Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
If the passed credentials are wrong, we shouldn't expose things like the
password is expired.
This patch takes care of that.
To test:
1. Have a known patron with password_expiration_date set so its
password is expired. Can be done like:
$ koha-mysql kohadev
> UPDATE borrowers \
SET password_expiration_date='2022-04-25' \
WHERE borrowernumber=132;
Note: change the borrowernumber
2. Attempt to login to the OPAC with wrong credentials
=> SUCCESS: You are rejected, with a message telling credentials are
wrong
=> FAIL: You are told the password is expired.
3. Apply this patch and restart Plack
4. Repeat 2
=> SUCCESS: You are rejected, credentials are wrong and no mention to
password being expired.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds the ability to define password_expiry_days for a patron
category.
When defined a patron's password will expire after X days and they will
be required to reset their password. If OPAC resets are enabled for the
catgeory they may do so on their own, otherwise they will need to
contact the library
To test:
1 - Apply patch, updatedatabase
2 - Set 'Password expiration' for a patron category
Home-> Administration-> Patron categories-> Edit
3 - Create a new patron in this category with a userid/password set,
and an email
4 - Confirm their password_expiration_date field is set
SELECT password_expiration_date FROM borrowers WHERE borrowernumber=51;
5 - Create a new patron, do not set a password
6 - Confirm their password_expiration_date field is NULL
7 - Update the patron with an expiration to be expired
UPDATE borrowers SET password_expiration_date='2022-01-01' WHERE borrowernumber=51;
8 - Give the borrower catalogue permission
9 - Attempt to log in to Straff interface
10 - Confirm you are signed out and notified that password must be
reset
11 - Attempt to sign in to OPAC
12 - Confirm you are signed out and notified password must be reset
13 - Enable password reset for the patron's category and perform a
password reset
Note: you will have to find the link in the message_queue unless
you have emails setup on your test environment
SELECT * FROM message_queue WHERE borrowernumber=51;
14 - Confirm that you can now sign in and password_expiration_date field
is set 10 days in the future
15 - Expire the patron's password again
16 - Change the patron's password via the staff interface
17 - Confirm they can sign in and the expiration is updated
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a new option to the SIP config, allowing for hold
capture to be disabled on difference devices. We still notice the hold
and alert the user, but we do not trigger the update in the system to
mark the hold as found (waiting, processing or in transit).
Sponsored-by: Cheshire Libraries Shared Services
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When using the batch record modification tool to modify several
bibliographic records, we don't want to send one index request per
biblio, we want to index them all on the fly after the records have been
modified.
Otherwise we will end up with one task per record, and records will be
indexed in background.
Test plan:
Use the batch mod tool to modify bibliographic records and confirm the
behaviour is correct.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Same as bug 30465 for authorities
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Same as bug 30460 for authorities
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1 - Place 3 holds on a bib with a single item
2 - Confirm bib shows in holds queue
3 - Check in item and cnofirm hold
4 - Bib is no longer in queue
5 - Revert the waiting status
6 - The hold is in the queue again
7 - Move top hold to bottom
8 - Confirm queue selects hold for new top priorty patron
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
I suppose this is similar to circular dependency on other patch
HoldsQueue uses Circulation uses BatchUpdateBiblioHoldsQueueuse HoldsQueue
Without this the background job builds the queue, but reports failure:
Holds queue for biblio The Jacobite clans of the Great Glen, 1650-1784 /. An error occurred (Undefined subroutine &C4::HoldsQueue::GetTransfers called at /kohadevbox/koha/C4/HoldsQueue.pm line 351. )
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch deals with the fact that high-level circualtion methods like
`AddIssue`, `AddReturn` and `ModDateLastSeen` all eventually call
lower-level methods like ModBiblio, Koha::Item->store of
UpdateTotalIssues which are expected to trigger holds queue updates (for
the object CRUD operations use cases). As the circulation methods need
to trigger holds queue update as well, duplicate updates were being
requested which is suboptimal, of course.
In order to prevent this, and because circulation methdos could trigger
holds queue updates several times, actually, I added a new parameter
*skip_holds_queue* to the low-level methods, so when they are called
from circulation, the trigger is skipped and we have greater control on
when and how holds queue updates are scheduled.
This patch introduces the `skip_holds_queue` parameter to the following
methods:
* C4::Biblio::ModBiblio
* C4::Biblio::UpdateTotalIssues
* Koha::Item->store
Calls to those methods from the following methods will include the new
parameter, and thus duplicated holds queue updates avoided:
* C4::Circulation::AddIssue
* C4::Circulation::AddReturn
* C4::Items::ModDateLastSeen
Tests are added, to verify that the (mocked) BatchUpdateBiblioHoldsQueue
task is only scheduled once when they are called.
To test:
1. Apply up to the previous patch
2. Run:
$ kshell
k$ prove t/db_dependent/Biblio.t \
t/db_dependent/Biblio_holdsqueue.t \
t/db_dependent/Circulation_holdsqueue.t
=> FAIL: Tests fail!
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds the trigger for the holds queue update on teh following
methods:
- C4::Biblio::DelBiblio
- C4::Biblio::ModBiblio
The ModBiblio use case could be improved by checking if itemtype is one
of the updated attributes... but it felt there was no way to do it
without some overhead. So I leave it as-is.
It also mocks the ->enqueue method in the tests that call DelBiblio and
ModBiblio to avoid breakages [1]
Tests are added to check the trigger is called.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Biblio.t
=> SUCCESS: Tests pass! It means the trigger is triggered :-D
3. Sign off :-D
[1] This breakages could be avoided if we solve Koha/BackgrounJob.pm:101
FIXME.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch introduces triggers for real-time updating the holds queue at
check out and check in.
The following high-level methods are involved:
- C4::Circulation::AddIssue
- C4::Circulation::AddReturn
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Circulation_holdsqueue.t
=> SUCCESS: Tests pass! Triggers are triggered
3. Sign off :-D
Note: I put the tests on a separate file because the other one was too
big already.
Sponsored-by: Montgomery County Public Libraries
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes several holds related actions schedule the background
job for real-time update of the holds queue.
This actions are:
- place (C4::Reserves::AddReserve)
- fill (Koha::Hold->fill)
- cancel (Koha::Hold->cancel)
- suspend (Koha::Hold->suspend)
- resume (Koha::Hold->resume)
The cancel() action is added a *skip_holds_queue* parameter to skip
triggering the background job entirely. It targets cases like
C4::Biblio::DelBiblio in which all biblio holds are cancelled in a loop.
In that case, we just want to cancel them and let a single backgroung
job take care of the holds queue, once the biblio is deleted.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Hold.t \
t/db_dependent/Reserves.t
=> SUCCESS: Tests pass! Triggers are triggered
3. Sign off :-D
Sponsored-by: Montgomery County Public Libraries
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The CreateQueue() method deletes the holds queue data, fetches some
configuration (branches to use, transport cost matrix) and then loops
through a list of biblionumbers, generating the tmp_holdsqueue and
hold_fill_targets rows for the specified biblio.
This patch simply moves that last bit that is run inside the biblios
loop into a separate sub.
The update_queue_for_biblio sub is designed so it does the exact same
thing it did inside the loop, but also gets added the capability of
querying those parameters if not passed, and it also gets a 'delete'
parameter so it deletes the biblio-specific holds queue rows before
starting to work.
This way, it can be reused to write a background job for real-time holds
queue update :-D
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/HoldsQueue.t
=> SUCCESS: Tests pass!
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests still pass! Behavior is kept!
4. Sign off :-D
Sponsored-by: Montgomery County Public Libraries
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a new 'after_hold_action' hook, that is called with the
'placed' action parameter.
To test:
1. Apply the unit tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Plugins/Holds_hooks.t
=> FAIL: Boo, the hook is not called
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds an 'info' return param to CanBookBeRenewed and passes
the soonest renewal date when returning too_soon errors
To test:
1 - prove -v t/db_dependent/Circulation.t
Fix whitespace
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
GetSoonestRenewDate() calculates the renewal due date now also
correctly for auto-renewals after the fixes from bug 29476 so we don't
have to add any if-else checks because of it being buggy anymore.
To test:
1) prove t/db_dependent/Circulation.t
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Previously the sorting took 'chosen' into account and would move a selected match to the
top on next load - it is better to preserve the same sorting every time
When loading matches the 'cehcked' variable was not being cleared, so multiple matches were
being marked 'checked="checked"'. Fixing this ensures the correct record displays as chosen
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Ben Daeuber <bdaeuber@cityoffargo.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patchset adds the display of all matches found during import to the import management screen
A staff member with the permission to manage batches will be able to select for any individual record which match, or none, should be used during import
To test:
1 - Import a batch of records or export existing records from your catalog
2 - Import the file (again) and select a matching rule that will find matches
3 - Note that you now have radio buttons allowing you to select a record, or none
4 - Test scenarios:
I - When 'Action if matching record found' is 'Ignore'
a - Imported record ignored if match is selected
b - 'Action if no match found' followed if no match is selected (Ignore matches)
II - When 'Action if matching record found' is 'Replace'
a - The chosen record is the one overlayed (you can edit the chosen record before importing to confirm)
b - 'Action if no match found' followed if no match is selected (Ignore matches)
III - When 'Action if matching record found' is 'Add incoming record'
a - Record is added regardless of matches
5 - Confirm 'Diff' 'View' links work as expected
6 - Confirm that after records are imported the radio buttons to choose are disabled
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Bug 22785: API files
Signed-off-by: Ben Daeuber <bdaeuber@cityoffargo.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Also adding a similar comment in C4::Installer.
No test plan, just documentation.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Disable the possibility for a borrower to cancel a reservation
which is either in a Transit or Waiting state.
This reproduce the behaviour seen on the OPAC.
Also replaces previous checks on the borrowernumber
since CanReserveBeCanceledFromOpac already checks this.
--------------------------------
Test plan (before patch) :
-Put a reserve for a borrower
-Try to cancel the reserve providing another borrowernumber as argument
-> Should fail and reply "RecordNotFound"
-> Reserve still appears in the list of holds.
-Try to cancel the reserve providing the borrowernumber the reserve is
for.
-> Should succeed, reply with "Canceled"
-> Reserve do not show up in the list of holds for the borrower
-Put a new reserve with a pickup branch != from the homebranch
-Transfer the item to the pickup branch (reserve status = Transit)
-Try to cancel the reserve (with proper borrowernumber)
-> Should succeed, reply with "Canceled"
-> Reserve do not show up in the list of holds for the borrower
-Checkout the reserved item in the pickup branch (reserve status =
Waiting)
-Try to cancel the reserve (with proper borrowernumber)
-> Should succeed, reply with "Canceled"
-> Reserve do not show up in the list of holds for the borrower
--------------------------------
Test plan (after patch) :
-Put a reserve for a borrower
-Try to cancel the reserve providing another borrowernumber as argument
-> Should fail and reply "BorrowerCannotCancelHold"
-> Reserve still appears in the list of holds.
-Try to cancel the reserve providing the borrowernumber the reserve is
for.
-> Should succeed, reply with "Canceled"
-> Reserve do not show up in the list of holds for the borrower
-Put a new reserve with a pickup branch != from the homebranch
-Transfer the item to the pickup branch (reserve status = Transit)
-Try to cancel the reserve (with proper borrowernumber)
-> Should fail and reply "BorrowerCannotCancelHold"
-> Reserve still appears in the list of holds.
-Checkout the reserved item in the pickup branch (reserve status =
Waiting)
-Try to cancel the reserve (with proper borrowernumber)
-> Should fail and reply "BorrowerCannotCancelHold"
-> Reserve still appears in the list of holds.
Signed-off-by: Laurence Rault <laurence.rault@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
When using the ./misc/cronjobs/automatic_item_modification_by_age.pl -v
after setting up rules under Tools > Automatic item modifications by
age the script outputs several lines of warnings:
Use of uninitialized value in string eq at /kohadevbox/koha/C4/Items.pm
line 1864.
This is because even when there is no condition defined, modification
rule is stored with empty hash, like :
[{"substitutions":[{"field":"items.new_status","value":"0"}],"conditions":[{}],"age":"60","agefield":"items.dateaccessioned"}]
Test plan :
1) Go to Tools > Automatic item modifications by age
2) Create a rule with no conditions, just a substitution
3) Run misc/cronjobs/automatic_item_modification_by_age.pl -v
4) Check there is no warning
5) Edit the rule to add a condition
6) Run misc/cronjobs/automatic_item_modification_by_age.pl -v
7) Check the condition is applied
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adjusts the template/profiles to use the default of '0'
This should probably be NULL, and the columns foreign keys, this code
could use a further rewrite, but this should fix a long standing bug
To test:
1 - Using the fresh install, with all the sample data.
2 - Go to Home › Tools › Patron card creator › Templates
3 - New > Card template
4 - Save
5 - Error: DBD::mysql::st execute failed: Incorrect integer value: '' for column 'profile_id' at row 1
6 - Edit an existing template
7 - Save
8 - Error: Can't bless non-reference value at /kohadevbox/koha/C4/Creators/Profile.pm line 89
9 - Create a new 'Printer profile'
10 - Save
11 - Error: DBD::mysql::st execute failed: Incorrect integer value: '' for column 'template_id' at row 1
12 - Apply the attached patch.
13 - Verify you can create a new 'Card template' and 'Printer profile' with no errors
14 - Verify you can edit and save both of the newly created objects above
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This just adds a top level set of POD headings to make the QA script
happy
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We already have 2 tables that are configurable, on acqui/basket and
reports/orders_by_budget.
This patch is modifying a bit the existing code to transfer the
responsability/logic to the KohaTable constructor instead of the
template that is creating the object.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch updates the searchResuls code to pass through the pre-constructed branches and itemtype lookups
to XSLTParse4Display to avoid repeating this
It also updates getAuthorisedValues4MARCSubfields to fetch the values for mapped subfields and pass
then through to transforMarc4XSLT
Note that we currently blank invalid branches and itemtypes - I presrve this, we should open another bug
if we want to change this behaviour
Changes are covered by tests
To test:
1 - Perform searches in OPAC and staff client that return many records
2 - Use the 'Network' tab on the browser console (opened with F12 usually) to see the time taken
3 - Note the speed before the patch
4 - Apply patch
5 - restart all the things
6 - Note improvement in speed
**Note: The improvement is more drastic the more items per record, try adding large numbers of items to your search results to test**
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch removes a trivial warning caused by a parameter being
compared to a literal but not being defined. Doing a
$ git grep GetTagsLabels
shows the change is safe as the function is always called with a value
of either 0 or 1.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patchset introduces the Two-factor authentication (2FA) idea in
Koha.
It is far for complete, and only implement one way of doing it, but at
least it's a first step.
The idea here is to offer the librarian user the ability to
enable/disable 2FA when logging in to Koha.
It will use time-based, one-time passwords (TOTP) as the second factor,
an application to handle that will be required.
https://en.wikipedia.org/wiki/Time-based_One-Time_Password
More developements are possible on top of this:
* Send a notice (sms or email) with the code
* Force 2FA for librarians
* Implementation for OPAC
* WebAuthn, FIDO2, etc. - https://fidoalliance.org/category/intro-fido/
Test plan:
0.
a. % apt install -y libauth-googleauth-perl && updatedatabase && restart_all
b. To test this you will need an app to generate the TOTP token, you can
use FreeOTP that is open source and easy to use.
1. Turn on TwoFactorAuthentication
2. Go to your account, click 'More' > 'Manage Two-Factor authentication'
3. Click Enable, scan the QR code with the app, insert the pin code and
register
4. Your account now requires 2FA to login!
5. Notice that you can browse until you logout
6. Logout
7. Enter the credential and the pincode provided by the app
8. Logout
9. Enter the credential, no pincode
10. Confirm that you are stuck on the second auth form (ie. you cannot
access other Koha pages)
11. Click logout => First login form
12. Enter the credential and the pincode provided by the app
Sponsored-by: Orex Digital
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1. Make some new serial subscriptions and connect them to biblios that contain subtitles.
2. Do a serial search that will return your newly created subscription.
3. Notice the subtitle doesn't appear.
4. Apply patch and restart_all
5. Again try step 2.
6. Notice the subtitle appears alongside the title now.
7. Make sure it still sorts that column correctly.
Signed-off-by: shiyao <shiyao@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
To test:
1. Make some new serial subscriptions and connect them to biblios that contain subtitles.
2. Do a serial search that will return your newly created subscription.
3. Click on one of those subscription to be taken to the subscription detail page.
4. Look at the main heading (h1) and the "Biblio:" line. Notice there is no subtitle in either place
5. Apply patch, restart_all, and reload the subscription detail page.
6. You should now see the subtitle on both the main heading (h1) and on the 'Biblio:' line.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Some libraries have certain patron categories that can only do in house checkouts via SIP self check machines.
In these cases, the items should not be demagnetized since the items cannot leave the library.
Test Plan:
1) Apply this patch
2) prove t/db_dependent/SIP/Message.t
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch replaces the AutoEmailOpacUser system preference with a new
AutoEmailNewUser preference. This makes the functionof the preference
clearer.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The error pages wrote a HTTP status code of 200 for all PSGI requests, even
though it should have only done it for PSGI requests from the ErrorDocument
middleware. This patch fixes that.
0) Do not apply patch
1) Open F12 dev tools and go to Network tab
2) Go to http://localhost:8081/files/blah
3) Note that the webpage is a 404 error but HTTP status code is 200
4) Go to http://localhost:8081/cgi-bin/koha/circ/blah
5) Note that the webpage is a 404 error and HTTP status code is 404
6) Apply patch
7) Go to http://localhost:8081/files/blah
8) Note that the webpage is a 404 error and HTTP status code is 404
9) Go to http://localhost:8081/cgi-bin/koha/circ/blah
10) Note that the webpage is a 404 error and HTTP status code is 404
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Currently, on SIP checkout, Koha only returns "Patron Blocked" when there is
a problem with the patron.
This patch adds more specific informations, with the following messages:
- "Patron expired"
- "Patron debarred"
- "Patron has fines" (see system preference "noissuescharge")
- "Patron blocked" (see system preference "OverduesBlockCirc")
Test plan:
- Try to do a SIP checkout with a patron that is in one of the above situations.
- Check that the displayed message matches the patron's situation.
Signed-off-by: Sonia <sonia.bouis@univ-lyon3.fr>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch adds a few tests to cover more cases, and to highlight current functionality.
The script only allows renewal if all outstanding holds can be filled by available items.
This means we can return as soon as we have determined that not all holds can be filled.
I add FIXME and some explanatory comments - I will file a follow-up bug for those, but
I feel we can accept these improvements to the performance and deal with the issues
of how it 'should' work versus how it does work on another report.
To test:
1 - prove -v t/db_dependent/Circulation.t
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
ItemsAnyAvailableAndNotRestricted can take a long time and create nested loops.
We can check it once per patron, however, this requires us to flip the loops.
Since an item can only be used once, we now add a check to see if this item has already
been assigned to a borrower.
To test:
1 - Find or create a biblio with 100 items
2 - Place ten 'Next available' holds on a biblio
3 - Set preference 'AllowRenewalIfOtherItemsAvailable' to 'Allow'
Set circ rules 'On shelf holds allowed' to 'If any unavailable'
4 - Checkout one of the items to a patron, backdated to be overdue
5 - Note a long loading time for the patron's checkouts
6 - Apply patch, restart_all
7 - Patron loads much faster
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch modifies the way Koha sets cookies so that the "sameSite"
attribute is explicitly set to "Lax." This option is chosen because it
is the value which is currently assumed by browsers when the sameSite
attribute is not set.
To test, apply the patch and restart services.
- Log in to the staff interface and open your browser's developer tools.
- In Firefox, look for a "Storage" tab.
- In Chrome, look for an "Application" tab.
- Under "Cookies," click the URL of the staff interface.
- You should see all the cookies which are set for that domain.
- The CGISESSID cookie should have sameSite set to "Lax."
- Go to Cataloging -> New record.
- Check the "marcdocs" and "marctags" cookies.
- Switch to the Advanced MARC editor (you may need to enable
theEnableAdvancedCatalogingEditor preference).
- Check the "catalogue_editor" cookie.
- Add a new item to an existing bibliographic record.
- Check the "LastCreatedItem" cookie which is set after you save the
new item.
- Go to Authorities -> Authority search.
- In authority search results, click "Merge" from the "Actions" menu
next to one of the results..
- Check the "auth_to_merge" cookie.
- Go to Administration -> MARC bibliographic framework
- Choose "MARC structure" from the menu corresponding to one of the
frameworks.
- Check the "Display only used tags/subfields" checkbox.
- Check the "marctagstructure_selectdisplay" cookie.
- Go to Circulation -> Check out to a patron with checkouts.
- Check the "Always show checkouts immediately" checkbox.
- Check the "issues-table-load-immediately-circulation" cookie.
- Go to Tools -> Patron clubs. You will need at least one active club
with one or more patrons enrolled.
- From the list of clubs, click Actions -> Search to hold.
- Check the "holdforclub" cookie.
- Go to Tools -> Batch item modification and submit a batch of items.
- Uncheck one or more checkboxes in the "Show/hide columns" area.
- Check the "showColumns" cookie.
- View a patron -> Search to hold.
- Check the 'holdfor' cookie.
- With WebBasedSelfCheck enabled, log in to the self-checkout page.
- Check the "JWT" cookie.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Some discovery tools can't translate ISL-DI results, it would be useful
if we can get ISL-DI output already translate.
This patch add an optional parameter language to GetAvailability, and
make GetAvailability results translatable.
If no parameter is given the output language is the language of the
cookies is present or the first language in the opac language list.
Test plan:
1. Enable the ILS-DI system preference
2. Locate a record
3. Test these URLs:
[OPACBASEURL]/cgi-bin/koha/ilsdi.pl?service=GetAvailability&id=[BIBLIONUMBER]&id_type=biblio
and
[OPACBASEURL]/cgi-bin/koha/ilsdi.pl?service=GetAvailability&id=[ITEMNUMBER]&id_type=item
(Where the [OPACBASEURL] is the OPAC URL of your test instance,
[BIBLIONUMBER] and [ITEMNUMBER] are a record number and item number of
your choice.)
4. Apply the patch
5. Test these URLs:
[OPACBASEURL]/cgi-bin/koha/ilsdi.pl?service=GetAvailability&id=[BIBLIONUMBER]&id_type=biblio&language=[LANGUAGE]
and
[OPACBASEURL]/cgi-bin/koha/ilsdi.pl?service=GetAvailability&id=[ITEMNUMBER]&id_type=item&language=[LANGUAGE]
(Where the [OPACBASEURL] is the OPAC URL of your test instance,
[BIBLIONUMBER] and [ITEMNUMBER] are a record number and item number of
your choice, [LANGUAGE] is a language code ex: 'en' or 'fr-FR')
6. The results should now be in the requested langugage
Sponsored-by: University Lyon 3
Signed-off-by: Sonia <sonia.bouis@univ-lyon3.fr>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The cookie created on L1496 is useless, since it is not returned.
We could either remove the cookie creation (unchanged behavior).
But since check_api_auth is expected to return a cookie when it is ok,
I opt for returning the cookie here (corrected behavior).
Test plan:
Logout in staff.
Check on staff: /cgi-bin/koha/svc/localization?id=1
You should have a 400 response.
Login with staff credentials (incl. manage_itemtypes)
Revisit same URL.
You should see a JSON response.
Check if you can hit other staff pages.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
We can now use $cookie_mgr->replace_in_list instead. This
effectively removes duplicates and keeps the newest cookie.
Note: In the test plan below we are just verifying if
this patch did not change behavior. The replace_in_list
routine has been tested already in a unit test.
Test plan:
Run t/db_dependent/Auth.t
Login at OPAC.
Hit some opac and staff pages.
Perform an Advanced search on OPAC.
Check cookies in browser.
Logout.
Check cookies again. Verify with your do_not_remove_cookie lines
in koha-conf.xml.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
