
5. Add "die" to line 2
6. cp ./debian/templates/plack.psgi /etc/koha/sites/kohadev/plack.psgi
7. koha-plack --restart kohadev
8. Go to http://localhost:8080/cgi-bin/koha/opac-main.pl
9. See a beautiful OPAC 500 error instead of "Internal Server Error"
10. Go to http://localhost:8080/cgi-bin/koha/blah.pl
11. See a beautiful OPAC 404 error instead of "not found"
12. Go to http://localhost:8081/cgi-bin/koha/mainpage.pl
13. See a beautiful Staff interface 500 error instead of "Internal Server Error"
14. Go to http://localhost:8081/cgi-bin/koha/blah.pl
15. See a beautiful Staff interface 404 error instead of "not found"
For bonus points:
16. koha-plack --disable kohadev
17. koha-plack --stop kohadev
18. service apache restart
19. Repeat the above test plan to show CGI still works for 404 (although 500
will show "Software Error" due to C4::Context needing some improvements)
20. Using the "Network" tab on your developer tools, make sure 404 and 500
are returned by the appropriate error pages
Signed-off-by: Eden Bacani <eden.bacani@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The method Koha::Items->itemnumber is not covered by tests!
Trace begun at /kohadevbox/koha/Koha/Objects.pm line 592
Koha::Objects::AUTOLOAD('Koha::Items=HASH(0x55981fd94790)') called at /kohadevbox/koha/opac/opac-reserve.pl line 465
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch leverages on bug 24254's
Koha::Items->filter_by_visible_in_opac to filter out items that
shouldn't be presented to the end user in the OPAC interface.
To test:
1. Circulation and Fine rules for item-level holds are set to allow.
2. Setting the OpacHiddenItems preference to "ccode: [SUPPRESS]"
3. An item with collection Code Suppress is set.
4. Search for the title in the OPAC.
=> SUCCESS: The Suppress ccode item isn't shown.
5. View the detail page for the title.
=> SUCCESS: The suppress ccode item isn't shown.
6. Place a hold on the item:
-- Click "Show more options"
-- Select "A specific item"
=> FAIL: the ccode with the opachiddenitems rule has an item that appear in the list to place a hold
7. Apply this patch and repeat 6
=> SUCCESS: The item doesn't show!
8. Sign off :-D
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
1. Apply patch, restart_all
2. Add some OPAC messages by clicking 'Add a message' on Home › Circulation › Checkouts › patron
3. Log into the OPAC as that patron and you should see a notice about how many messages you have with a link to opac-user.pl
4. Add multiple OPAC messages and make sure it all continues to work.
5. Also add an OPAC note from memberentry.pl. Refresh the OPAC and you should see a 1 message added to the total
6. Try an OPAC without any messages. If there are no messages or any other kind of notification the dashboard should NOT appear at all.
7. Add a 'staff - internal' note. It should not count towards your total messages in the dashboard.
8. Test it with some other notices that would appear on the dashboard, checkouts, holds, overdues.
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The authorised values OPAC_SUG displayed at the OPAC show the staff
description.
Test plan:
1. Create an auth value in opac_sug, with different text for the description and OPAC description.
2. Go to the OPAC and open the purchase suggestion form.
3. Note in the Reason for purchase drop down, the descriptions appear, the text entered in the OPAC description field.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch updates the browse search interface to confirm to new
interface patterns in the Bootstrap 4 framework, especially in the form
markup.
The results list has been changed to a Bootstrap "Collapse" component
configured as an accordion
(https://getbootstrap.com/docs/4.5/components/collapse/#accordion-example).
Instead of loading the bibliographic record results below the list of
terms returned, the bibliographic results are now displayed in the
"panel" expanded below the selected term. Subtitle has been added to the
information displayed about the bibliographic record.
To test you must be using ElasticSearch and the OpacBrowseSearch
preference must be enabled. Apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- Open the "Browse search" page in the OPAC.
- Test various searches: Author, Subject, and Title.
- When results are found, the should be displayed as a Bootstrap-styled
accordion widget. Clicking any individual result should expand the
panel containing the corresponding records.
- Clicking the record link should open the bibliographic detail page in
a new window.
- When no results are found, a Bootstrap-style "alert" box should
appear.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch fixes the bug when there is no patron category available for
selection in self registration form. It uses PatronSelfRegistrationDefaultCategory
to get patron's password length and strength.
To test:
1. Do not apply this patch
2. Allow SeflRegistration, set PatronSelfRegistrationDefaultCategory to
a valid patron category and finally add categorycode to PatronSelfRegistrationBorrowerUnwantedField
3. Go to opac and enter self registration form
CHECK => There is no patron category available for selection
=> Password's info alert shows "Password must contain at least
undefined characters"
4. Fill the form setting a password and send.
CHECH => You get an exception saying "You must provide a patron's
category to validate password's strength and length"
5. Apply this patch and restart_all
6. repeat steps 3 and 4
SUCCESS => Password's info alert message shows a number instead of
"undefined"
=> Password's strength and length checks are working
=> If you change default category's lenght or strength parameter it get's reflected when you refresh the page
=> When you click send, patron is saved
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In OPAC password recovery perl opac/opac-password-recovery.pl
there are some error codes not in Template koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
This patch fixes several bugs:
- remove 'use Koha::Patrons' defined twice
- remove vars $errTooManyEmailFound $errBadEmail, not used in any template
- add in template text for error 'errNoBorrowerEmail'
1) Create a patron A with login but no email
2) Create a patron B with login and valid email
3) Go to system preferences set 'OpacResetPassword' to ON
4) Make sure that OpacPasswordChange is also ON
5) Go to 'Forgot your password' in OPAC
6) Enter login if patron A and save
=> You get message 'This account has no email address we can send the email to.'
7) Enter login if patron B and save
=> Password recovery is send, no error message
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
As highlighted by Katrin, the selfcheckin module was not aware of this
work. This commits gives it awareness of the too_unseen renew error and
the "seen" argument that can be passed to AddRenewal
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds support for unseen renewals.
Here we retrofit knowledge of unseen renewals and add the display of unseen
renewal counts and warnings, in addition to adding the ability to
specify a renewal as being "unseen".
The functionality added here is goverened by the UnseenRenewals syspref.
Signed-off-by: Sally Healey <sally.Healey@cheshirewestandchester.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds patron's hold history in OPAC.
To test:
1. apply this patch
2. Find a patron, place several holds and cancel or fulfill them
3. Go to patron's opac
CHECK => There is no 'your holds history' option in menu
4. In admin preferences enable OPACHoldsHistory
5. Go back to patron's opac
SUCCESS => There is a 'your holds history' menu option
=> Holds history displays all holds
6. Change order, and list limit
SUCCESS => All controls work as expected
7. Sign off.
Signed-off-by: Todd <tgoatley@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the ability for ILL to send notices, both triggered by
staff and triggered by events.
Staff can trigger notices to patrons from the "Manage ILL request" screen:
- ILL request ready for pickup
- ILL request unavailable
- Place request with partners
The following notices to staff are triggered automatically:
- Request has been modified by patron
- Request has been cancelled by patron
Branches can now specify an "ILL email" address to which notices
intended to inform staff of changes to requests by patrons can be sent.
The sending of notices is controlled by a few new sysprefs:
- "ILLDefaultStaffEmail" - Fallback email address for staff ILL notices
to be sent to in the absence of a branch address
- "ILLSendStaffNotices" - To specify which staff notices should be sent
automatically when requests are manipulated by patrons
Patron notices are also controlled by the patron's messaging
preferences
Sponsored-by: PTFS Europe
Signed-off-by: Niamh Walker-Headon <Niamh.Walker-Headon@it-tallaght.ie>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
When using OPAC password recovery form, opac/opac-password-recovery.pl :
if one provides correct login and an email, there is a check that this email is one of patron's.
This check uses RegExp with case insensitive :
if ( $email && !( any { /^$email$/i } @emails ) )
This is a security issue since one can simply enter '.*'.
Severity is normal because the login must be a correct.
I propose to use simple string compare with lowercase to be case insensitive.
Test plan :
1) Don't apply patch
2) Enable system preference 'OpacResetPassword'
3) Go to 'OPAC > Log in to your account > Forgot your password?'
4) Enter an existing userid or cardnumber and '.*' in 'Email'
5) The password recovery is created ! (check table 'borrower_password_recovery')
6) Apply patch
7) Enter an existing userid or cardnumber and '.*' in 'Email'
8) You get the message 'No account was found with the provided information.'
9) Enter an existing userid or cardnumber and in 'Email' the corresponding email but with different case
10) The password recovery is created (check table 'borrower_password_recovery')
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the OPAC list page so that download options are
shown in a dropdown menu instead of a modal dialog. This solves a bug
introduced by the Bootstrap 4 upgrade and makes it consistent with the
cart interface.
To test, apply the patch and view the contents of a list in the OPAC
which has multiple items on it.
- In the toolbar at the top of the list contents table the "Download"
button should now be a dropdown menu.
- Selecting any of the download options should trigger a download
prompt.
- Test with and without some CSV profiles which have been
configured for use in the OPAC
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Some libraries would like to not only block the circulation of a guarantor based on fines owed by guarantees, but would also like to block circulation for all guarantees as well. Basically, if a family as a whole reaches a certain threshold of fines, the entire family will be blocked from checking out items.
Test Plan:
1) Apply this patch
2) Set NoIssuesChargeGuarantorsWithGuarantees to $14
3) Create a family of four ( 2 guarantors, 2 guarantees ) where the parents guarantee both children
4) Give 3 of the 4 a $5 fine
5) None of them should be able to check out items
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
In this patch we remove the limitation of 1 cover image per item
Sponsored-by: Gerhard Sondermann Dialog e.K. (presseplus.de, presseshop.at, presseshop.ch)
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
1. git grep -i AllowPurchaseSuggestionBranchChoice **/*.pm **/*.pl **/*.t
2. There should no longer be any code related to the old sys pref AllowPurchaseSuggestionBranchChoice
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
-Apply patch
-Check OPACSuggestionUnwantedFields
-Check some fields as unwanted
-Go to the OPAC suggestion page and make sure these correct fields are hidden
-Turn on the system preference AllowPurchaseSuggestionBranchChoice to see the branch choice on the form
-Make sure you can correctly hide this one and still submit the purchase suggestion for without error.
-Go through each option and make sure it hides properly.
Note: You will only see the patron reason field when there are authorised values in the OPAC_SUG category
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
At a later development stage, exceptions where added for bad addresses.
This wasn't addressed in the controllers.
This patch makes the basket and list sending controller scripts move
email creation inside the try/catch block to handle those situations. It
also UTF-8 encodes the attached marc.
On broadly testing this I found that if the TT templates that are used
to build the email contains non-latin characters, those get
double-encoded. So this patch also removes an explicit encoding that is
done, which colides with Email::MIME implicit encoding.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adapts controller scripts that used sendmail. Also the syntax
for Koha::Email has changed and this patch adapts it.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a block to capture attempts to return items with
attached materials when checking in via the self checkout when the
relevant system preference is set.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch capitalizes the 'ADDITIONAL_MATERIALS' key in the
needsconfirm hash return value for CanBookBeIssued to restore
consistency with previous code and ensure SIP Checkout works as
expected.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan
1/ Enable the feature as per previous patches
2/ Attempt to return an item with materials attached via the SCI
3/ Note that the return is blocked with the message '(The item
cannot be returned at a self service terminal, please see library
staff for assistance)'
4/ Signoff
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan
1/ Enable the feature as per previous patches
2/ Attempt to checkout an item with materials attached via the SCO
3/ Note that the checkut is blocked with the message 'Item must be
issued at a circulation desk'
4/ Signoff
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Currently we apply weighting to all searches except advanced search. The theory
being that when selecting indexes we don't want to apply weights. When searching
in ES weights are only applied to relevant results so it doesn't matter.
i.e. if weighting author*100 but searching subject, a term matching the subject search in author
is not boosted.
Given this, we should always apply weights, unless the user wishes not to
To test:
1 - Set some weighting
2 - Do some searches
3 - Note your terms and results, try advanced and regular searches specifying indexes or not
4 - Apply patch
5 - Note that opac and staff advanced search have option to apply weights
6 - Compare searches after the patch to see how weighting affects, it should be beneficial or not at all
Signed-off-by: Myka Kennedy Stephens <mkstephens@lancasterseminary.edu>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
0) Activate password reset in system preferences.
1) Initiate a password recovery.
2) Try to submit with an invalid password.
3) Confirm that validation occurs.
4) Try to submit with mismatching passwords.
5) Confirm that validation occurs.
6) Sign off.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Theoretical change. If somehow the search would return more than one result, the code is wrong.
The if test can be simplified: remove scalar and >0.
We should not pass @array to one param. It would theoretically add wrong items or
trigger an odd number warning. If it is only one, it is no problem. But it is buggy.
Test plan:
Pass an existing news_id to opac-main. Item visible?
And pass a not-existing. Error message?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Currently, if you have OverduesBlockCirc set to "Ask for confirmation"
and OverduesBlockRenewing set to "allow renewing", you get caught
in a loop where you can never renew an overdue material.
This patch uses CanBookBeRenewed for renewals, rather than CanBookBeIssued,
which means the correct rules are applied to the correct scenario.
To test:
a. Set OverduesBlockCirc to "Ask for confirmation"
b. Ensure "OverduesBlockRenewing" set to "allow renewing"
0. Apply the patch
1. Checkin item barcode 3999900000001
2. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
3. Checkout item barcode 3999900000001 to 1 year ago
4. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
5. Login as the "koha" user
6. Click on "Renew item"
7. Note that the item is renewed
8. Checkin item barcode 3999900000001
9. Go to http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=51
10. Checkout item barcode 3999900000001 to 1 year ago
11. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
12. Login as the "koha" user
13. Type "3999900000001" into the box under "Scan a new item or enter its barcode"
14. Click "Submit"
15. Note the system says the item is already checked out and it prompts
you to click "Renew item" in this screen
16. Click "Renew item"
17. Note the system says "Item renewed" near the top of the screen, and the "Due"
date near the bottom of the screen is more recent than the original due date
18. Checkin item barcode 3999900000001
19. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
20. Login as the "koha" user
21. Type "3999900000001" into the box under "Scan a new item or enter its barcode"
22. Click "Submit"
23. Note the system says "Item checked out" and the item appears in the checkouts
at the bottom of the screen
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the capability to override minPasswordLenth and RequireStrongPassword settings by category
To test:
1. koha-shell kohadev
2. koha-mysql kohadev
3. drop database koha_kohadev;
4. create database koha_kohadev;
5. go to admin page and start webinstaller. There continue the steps until onboarding.
6. reach step 3 of onboarding and create a new administrator patron
CHECH => Password control woks as normal (Minimum length 3 and strong required)
7. finish Koha installation and enter admin with your new administrator
8. set minPasswordLength to 3 and RequireStrongPassword to “Don’t require”
9. Create a new category (CAT2 from now on.. CAT1 is the category you made in onboarding process) and set minimum password length to 8 and require strong password
10. Create two new patrons, one with CAT1(patron1) and one with CAT2 (patron2)
CHECK => In both cases, try different combinations of length and strength. For patron1 the only requirement is to have 3 letters, but for patron2 the minimum length will be 8 and will require strong password.
CHECK => Try changing patron category before saving. Password requirements will change with category change.
11. Edit CAT1 and set minimum password length to 5
12. Go to patron1 details page, and change password.
CHECH => Now password minimum length is 5, but still it doesn’t require strong password
13. Edit CAT1, leave blank minimum password length and set require strong password to yes.
14. Go to patron1 details page, and change password.
CHECH => Password minimum length is back to 3, but now strong password is required
15. Set minimum password length in CAT2 to 12.
16. Go to patron2 details page, and click to fill a random generated password
CHECK => generated password should be 12 characters length
17. Set PatronSelfRegistration to Allow in admin settings
18. Go to OPAC and fill self registration from.
CHECK => Play with patron category. For each change in category, password requirements are modified.
CHECK => Set CAT1 as patron category, set ‘aA1’ as password (or another valid password for CAT1) and before hitting submit button, change to CAT2. Form should enter invalid state, and CAT2 password requirements should be displayed as error in password input.
19. Create a patron for CAT1 and another for CAT2, leaving password blank
CHECK => For CAT1’s patron, generated password length is 8 (minimum length for generated passwords), but for CAT2’s patron should be 12
20. In admin set PatronSelfRegistrationVerifyByEmail to require
21. Fill self registration form again with CAT2 as category
CHECK => Password requirements works as previous case.
22. Leave password blank and click submit
23. select * from message_queue;
24. Copy the link in the message and paste it in OPAC
CHECH => Generated password is 12 characters long. (Copy user id for next steps)
25. In admin set OpacResetPassword to Allow
26. Go back to OPAC, reload and click on “Forgot password?” link
27. Paste user id and click submit
28. Repeat steps 23 and 24
CHECK => Info message says “Your password must contain at least 12 characters, including UPPERCASE, lowercase and numbers.”
CHECK => enter an invalid password and you’ll get the same message in warning.
29. Login OPAC with the last user and your newly created password
30. Go to “Change your password” option
CHECK => Info message says “Your password must contain at least 12 characters, including UPPERCASE, lowercase and numbers.”
CHECK => enter an invalid password and you’ll get the same message in below “New password” input.
31. prove t/db_dependent/AuthUtils.t t/db_dependent/Koha/Patron/Category.t
32. Sign off
Sponsored-by: Northeast Kansas Library - NEKLS
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Additionally, only include renewable items in 'Renew all'
To test:
1 - Check out some items to a patron, ideally:
Some not renewable because set for auto renewal
Some not renewable because of holds
Some renewable
2 - Confirm 'Renew selected' and 'Renew all' show on the opac
3 - Click 'Renew all'
4 - You get errors about the non-renewable items?
5 - Check in all renewable items
6 - Confirm you still see renew buttons
7 - Apply patch
8 - Refresh and you shoudl not see renew buttons
9 - Check out a renewable item
10 - Click 'Renew all'
11 - Renewable item is renewed with no error
12 - Try again with 'Renew selected'
13 - Confirm it works as expected
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes opac-detail.pl query for analytics the same way it
would do with the generated link (i.e. based on UseControlNumber) and
passes a flag to the XSLT so it displays (or not) the 'Analytics' link.
To test:
1. Apply the first patch
2. Have a known record without analytics
3. Open the record in the OPAC
=> FAIL: It shows the 'Analytics' link
4. Have a record known to have analytics and open in OPAC, on a separate
tab
=> SUCCESS: It shows the 'Analytics' link
5. Apply this patch and restart_all
6. Reload the tabs
=> SUCCESS: It shows the link where it has to, and hides it where it
shouldn't be displayed
7. Sign off :-D
Sponsored-by: Orex Digital
Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
It defaults to 0 in get_template_and_user
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Testplan for this patch:
1. Apply patch.
2. Make sure syspref "AutoApprovePatronProfileSettings" is set to "Disable".
3. Edit patron personal details via opac interface.
4. Expect modifications to require manual approval by staff via link on main page.
5. Set syspref "AutoApprovePatronProfileSettings" to "Enable".
6. Edit patron personal details via OPAC interface again.
7. Expect modifications to have been approved automatically.
Signed-off-by: Liz Rea <liz@catalyst.net.nz>
This works, we may want some different text for this situation in the OPAC, it still says the librarian has to approve the change.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch combines get_daily_quote and get_daily_quote_for_interface
methods and moves them from Koha::Quote to Koha::Quotes. Also removes
some unused code and adjusts datetime parsing.
To test apply this patch and confirm 'QuoteOfTheDay' syspref still
works as expected (quote is shown in correct mainpage(s)).
Also prove t/db_dependent/Koha/Quotes.t
Sponsored-by: Koha-Suomi Oy
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Set 'QuoteOfTheDay'-syspref to 'opac intranet' to allow displaying news in the
opac and the staff client.
Add 'commandline' to allow news in the commandline (where applicable)
Accepts all values accepted by the C4::Context->interface()
Test plan:
1. Set 'QuoteOfTheDay' syspref as 'intranet' or 'opac' or both
2. Check that quote is visible on both mainpages
Prove t/db_dependent/Koha/Quotes.t
Sponsored-by: Koha-Suomi Oy
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch moves subroutine 'GetDailyQuote' to new
Koha::Quote object and adjusts tests.
To test:
1. Set 'QuoteOfTheDay' as 'enable'
2. Check that quote is displayed on OPAC mainpage
Prove t/db_dependent/Koha/GetDailyQuote.t
Sponsored-by: Koha-Suomi Oy
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
There are several calls in catalogue/detail.pl that can be removed:
GetMarcISBN, GetMarcAuthors, GetMarcSubjects, GetMarcSeries, GetMarcUrls and GetMarcHosts
They pass a variable to the template that is never used.
Test plan:
Confirm that this TT variable is never used.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The Google Transliterate API was deprecated on May 26, 2011. This patch
removes the feature and associated system preference.
To test, apply the patch and run the database update process.
- Go to Administration -> System preferences and search for
'GoogleIndicTransliteration.' There should be no results.
- Search the Koha codebase for references to
'GoogleIndicTransliteration.' There should be no current references..
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Output rss feed as text/xml
Test plan:
1) have books entered
2) log in create a list
3) add books to list
4) display list in OPAC
5) click the RSS link button.
-- output is displayed as html text
6) apply patch
7) repeat steps 4&5
-- output is displayed as xml tree
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds the following plugin hooks:
- opac_results_xslt_variables
- opac_detail_xslt_variables
This hooks will inject variables returned by the plugin in the form of a
hashref, into the ones that are passed to the XSLT processing code.
To test:
1. Apply the 'DO NOT PUSH' commit
2. Install the Kitchensink plugin
3. Restart all
4. Search biblios in the OPAC
=> SUCCESS: A text is injected in front of the biblio title
5. Enter the detail page of any of the results
=> SUCCESS: A text is injected in front of the biblio title
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If a user to access a CSV profile that is not available at the OPAC we
should redirect to 404.
It will also handle undefined csv_profiles
For instance:
kohadev.mydnsname.org:8080/cgi-bin/koha/opac-downloadshelf.pl?shelfnumber=1&format=3
kohadev.mydnsname.org:8080/cgi-bin/koha/opac-downloadcart.pl?bib_list=1/2/&format=3
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch renames the introduced attribute for later usage on the API,
and changes the logic to use it the other way around.
It also adds a KEY for the flag, as it will be used in WHERE statements.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1) Update database
2) Update schema
3) In staff side, go to Tools -> CSV profiles
4) Make a CSV profile with profile type = MARC and usage = Export
records
5) Leave 'Show option in OPAC' unchecked and save
6) Go to OPAC and add an item to your cart
7) Click Cart, click Download, confirm that your newly created CSV
profile does not show as an option
8) Go back and edit CSV profile on staff side
9) Check the 'Show option in OPAC' checkbox and save
10) Go back to download cart in OPAC
11) Confirm the CSV profile now shows in the dropdown
Sponsored-by: Catalyst IT
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Note: The GetItemsInfo call is now suboptimal. Leaving it as-is
for now in the hope that item refactoring picks it up ;)
Test plan:
Test opac-detail via biblionumber (regular use).
Test opac-detail by passing an itemnumber in the URL:
/cgi-bin/koha/opac-detail?itemnumber=999
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Test plan:
- Set 1+ patron's attribute(s) mandatory
- Use the self-registration feature and confirm that you cannot selfreg
if the attribute has no value (or empty string)
- Same with the modification form (logged in)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch removes the "opac_option" parameter from opac-basket.pl. It
was included in Bug 25402 because the bug was dependent on 5087.
To test, apply the patch and add some items to the Cart in the OPAC.
Click the Cart button to show the cart. The pop-up window should load
correctly without errors.
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a .perlcriticrc (copied from qa-test-tools) and fixes
almost all perlcrictic violations according to this .perlcriticrc
The remaining violations are silenced out by appending a '## no critic'
to the offending lines. They can still be seen by using the --force
option of perlcritic
This patch also modify t/00-testcritic.t to check all Perl files using
the new .perlcriticrc.
I'm not sure if this test script is still useful as it is now equivalent
to `perlcritic --quiet .` and it looks like it is much slower
(approximatively 5 times slower on my machine)
Test plan:
1. Run `perlcritic --quiet .` from the root directory. It should output
nothing
2. Run `perlcritic --quiet --force .`. It should output 7 errors (6
StringyEval, 1 BarewordFileHandles)
3. Run `TEST_QA=1 prove t/00-testcritic.t`
4. Read the patch. Check that all changes make sense and do not
introduce undesired behaviour
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Patron should be allowed to modify this setting without asking a staff
member.
The setting is not configurable and cannot be hidden via a syspref.
Test plan:
- Turn the pref TranslateNotices on
- Install some languages
- Edit your messaging settings at the OPAC
=> Notice the "Preferred language for notices" dropdown list
- Select one
=> Confirm that the value is saved in DB
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch modifies the process of downloading a cart so that it doesn't
involve a separate popup window.
To test, apply the patch and add some titles to the cart in the OPAC.
- Open the cart
- The "Download" button should now be a dropdown menu.
- Selecting any of the download options should trigger a download
prompt.
- Test with and without some CSV profiles which have been configured
for use in the OPAC
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If PatronSelfModificationBorrowerUnwantedField contains dateofbirth, all
patron self modification requests will attempt to set dateofbirth to
null instead of ignoring the field.
Test Plan:
1) Add dateofbirth to PatronSelfModificationBorrowerUnwantedField
2) Run a patron self modification
3) Note the request sets dateofbirth to null on the staff side
4) Apply this patch
5) Restart all the things!
6) Run another self-modification
7) Note of the staff side that dateofbirth is unaffected
Signed-off-by: Emmi Takkinen <emmi.takkinen@outlook.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If the pref TagsEnabled is off we should not display the tags at the
OPAC.
There is a message to tell that tags system is disabled, but the tags
are displayed.
We should redirect to 404 like we do in opac-topissues.pl and
opac-suggestions.pl.
Test plan:
- Turn TagsEnabled on
- Add some tags
- Turn TagsEnabled off
- Hit /cgi-bin/koha/opac-tags.pl
=> Without this patch you see a warning messaging saying that the tag
system is disabled, but the tags are displayed
=> With this patch you get a 404 redirect
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
There is no need for all the conditions.
From Encode::encode POD:
"If the $string is undef, then undef is returned."
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The cart was outputing ISO2709 MARC records with Latin-1
encoding. Records containing non-latin1 characters were
automatically re-encoded as UTF-8 by browsers, which led to
inconsistent character encodings for downloaded MARC files.
This patch explicitly encodes ISO2709 MARC characters from
the cart download as UTF-8 encoded bytes, which resolves the problem.
Test Plan:
0) Don't apply patch
1) Create bib record with only ASCII characters
2) Add a ü character to the title
3) Save bib record
4) Download bib record from cart (opac and staff client)
5) Using xxd or some other program, note that the ü is
represented by a FC byte (latin-1 encoded)
6) Apply the patch
7) Download bib record from cart (opac and staff client)
8) Using xxd or some other program, note that the ü is
represented by C3 BC bytes (utf-8 encoded)
9) Success
(Note that you could potentially use Notepad++ or some other
program to open the downloaded file and just note the encoding
that it finds. You could also try "chardetect" instead. Lots
of options for figuring out the encoding.)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes use of the 'variables' parameter in XSLTParse4Display
method in the different places that it is used in the OPAC. It does by
passing this parameter with
anonymous_session => 1|0
The value will depend on the output from get_template_and_user (i.e. if
there's a returned borrowernumber).
A special case takes place in search results, as the call to
XSLTParse4Display happens in C4::Search::searchResults. So a new
parameter 'xslt_variables' is added to it.
To test:
1. Apply the [DO NOT PUSH] patch
2. Open the OPAC in your browser
3. Try detail pages, search results, tags and lists/shelves pages with
or without an active session
=> FAIL: It always says (somewhere) 'Anonymous session: Yes'
4. Apply this patch, restart_all
5. Repeat 3
=> SUCCESS: It will tell the Yes/No correctly regarding anonymous
sessions!
6. Sign off :-D
Sponsored-by: Universidad ORT Uruguay
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Test plan:
1- View a record with Materials specified (field 3) data in the opac
2- Apply patch
3- Log in to staff client
4- Home->Administration->Column Settings->OPAC->holdingst
5- Set item_materials visibility
6- Refresh OPAC page
7- Confirm that the materials specified column has been added after the
Call number column.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds a script and a template for showing library information
pages in the OPAC. A "libraries" page lists all the libraries in the
system, linking to individual pages for each library showing more
information..
If there is only one library in the system the page shows all of that
library's information.
To test, apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- Go to /cgi-bin/koha/opac-library.pl in the OPAC.
- Verify that all the correct information is displayed for the
libraries in your system.
- Verify that page title and breadcrumbs look correct.
- Click to view details for a library.
- The details page should show the full contents of
branches.opac_info
- A menu should show links to other libraries' detail pages.
EDIT: This revised patch adds a "Libraries" link to the links under the
search bar; Corrects encoding in the breadcrumb link; Makes the page
title more specific when viewing an individual library.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch modifies the OPAC comments system so that the biblio object
is passed to the template. This allows the biblio-title include to
properly access the title and subtitle information.
Unrelated change: Remove some custom CSS from the page which was
obsolete.
To test, apply the patch and make sure the "reviewson" preference is
enabled.
- Log in to the OPAC and open a bibliographic record's detail page.
- Under the "Comments" tab, click the "Post your comments" link to
trigger the pop-up window.
- In the pop-up window, verify that the item's title is correct in the
page title and the heading. Author should display correctly, if
present.
- Test submitting a comment and editing a comment. Everything should
work correctly.
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the ability for logged-in patrons to add star ratings to
titles in their list of current checkouts and on the reading history
page.
The reading history page previously only showed existing ratings. Now it
will allow the entry of ratings as well.
The JS and markup for the feature are in separate include files to
facilitate re-use. It includes markup for non-js display of ratings and
js-driven ratings controls.
To test, apply the patch and set the OpacStarRatings to all, "results,
details, and user" pages.
- Log in to the OPAC as a user with checkouts.
- On the "your summary" page, test the features of setting star
ratings:
- Any title with existing ratings should show the rating and the
average rating number.
- Set a rating. Confirm that it shows a message with your rating.
- Click the "cancel rating" link, and confirm that your rating is
removed.
- Set a rating and reload the page. Confirm that the rating was
saved.
- Test the "cancel rating" link on the title you set before you
reloaded the page. The rating should be cancelled.
- Test the same functionality on the "your reading history" page.
- Test these pages with the OpacStarRatings preference set to "only
details" or "no." The pages should function correctly.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch cleans opac-showmarc.pl so it doesn't allow retrieving
records from import batches without requiring any permissions in the
OPAC.
it does so by just removing the code portion that does that.
It also cleans the record fetch operation and how the record processor
is initialized to it actually works :-D
To test:
1. Perform a successful Z39.50 search in cataloguing (this fetches 20
records usually)
2. Query your DB for a valid import_record_id:
$ koha-mysql kohadev
> SELECT * FROM import_records LIMIT 1;
3. Notice some of the MARCXML details (title, author, etc), and the
import_record_id
4. Point your browser to the opac-showmarc.pl URL like this:
http://kohadev.mydnsname.org:8080/cgi-bin/koha/opac-showmarc.pl?importid=20
=> FAIL: You get the record! (Bonus: no field/subfield takes place)
5. Hide some obvious subfield on the framework for a known (to you)
biblionumber
6. Point your browser to:
http://kohadev.mydnsname.org:8080/cgi-bin/koha/opac-showmarc.pl?id=<biblionumber_here>
=> FAIL: No filtering takes place
7. Apply this patch
8. Repeat 4
=> SUCCESS: You get an error because you did a bad request (no id param)
9. Repeat 6
=> SUCCESS: Subfield filtering actually works!
10. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To test:
1) update database, restart memcached/plack
2) Go to Administration -> System preferences -> OPAC tab. Enable the
new PatronSelfRegistrationConfirmEmail system preference. Enable other
required self registration sysprefs.
3) Go to the OPAC home page. (You may need to log out). Click the
'Register' link so you are redirected to the member entry form.
4) Notice the 'Confirm primary email' field after the 'primary email'
field. Put 'a@a.com' in primary email, and 'b@b.com' in the confirm
field. Scroll to the end of the form and Submit.
5) Confirm the form is not successfully submitted, and an error message
is shown to indicate the email addresses do not match.
6) Confirm you cannot cut, copy or paste in either the primary email or
confirm primary email fields. Confirm the right click menu doesn't work
in these fields.
7) Disable javascript in your browser.
8) Repeat steps 3 and 4.
9) Confirm there is an error message to indicate the email addresses do
not match.
10) Re-enable javascript. Fill in the form correctly with matching email
addresses and confirm it successfully submits.
11) Disable the PatronSelfRegistrationConfirmEmail syspref.
12) Attempt to register an account on the OPAC again. Confirm the
'confirm email address' field is gone and form works as expected.
13) Re-enable the PatronSelfRegistrationConfirmEmail syspref.
14) Log in to the OPAC and go to your personal details
15) Edit the primary email field
16) Confirm you are able to submit your changes (you should not see an
error about emails not matching).
Sponsored-by: Bibliotheksservice-Zentrum Baden-Württemberg (BSZ)
Signed-off-by: holly <hc@interleaf.ie>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Highlight that we only need this for action="new"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes it so PatronSelfRegistrationLibraryList will only effect the registration from and not the modification form.
TO TEST:
1. Turn on self reg and add some libaries to PatronSelfRegistrationLibraryList.
2. Notice that the libaries that display in the borrower_branchcode dropdown are the ones you selected on both the new registration from and the modification form.
3. Apply patch.
4. Now only the new registration from should show libaries on PatronSelfRegistrationLibraryList.
5. The modifciation dropdown should still show all libraries.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The lack of parenthesis makes the condition evaluated wrong.
Test plan:
- confirm you have a branch with code X
- enter X in PatronSelfRegistrationLibraryList
- go to cgi-bin/koha/opac-memberentry.pl (either as a logged in patron or as a self-reg patron)
- confirm branch dropdown is not empty and contain X
- empty out PatronSelfRegistrationLibraryList
- reload cgi-bin/koha/opac-memberentry.pl and confirm branches show
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Test plan:
1 - Apply this patch
2 - Run updatedatabase.pl
3 - By default the preferences are blank and do not limit.
4 - Set the limits to 3 in 30 days
5 - Go to purchase suggestion page from OPAC as a logged in patron
6 - Place 3 suggestions and confirm you cannot place any more
7 - Alter one of the suggestions to have been made more than 30 days ago
UPDATE suggestions SET suggesteddate = '2020-01-01' WHERE suggestionid=3;
8 - Confirm you can place another suggestion
9 - Log out of OPAC
10 - Make sure AnonSyggestions is set to 'Allow' and AnonymousPatron is set
11 - Confirm anonymous suggestions are not limited by the syspref
12 - Confirm that a blank value in either MaxTotalSuggestions or NumberOfSuggestionDays does not limit suggestions
Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com>
Signed-off-by: Rhonda Kuiper <rkuiper@roundrocktexas.gov>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
We should use Koha::DateUtils instead of Date::Time directly
This patch simplay replaces calls to now() with a call to dt_from_string()
which does effectively the same thing.
Probably reading the code and verifying changes is sufficient but...
To test:
1 - confirm the files all compile
2 - confirm all tests pass
3 - confirm Koha still works
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch deals (hopefully) correctly with encoding and escaping chars.
It also remove OPACBaseURL from the url stored in DB, and readd is on
display, to avoid possible attacks.
Test plan:
Go to the authority search
fill term with something hacky
<script>alert('booh!')</script>And Ŝ♥m€ E★tr₳
Search
Click the "Report a problem" link
Fill the form and make sure the url is displayed correctly
submit
Check problem_reports.problempage in DB => Should be correctly displayed
Go to staff interface, "OPAC problem reports"
=> Confirm the link is correctly display
Click it
=> Confirm that you are at the OPAC, and the URL is correct
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
On commit 027051c938
Bug 22823: Rename method with ->inbound_email_address
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Use the get_effective_email from Koha::Library to get an appropriate
inbound address for the branch as aposed to using branchemail directly.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds support for using the reply-to field added in bug 10269
and drops 'from_address' as it will get defined at a later stage in the
emailing process anyway.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
As the feature is now turned off without KohaAdminEmailAddress, we only
need to check if the email address of the library if defined.
Not that we should not check for $library->branchreplyto or
ReplytoDefault, but only $library->branchemail, as we do everywhere else
(I think)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Cannot remember why exactly, but it seems that we should not use
HTTP_REFERER directly.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
We usually do not specify the from_address on enqueuing the notice, but
when sending it (from _send_message_by_email). That way a) the code is
centralized (as we must use $patron->notice_email_address) and b) the
email used is the one that is in the DB when the letter is effectively
sent.
Here I guess you need to give it when the notice is enqueued as you want
to default to the koha admin address.
I do not think it's a good idea, we should not send an email with "from"
if not really sent by the user.
We have the borrowernumber anyway to know who filled the form.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
And make it a timestamp type column
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To test:
1) Apply patch, update database, rebuild schema file
2) Restart koha-common and memcached
3) Confirm that your user has an email address.
4) Confirm that your library does NOT have an email address.
5) Confirm that syspref KohaAdminEmailAddress and syspref ReplytoDefault are not filled. Enable the OPACReportProblem syspref.
6) Log into OPAC
7) Click the 'Report a problem' link at the bottom of whatever page
you're on
8) Notice that there is no form is and there is an error message alerting that reports cannot be submitted
9) Add an email address for your library (in either the email field or the replyto field). Refresh the OPAC problem report page. The form should now show, and the recipient field should say 'library'.
10) Complete the form and submit. Check the message_queue in the database and confirm the to_address is correct. Confirm there is a success message.
11) Add an email address for the syspref KohaAdminEmailAddress and refresh the OPAC problem report page again. The recipient field should now be a dropdown. Select the Koha Administrator option.
12) Complete the form and submit. Check the message_queue in the database and confirm the to_address is the value in KohaAdminEmailAddress. Confirm there is a success message.
13) Ensure all details in the message_queue are correct.
14) Log out of the OPAC
15) Click the Report a problem link again and confirm you are forced to log in
Sponsored-by: Catalyst IT
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds the required infrastructure to enable ILL availability
plugins to intercept the request creation process and, using the
supplied metadata, search for and display possible relevant items from
whichever availability plugins are installed.
Currently three availability plugins exist:
z39.50 - Searches any number of the Koha instance's configured Z targets
https://github.com/PTFS-Europe/koha-plugin-ill-avail-z3950
EDS - Searches the EBSCO Discovery Service
https://github.com/PTFS-Europe/koha-plugin-ill-avail-eds
Unpaywall - Searches the Unpaywall API for possible open access versions
of the requested item
https://github.com/PTFS-Europe/koha-plugin-ill-avail-unpaywall
The Unpaywall plugin is intended to serve as a "reference" plugin as the
API it deals with is extremely simple
Signed-off-by: Niamh Walker-Headon <Niamh.Walker-Headon@tudublin.ie>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch uses Net::Netmask to match IPs from ILS-DI:AuthorizedIPs
against $ENV{REMOTE_USER}. By using Net::Netmask, we can use addresses
in a variety of formats. This includes 127.0.0.1, 192.168.1.0/24,
10.0.0, and so on.
To Test:
1. Apply the patch
2. Empty the 'ILS-DI:AuthorizedIPs' system preference
3. Send a request to '/cgi-bin/koha/ilsdi.pl?service=LookupPatron&id=1&id_type=cardnumber'
3b. Note that the request is successful
4. Set the 'ILS-DI:AuthorizedIPs' system preference to a subnet including
your IP address (e.g. 192.168.1.0/24)
5. Send a request to '/cgi-bin/koha/ilsdi.pl?service=LookupPatron&id=1&id_type=cardnumber'
5b. Note that the request is successful
6. Set the 'ILS-DI:AuthorizedIPs' system preference to a subnet that doesn't include
your IP address (e.g. 1.1.1)
7. Send a request to '/cgi-bin/koha/ilsdi.pl?service=LookupPatron&id=1&id_type=cardnumber'
7b. Note that your request is refused
8. Try a variety of permutations including bad values (e.g. 192.168.1.) or multiple values
(e.g. 10.0.0.0/8,192.168.1.0/24) or multiple values including a mix of good and bad values
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard 2018-03-16 10:47:47 UTC :
<<
I don't think the system preference adds any security. There are already multiple permissions required for working with plugins:
- Configure plugins
- Manage plugins ( install / uninstall )
- Use report plugins
- Use tool plugins
And even with those permissions your server must be configured to allow the use of plugins.
>>
Test plan :
1) Install kitchen sink plugin https://github.com/bywatersolutions/koha-plugin-kitchen-sink
2) Run misc/devel/install_plugins.pl
3) Set config enable_plugins=1
4) Check all parts of the plugin are working
5) Set config enable_plugins=0
6) Check all parts of the plugin are disabled
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch adds CSRF token support to opac-messaging.pl,
which allows users to manually update their messaging preferences,
but prevents bad actors from tricking people into updating their
preferences from cross-site requests.
Test plan:
0. Set SMSSendDriver global system preference to "Test" if unset
1. Log into the OPAC
2. Navigate to a URL in your browser like the following:
http://localhost:8080/cgi-bin/koha/opac-messaging.pl?modify=yes
&1=email&digest=1&2-DAYS=5&2=email&digest=2&4=email&SMSnumber=0444444444
3. Observe that the preference and SMS number update
4. Apply the patch
5. Navigate to a URL in your browser like the following:
http://localhost:8080/cgi-bin/koha/opac-messaging.pl?modify=yes
&1=email&digest=1&2-DAYS=5&2=email&digest=2&4=email&SMSnumber=0444444444
6. Observe that you get an error message of "Wrong CSRF token" instead
of the previous behaviour
7. Navigate to a URL in your browser like the following:
http://localhost:8080/cgi-bin/koha/opac-messaging.pl
8. Update "Advance notice" to 3 and update "SMS number" to 61111111111
9. Observe that the "Advance notice" and "SMS number" fields update
correctly
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Currently ILSDI scripts do not have a userenv set. This affects both
action_logs and statistics.
For action_logs we either get no user or, if there is an active session, we use that one. This can have unintended consequences and we should explicitly set the env so that system user (0) is recorded
For statistics we need to specify a branch to record for actions like renewals. With bug 24759 we add an items method for this. We should take advantage of this method and use the 'opac' interface as the ilsdi scripts live there.
To test:
1 - Enable ILSDI in systempreferences
2 - Checkout an item to a patron
3 - Enable Renewal logs
4 - Ensure you will be able to renew the item several times
5 - Open an incognito/private browser
6 - Renew item via ilsdi:
http://localhost:8080/cgi-bin/koha/ilsdi.pl?service=RenewLoan&patron_id=5&item_id=1128
7 - Check action logs, interface may be random, user should be 0, if not make sure the user in step 9 is a different one
8 - In private browser open a new tab
9 - Sign in to staff client
10 - Return to other tab
11 - Refresh page to repeat renewal
12 - Check action_logs
13 - The second renewal indicates it was renewed via intranet by logged in staff member
14 - Apply patch
15 - restart_all
16 - Ensure staff client still signed in
17 - Repeate renewal again
18 - Check logs, renewal now indicates opac again (as it should), user is 0 even if logged in on other tab
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patchset moves all code to calculate the correct renewal branch into Koha::Item.pm
When interface is opac we follow the syspref, otherwise we use the current userenv, or pass through
a defined branch
To test:
1 - Check out an item to a patron
2 - Set allowed renewals in the circ rules to 100 (just so you can keep testing)
3 - Renew the item in staff interface, confirm it is recorded correctly in statistics table (as signed in branch)
4 - Renew via the opac, testing with each setting of OpacRenewalbranch
5 - prove -v t/db_dependent/Koha/Item.t
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Should be XSLT::Base now.
Removes old XSLT_Handler stub too (from bug 23290).
Result of a git grep | sed statement.
Test plan:
Run qa tools (so modules compile).
Run t/db_dependent/Breeding.t
Run t/db_dependent/Koha/XSLT/Base.t (This test fails when only this patch
has been applied; see subsequent patch.)
Enable XSLT use on results and details display. Check search results and
detail view on OPAC and staff.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The IDreamBooks service has not seen updates in a long time, so
we should remove the service from Koha as it's no longer operational.
To test:
- Apply patch and run the database update
- Verify that the IDreamBooks related system preferences are gone
- Verify that opac detail pages and result lists still work
as expected
- Run t/db_dependent/UsageStats.t
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
We do no longer need this package, we can use
Koha::Patron::Attribute::Types directly instead.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
There is already a method in Koha::Patron::Attribute to check the
uniqueness constraint, let us it to replace CheckUniqueness
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch replace Koha::Patron->get_extended_attributes with
->extended_attributes
It's now a getter a setter method.
It permits to replace UpdateBorrowerAttribute and use
create_related from DBIx::Class
Notes:
* We face the same variable names difference than in a previous patch
(value vs attribute)
Bug 20443: Remove SetBorrowerAttributes
squash + RM get_extended_attributes
RM get_extended_attributes
SQUASH Bug 20443: Remove UpdateBorrowerAttribute and SetBorrowerAttribute
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The GetBorrowerAttributes subroutine return the attributes for a given
patron.
Using get_extended_attributes we can acchieve it easily. The problematic
here is to restore the method's name (value vs attribute,
value_description vs description of the authorised value, as well as
display_checkout that should not be a method of Attribute, but
Attribute::Type instead)
value_description was used when the attribute types were attached to an
authorised value category. To avoid the necessary test in template and
controller there is now a $attribute->description method that will
display either the attribute's value OR the value of the authorised
value when needed. We should certainly use this one from few other
places.
Notes:
* This patch rename Koha::Patron->attributes with Koha::Patron->get_extended_attributes.
It will be renamed with Koha::Patron->extended_attributes in ones of the next
patches when it will become a setter as well.
* GetBorrowerAttributes did not care about the library limits, we still
do not
* The opac_only flag was not used outside of test, we drop it off.
* To maintain the existing behavior we add a default order-by clause to
the search method [code, attribute]
* From C4::Letters::_parseletter we always display the staff description
of the AV, There is now a FIXME to warn about it
* FIXMEs are not regressions, existing behaviors must be kept
* TODO add a new check to bug 21010 to search for inconsistencies in
patron's attributes attached to non-existent authorised values
* One test has been updated in Modifications.t, order_by is now
by default set to ['code', 'attribute']
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
We want to retrieve a specific patron's attribute for a given patron.
We then add a new method to Koha::Patron.
This patch add a getter method ->get_extended_attribute_value
to use the DBIx::Class relation
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Same as previously for methods that have been added by bug 17792.
It's better to be explicite and tell we are fetch the related attribute's type
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Especially line 500 (current master).
Use of uninitialized value $new_data{"sort2"} in string eq at /usr/share/koha/opac/opac-memberentry.pl line 500.
Use of uninitialized value in string eq at /usr/share/koha/opac/opac-memberentry.pl line 500.
Simple fix, not completely trivial due to adding xor ;)
Test plan:
Do not apply, update from opac memberentry. Check warns in log.
Apply patch, update again. Less warns?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch makes the opac/svc/report script use output_with_http_headers
so it sets the Access-Control-Allow-Origin header.
To test:
1. Create a new public report and remember the report id
2. Use your favourite too to fetch the report in JSON by issuing:
GET http://localhost:8080/cgi-bin/koha/svc/report?id=1
=> FAIL: There is no Access-Control-Allow-Origin header
3. Apply this patch
4. Restart Plack
$ sudo koha-plack --restart kohadev
5. Set the AccessControlAllowOrigin to anything (for example,
https://koha-community.org)
6. Repeat 2
=> SUCCESS: On the response headers you find
Access-Control-Allow-Origin: https://koha-community.org
7. Sign off :-D
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
To test:
1) Set maxoutstanding syspref to 5
2) Create a manual invoice for a borrower for $6
3) Log in to the OPAC as this borrower
4) Go to opac-user.pl, your summary page
5) Confirm there is a warning box explaining that the borrower is
blocked from holds due to fines
6) Back on the staff side, pay some or all of the borrower's fines so
they are no longer over the max outstanding amount
7) Refresh the summary page in the OPAC and confirm the warning is gone
Sponsored-by: Catalyst IT
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
The method has been renamed in the previous bug report.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch updates the controller and service code to use the newly
introduced 'get_effective_email' routine from bug 22823 to obtain the
branches most appropriate email address.
Signed-off-by: Myka Kennedy Stephens <mkstephens@lancasterseminary.edu>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch updates the issue notices to not pass from_address and so
default to the branch email of the user for from_address. We now pass
the patrons email (cascading through email, emailpro, B_email) into the
reply_address field so mail servers are less likely to report emails as
spam and mail clients still have access to the patron address via the
reply-to header when staff want to hit 'reply' and have the email go to
the user.
Signed-off-by: Myka Kennedy Stephens <mkstephens@lancasterseminary.edu>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
test plan :
1/ Submit a hold through ILSDI with start_date and expiry_date parameters
2/ Verify in Koha those parameters are not applied to the newly created
reserve. Delete reserve.
3/ Apply patch and repeat 1.
4/ Verify the reserve created by same request as 1 now has both dates
applied and visible in Koha.
Signed-off-by: Christophe Croullebois <christophe.croullebois@biblibre.com>
Signed-off-by: Arthur Suzuki <arthur.suzuki@biblibre.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This patch standardises the encoding name used in direct calls
to new_from_xml() to 'UTF-8' instead of 'utf8' or 'utf-8'.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
A few additional cases were introduced since the original bug was
authored. This patch simply catches those cases and makes the same
change.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 14407 introduced a new system preference to allow limiting the
online self checkout system to an IP or IP Range. The function that
handles this is called in_ipset, which is the name of a linux tool. To
stop confusion, this patch renames the function to 'in_iprange', and the
variable 'ipset' within it to 'iprange'.
To test, follow the test plans outlined in Bug 14407 and confirm that
everything works as expected.
Sponsored-by: Catalyst IT
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
