When uploading new quotes the JS variables are not escaped correctly.
Test plan:
Create a new file with the following content (remove the first and last lines containing """):
"""
":this is a source","this is a text"
"this is another ❤one","and another text❤"
"this <script>alert('foo');</script>","and <script>alert('❤');</script>"
"""
Go to Home › Tools › Quote editor
Click Import quote
Select the file
Edit the third line, hit enter
Import quotes
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Fix test
t/db_dependent/Auth_with_ldap.t .. 1/4
# Failed test 'use C4::Auth_with_ldap;'
# at t/db_dependent/Auth_with_ldap.t line 123.
# Tried to use 'C4::Auth_with_ldap'.
# Error: No ldapserver "id="ldapserver"" defined in KOHA_CONF: /etc/koha/sites/kohadev/koha-conf.xml at /kohadevbox/koha/C4/Auth_with_ldap.pm line 55.
# Compilation failed in require at t/db_dependent/Auth_with_ldap.t line 123.
# BEGIN failed--compilation aborted at t/db_dependent/Auth_with_ldap.t line 123.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This does not test bug 28385 directly but 28278 instead.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 28278 removed usage of XML::Simple which had side-affect that
C4::Context->config("ldapserver") returns one more level of hash
based on id of element, so ldap configuration was no longer
available generating error in log:
No ldapserver "hostname" defined in KOHA_CONF: /etc/koha/sites/srvgit/koha-conf.xml
which is very confusing since hostname is there, but we are looking
at wrong place for it.
== Test plan ==
1. Setup an LDAP server with users or use a public one
See https://wiki.koha-community.org/wiki/Ldap_testing
2. Configure Koha to use it, see example config above
3. Go to OPAC
4. Koha doesn't compile due to LDAP config not parsed correctly
5. Apply the patch
6. Koha compiles and page loads
7. Log in successfully with one of the LDAP users
8. Bonus: Try to log-in with a wrong username & a good password and
vice-versa
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The way labels are used with RedDoc, we need to tidy them better. We
should do it with all the routes, but this one is specially noisy on the
UI.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This is an example of what will be regenerated.
It will need to be regenerated once it will be pushed
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
They were in dev_map.yaml, we are cheating with the <sponsor> email but
it seems to work fine in my tests
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The "developer" lines of history.txt will be regenerated using the git
history so we need to add this as a separate info.
See the release_tools changes for more info
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Needs to match .mailmap
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Need to match .mailmap
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Need to match .mailmap
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Those 3 authors are not in the git history, we should remove them from
the author list.
However we could re-add them to the contributor list with a note saying
for instance they were part of the Catalyst Academy (need to double
check that first)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Those are not real authors and should be removed from the
contributors.yaml file
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Again, we need to adjust our .mailmap
This time the goal is the use it in place of the dev_map.yaml we have in
the release tools.
This will be generated for the release notes, history.txt and
contributors.yaml file
This can be tested using:
git check-mailmap "author <email>"
For instance:
git check-mailmap "Wrong name <jonathan.druart@bugs.koha-community.org>"
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch restores the PUT route, but adding a deprecation message. The
controller method is the same, and relevant patch tests are duplicated
but calling PUT, so it still gets tested.
To test:
1. Apply this patch
2. Reload plack
3. Open https://<>/api/v1/.html and find the PUT /holds/{hold_id} route
=> SUCCESS: There's a deprecation wargning!
4. Run:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch performs a cleanup on the holds routes:
- It adds additionalProperties: false to all missing routes
- It syncs the spec with the guidelines
- additionalProperties: false highlighted some attributes read in the
controlled weren't declared on the spec, adding them
- PUT /holds/:hold_id is moved to PATCH, as it makes more sense and
gathered opinions lean towards that
To test:
1. Apply the tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Lots of things are wrong with the API
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This response codes are not actually used.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch rewrites the tests, and also doesn't enforce
additionalProperties to be false. We could need it, and there are routes
that need to be reviewed that would break otherwise now: error.json, for
example, is used everywhere, and some routes add some payload to it.
The main change this patch introduces is using the resolved spec instead
of finding each .json file, which wasn't even correct as we have .yaml
files already. Parameters and responses are tested.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove xt/api.t
=> SUCCESS: Tests fail! A nice report on the failures is printed
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds missing attribute to the object definitions in the spec.
We wrongly supposed it was the default, but it proved not.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1
=> SUCCESS: Tests pass, nothing breaks!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the route follow the coding guidelines and thus:
- Return the generated object
- Use the status code 201 for the response
To test:
1. Apply the tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons_accounts.t
=> FAIL: Tests fail. The reponse body and status is incorrect
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
to test...
1/ build package
2/ install package on focal
3/ check that libcgi-compile-perl 0.24 is not installed
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch introduces validation on the new pickup locations column.
This way, if a selected title doesn't have a pickup location set, it
will prevent form submission and a suitable error message will pop-up.
To test:
1. Apply this patch
2. Attempt to place multi-title level holds
3. Make sure some selected titles don't have the pickup location set
4. Submit
=> SUCCESS: Form submission halts, an idiomatic error message shows.
5. Unselect all biblios and repeat 4
=> SUCCESS: You are not allowed to proceed, a message is displayed.
6. Have all selected titles set a pickup location, submit
=> SUCCESS: Holds are placed as they should.
7. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the multi-hold page offer only valid pickup locations
for the selected biblios. Prior to this, all system-wide pickup
locations were offered.
To test:
1. Set 'Hold pickup library match' to 'Item's home branch' so we put a
constraint on the valid pickup locations for easier testing.
2. Choose two or more biblios from a search, which contain in total 2
or 3 item home branches.
3. Click 'Place hold'
4. Choose a patron
=> FAIL: The dropdown offers all system's pickup locations
5. Apply this patches
6. Reload the page
=> SUCCESS: Only valid pickup locations are offered
7. Sign off :-D
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
https://bugs.koha-community.org/show_bug.cgi?id=26273
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch removes code and markup related to an autocomplete input
field in the overdues report filter. The autocomplete was intended
to enable easy entry of patron attributes, but it's simpler to use a
Select2-styled <select>
The patch removes circ/ypattrodue-attr-search-authvalue.pl, which was
only used on this page and is now obsolete.
To test, apply the patch and create at least one patron attribute type
which is linked to an authorized value:
- Administration -> Authorized values -> New category
- Create a new category to test with
- Add multiple authorized values under this category
- Administration -> Patron attribute types -> New patron attribute
type.
- Create an attribute which is linked to the authorized value
category you created AND which is marked "Searchable."
- Go to Circulation -> Overdues.
- In the sidebar filter you should see your patron attribute as an
option, styled as a Select2 dropdown.
- Clicking the dropdown should trigger a list of the authorized
values you created above.
- Test that the search field at the top of the list works correctly
to filter the results.
- Test that any repeatable attribute field can be cloned by clicking
the "Add" link, and that cloned fields can be removed using the
"Delete" links.
- Test that cloned fields remain in place after submitting the fitler
form, and that any selected entry in a Select2 widget is
preselected.
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The embeddable 'manager' relation field was missing from the
specification file and as such calls using this embed would result in a
500 error since we introduced 'additionalProperties: false'.
Test plan
1/ Enable 'UseCashRegisters'
2/ Navigate to the register details page
3/ Inspect the network traffic and note a 500 error on the cashups api
call
4/ Apply the patch
5/ The 500 should have gone away and been replaced with an empty
resultset 200 page.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
to test...
1/ build package
2/ install package on focal
3/ check that libcgi-compile-perl 0.24 is not installed
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The odd row lowlighting stripe effect added to datatales wasn't
accounting for classes introduced by the rowGroup plugin to denote
grouping header rows. This patch adds the required exclusion rule to
properly highlight rowGroup grouping rows.
Test plan
1/ Enable POS
2/ Create a register and make some transactions.
3/ Have both debits and credits
4/ Have some older tranactions so you can look at the past_sales table.
5/ Apply patch and regenerate the staff CSS:
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_interface)
6/ Look at the sales and past_sales table.
7/ Make sure each row header is the darker shade of gray (#e0e0e0)
7a/ You will need to have made some transactions with even and odd
numbers of items in the sale highlight the problem before applying the
patch
7b/ The rowGroup plugin is also used for the checkouts table and
this patch should also fix that case.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This looks like just an assumption that the $item variable was an object
Correct the code to use $item_object
To test:
1 - perl misc/cronjobs/delete_items.pl -where="barcode LIKE '%8'" --commit --verbose
2 - Can't call method "safe_delete" on unblessed reference at /usr/share/koha/bin/cronjobs/delete_items.pl line 67.
3 - Apply patch
4 - Repeat
5 - Success! You deleted a bunch of items
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This was causing extra warnings when the permanent_location field was
unmapped.
We only need to check if there is a field defined as you can define a mapping
without both a field and subfield, so the existence of one implies the other
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
By always passing permenent location from the items editor, we can know
if permanent location was defined in the framework. This means we can
know if we should update permanent location independently of location
even if permenent location has an empty value.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
If permanent location is mapped, it will exist in the MARC.
However, when we are transforming our item hash to MARC,
we are losing our permanent location mapping, at least in unit tests.
By checking the original MARC for the permenent location, we remove the
risk of losing it the "empty" permenent location through the
transformation process. We only need to know that it existed in the
original item marc to know we need to update it in the database.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>