Commit graph

50649 commits

Author SHA1 Message Date
f4b47321f4
Bug 29145: DBRev 23.06.00.027
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:45 -04:00
db5e08c6a6
Bug 29145: (QA follow-up) Add +x to atomicupdate file
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:44 -04:00
855a18f8ab
Bug 29145: (QA follow-up) Fix tests removing 'unblessed'
This fixes issues with the tests caused by:
Bug 32496: Reduce unnecessary unblessings of objects in Circulation.pm

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:44 -04:00
51ec5d8a62
Bug 29145: Perltidy files and added code
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:43 -04:00
da81704cf2
Bug 29145: Replace GetDebarments in unit tests
GetDebarments was removed and replaced by $patron->restrictions.
The tests needed some adjustments to reflect that change.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:42 -04:00
388762ae0b
Bug 29145: (QA follow-up) Remove debugging line
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:42 -04:00
67bcdeed28
Bug 29145: (QA follow-up) Use objects instead of straight SQL queries
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:41 -04:00
91ecb7405e
Bug 29145: (QA follow-up) Rename has_debarring_overdues to has_restricting_overdues
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:41 -04:00
56d1ff05ff
Bug 29145: (QA follow-up) Fix typo
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:40 -04:00
David Gustafsson
12a6d4d4ba
Bug 29145: (QA follow-up) Add missing POD and don't return undef
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:39 -04:00
Katrin Fischer
0a66a4879a
Bug 29145: (QA follow-up) Fix missing bug number in database update and typos
Fixes some typos in test and update message that were highlighted
by the QA tools.

Add missing bug number to the atomic update file.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:39 -04:00
David Gustafsson
4678505e1e
Bug 29145: Fix conditions for patron debarring overdues
Signed-off-by: Michaela <michaela.sieber@kit.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:38 -04:00
David Gustafsson
ee8ef4b174
Bug 29145: Add tests and modify sysprefs
Add tests, remove ODueDebarmentRemovalAllowUnrestricted syspref and instead
modify AutoRemoveOverduesRestrictions to have a third option

Signed-off-by: Michaela <michaela.sieber@kit.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:38 -04:00
Stefan Berndtsson
f2d2a7839e
Bug 29145: use overdues restrict delays when removing overdues restriction upon return
How to test:
1) Run tests in t/db_dependent/Circulation/MarkIssueReturned.t

Sponsored by: Gothenburg University Library

Signed-off-by: Michaela <michaela.sieber@kit.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 09:24:37 -04:00
f8233f44a5
Bug 34918: Fix userenv for safe_to_delete tests
Instead of the fallback to 51, we pass a borrower that has
permission for editing items.

Test plan:
Do not apply patch.
Run test without a borrower 51 in db. (FAIL)
Apply patch.
Run test again. (PASS)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:16 -04:00
3298b27985
Bug 34918: Fix hardcoded borrowernumber 42
Test plan:
Run t/db_dependent/Koha/Item.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:15 -04:00
0fb84e424e
Bug 34930: Change timezone in Koha/Object.t where tests assume it
This is the case for subtest: attributes_from_api() tests.

Test plan:
export TZ='Europe/Amsterdam'
prove t/db_dependent/Koha/Object.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:15 -04:00
6109a41ca6
Bug 34489: Fix timezone problem in Patrons.t
See also bug 34930. Using same approach.

Test plan:
export TZ='Europe/Amsterdam'
prove t/db_dependent/Koha/Patrons.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:14 -04:00
56348379ec
Bug 34934: Remove the use of event attributes from OPAC lists page
This patch removes the use of event attributes (onclick, onchange) from
the OPAC lists template. These events are defined now along with the
other in-page JS.

The patch also removes a "delete list" button which was only shown
when viewing an empty list and which was redundant.

To test, apply the patch and log into the OPAC.

- Go to Lists -> New list.
- Change the category to "Private" and the "Allow changes" dropdown to
  "Staff only."
  - You should see a message, 'The "Staff only" permission has no actual
    effect while this list is strictly private'
- Change the category to "Public." The message should disappear.

- View the contents of a list.
  - Click the "Send list" button at the top of the table of titles.
  - It should trigger the "Sending your list" popup window.

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:13 -04:00
f03cf6cc10
Bug 34936: Remove the use of event attributes from OPAC detail page
This patch removes the use of event attributes (onclick) from the OPAC's
bibliographic detail page template. These events are defined now along
with the other in-page JS.

The patch also adjusts the global "Dopop" function so that the popup
window is a litte bigger. The comments form did not fit well.

In checking for use of the "Dopop" function I found that it was being
redefined in opac-topissues.tt for no reason so I removed it.

To test you must have the OPACComments system preference enabled.

- Log in to the OPAC, locate a bibliographic record, and view the detail
  page.
- Under the "Comments" tab, click the "Post your comments on this title"
  link. It should trigger a popup window.
  - Submit your comment. When the detail page reloads, return to the
    "Comments" tab and click the "Edit" link on your comment. The same
    popup window should be triggered.

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:13 -04:00
Julian Maurice
ee381ca702
Bug 33074: Take ReservesControlBranch into account in opac-reserve.pl
Test plan:
1. Set system preferences:
   - Disable OPACAllowUserToChooseBranch
   - Set ReservesControlBranch to "item's home library"
   - Enable UseBranchTransferLimits
   - Set BranchTransferLimitsType to "item type"
   - Enable canreservefromotherbranches
   - Disable IndependantBranches
2. Create two libraries: ITEM_LIB and PATRON_LIB
3. Set circulation rules:
   - Remove all circulation rules (DELETE FROM circulation_rules)
   - Set a default rule that allow some holds and with "OPAC item level
     holds" = "force". Allow "on shelf" holds for easier testing.
   - In the rules for ITEM_LIB, under "Default checkout, hold and return
     policy",
     - set "Hold policy" to "From any library"
     - set "Hold pickup library match" to "item's home library"
   - In the rules for PATRON_LIB, under "Default checkout, hold and
     return policy",
     - set "Hold policy" to "From any library",
     - set "Hold pickup library match" to "any library"
4. In "Library transfer limits" disable all transfers from ITEM_LIB to
   PATRON_LIB for an item type (let's say "BOOK")
5. Create a biblio with an item:
   - item type must be the same as in previous step ("BOOK")
   - home branch and holding branch must be ITEM_LIB
6. Create a patron at PATRON_LIB, give it a password so it can log in.
7. Go to OPAC, and login with this patron
8. Try to place a hold for the new item. You should be allowed to place
   a hold, but when doing it, no holds will be created.
9. Apply patch, restart Koha
10. Try to place a hold for the new item. This time the hold should be
    created

Signed-off-by: Jessie Zairo <jzairo@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Merged tidy patch and switch to Koha::Policy::Holds here.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:12 -04:00
97307b881d
Bug 34842: Fix Illrequest/Config.t if DB upgraded twice
Not sure this is correct, but I think it is!

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:12 -04:00
4fadf73a95
Bug 34836: Add patron check to isbd and marc detail pages
Test plan:
- Go to circulation rules and set On shelf holds allowed to If all unavailable
- Log out
- Visit a MARC detail or ISBD detail bib record on OPAC:
http://localhost:8080/cgi-bin/koha/opac-MARCdetail.pl?biblionumber=76
http://localhost:8080/cgi-bin/koha/opac-ISBDdetail.pl?biblionumber=76
- Notice it blows up with error 500, on both occasions
- Apply patch. Repeat.

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-10-03 08:51:11 -04:00
ea91896f15
Bug 34369: Fix 'Did you mean'
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:41 -03:00
3c6dd02acb
Bug 34369: Pass csrf token from syspref API client (for Vue app)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:40 -03:00
c6ef2aba6b
Bug 34369: Require CSRF token for updating system preferences
This patch adds the requirements that updating a system preference
requires a CSRF token. (Also, adding and deleting local system preferences.)

0. Apply patch
1. koha-plack --reload kohadev
2. Add local system preference
3. Update local system preference
4. Delete local system preference
5. Update normal system preference
6. Note no errors

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:40 -03:00
4e32b76198
Bug 34761: Prevent XSS for searches and saved search filters
</script> tags are interpreted in JSON strings as HTML, which can
lead to XSS attacks.

This patch puts HTML escaped JSON in the value of a hidden HTML element.
The Javascript then takes the value as a string, parses it as JSON,
and is able to use it to save search filters without triggering a
XSS attack.

This patch also adds DataTable's built-in HTML escaping for the query
and limits on the admin UI for the search filters.

Test plan:
0. Apply patch
1. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=SavedSearchFilters
2. Enable the system preference
3. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=e
4. Click "Save search as filter"
5. Checkbox "Show in staff interface?"
6. Type "E-TEST" into box and click 'Save'
7. Go to
http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=e
8. Click "E-TEST" under "Custom search filters"
9. Note that you see search results
10. Go to
http://localhost:8081/cgi-bin/koha/admin/search_filters.pl
11. Note that for "E-TEST" you see a "Query" like
{"operators":[],"operands":["e"],"indexes":[]}
12. Note that for "E-TEST" you see a "Limits" like
{"limits":[]}

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:39 -03:00
dcd698a4b4
Bug 34349: Validate/escape inputs for task scheduler
This change validates and escapes inputs for task scheduler.

Test plan:
0. Apply patch
1. koha-plack --reload kohadev
2. Go to http://localhost:8081/cgi-bin/koha/tools/scheduler.pl
3. Input a time a minute in the future and leave the date blank
4. Choose an existing report and output format
5. Type a malicious string which is also a valid email address
into the Email field
6. Click "Save"
7. Note that the job is added but the Email is wrapped in single
quotes
8. Try using a non-malicious email address with a single quote.
9. Note that the single quote is escaped, so that it will still
be used by runreport.pl

JD amended patch: tidy

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Removed pars for $email =~ regex, removed old commented lines.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:38 -03:00
332b95b250
Bug 34513: (QA follow-up) Tidy
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:37 -03:00
abbbc5924d
Bug 34513: Add checkauth unit test for resetting auth state when changing users
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:37 -03:00
bb581fe78b
Bug 34513: Add end-to-end test for authorization check after first failed authorization
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:36 -03:00
16da12cbbc
Bug 34513: Set auth state correctly when changing auth sessions
This patch sets the $auth_state to failed when changing auth sessions,
so that the new login attempt gets processed correctly (instead
of skipping the authorization step).

Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?tab=&op=search&searchfield=baseurl
3. Log in as an OPAC user with 0 permissions
4. Note the auth screen "Error: You do not have permission to access this page"
5. Click "Log in"
6. Note that you're still shown a login screen (and that you've been logged out of
your previous authenticated session)

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 18:18:35 -03:00
Evan Giles
d9849aaa3a
Bug 34653: Make koha-foreach return the correct status code
I think the correct behavior for this script should be that koha-foreach
will return 0 (success) if all the commands it tried to run succeeded, but
1 (failure) if any of the commands failed.

To test:
1. $ koha-create --create-db test
2. $ vi test.sh
if [ $USER = 'kohadev-koha' ]; then
    echo "FAILED";
    exit 1;
else
    echo "SUCCESS";
    exit 0;
fi

3. $ debian/scripts/koha-foreach sh test.sh
FAILED
kohadev: 1 status returned by "sh test.sh"
SUCCESS
4. $ echo $?
5. Note that the exit status is 0 (success)

6. Apply patch

7. $ debian/scripts/koha-foreach sh test.sh
FAILED
kohadev: 1 status returned by "sh test.sh"
SUCCESS
8. $ echo $?
9. Note that the exit status is 1 (failure)

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:56:40 -03:00
7ac91b24cf
Bug 30843: Add unit test for Koha::Auth::TwoFactorAuth::verify
This change adds a unit test to test Koha::Auth::TwoFactorAuth::verify

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:52 -03:00
6a0955946e
Bug 30843: Add mfa_range configuration option for TOTP
This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"

Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works

14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works

20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:51 -03:00
120b991529
Bug 33926: Add ability to specify fields allowed in a response
At this time, we can specify fields to hide in SIP response at the login level. From a security perspective, it would be useful to also be able to specify which fields are allowed in a response.

Test Plan:
1) Apply this patch
2) prove t/db_dependent/SIP/Message.t

Signed-off-by: Sam Lau <samalau@gmail.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:50 -03:00
06c2b4898b
Bug 28449: Add column with invoice number to basket summary page
At the moment it's quite a lot of clicks to get from the basket
summary to the invoice something was received in. This adds a nice
shortcut by creating a new column for the invoicenumber in the basket
summary table.

To test:
* Make sure you have a basket with some received and unreceived
  order lines
* Verify that the (received) shows for your received lines
* Verify no invoice number or link to it in sight
* Apply patch
* Verify that there is now a column for the Invoice containing
  the invoice number as a link to the invoice
* Test with a staff patron, that doesn't have edit_invoices permission
* Verify that now instead of a link you see the invoice number as text

Be happy, sign off ;)

Note: this doesn't change the CSV export. The way the CSV is built is
quite different to the summary table, so it would be better handled
in a separate bug/patch. The columns are already quite different!

Sponsored-by: The Research University in the Helmholtz Association (KIT)

Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Émily-Rose Francoeur <emily-rose.francoeur@inLibro.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:50 -03:00
8922fb1863
Bug 34618: Add sort 1 and 2 fields to basket in acquisitions
This patch adds the option to display sort1 and sort2 columns in the
view of the contents of a basket in acquisitions. The columns are
labeled "Statistic 1" and "Statistic 2" to match the labels in the
order creation/edit form.

The fields are hidden by default in the updated table configuration.

To test, apply the patch and restart services.

- Go to acquisitions and create a basket if necessary:
  - Search for a vendor and click New -> Basket from the vendor
    toolbar on the vendor search results screen.
  - Create a basket, then click "Add to basket" from the basket details
    page.
  - Add an order to the basket.
- With at least one order in the basket, check the table of orders in
  the basket.
- The columns should be unchanged.
- The table configuration button should show the two statistics fields
  as hidden. Test that they can be displayed.

- Go to Administration -> Table settings.
  - Under Acquisitions -> basket, try changing the settings for the
    Statistic 1 and Statistic 2 fields, and check that your changes are
    reflected in the basket view.

- Test with a vendor which has an EDI account:
  - Enable the EDIFACT system preference.
  - Go to Administration -> EDI accounts and create an account for your
    vendor.
  - Confirm that the table of orders in your basket still displays
    correctly now that the "Supplier report" column is present.

Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Ray Delahunty <r.delahunty@arts.ac.uk>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:49 -03:00
384f9282e1
Bug 33428: (follow-up): Default to searching 'standard' fields
Before this patch set, a search for patrons from article requests or
reserves would search the attributes by default. They were not considered
'standard' searches, however.

This patch simply defaults to searching the 'standard' fields unless a value is passed

To test:
1 - Apply other patches
2 - Have patrons with searchable attributes
3 - From a title, click the holds or artickle requests tab
4 - Search for the attribute values and confirm patrons are not returned
5 - Apply this patch
6 - Search again, patrons are now returned

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:48 -03:00
bfdee70f24
Bug 33428: (QA follow-up) Fix escaping in a split call
We'd missed an escape case in one of the calls to .split for the pipe
delimited split operations.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:48 -03:00
47a2029161
Bug 33428: Adjust Unit Tests
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:47 -03:00
b1b92cb9a4
Bug 33428: Parse search fields in buildPatronSearchQuery
This patch moves the parsing of standard search_field into the buildPatronQuery subroutine
and adds a check for 'standard' field before adding attributes to the search

To test:
1 - Add a new attribute type and make it searchable
2 - Add a value to a patron
3 - Search for this value using 'Standard' fields, confirm you get the patron
4 - Search for the value using 'Cardnumber' field, confirm you get the patron - BAD!
5 - Apply patch
6 - Repeat cardnumebr search, confirm patron not found - Yay!
7 - Search standard, confirm patron is found
8 - Add a new field to 'DefaultPatronSearchFields
9 - Confirm it appears in patron search dropdown
10 - Confirm a search of this field with the attribute value does not return the patron

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:46 -03:00
a06396c282
Bug 34748: DBRev 23.06.00.026
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:46 -03:00
Katrin Fischer
f9f9c3a7fa
Bug 34748: Fix column name in columns configuration for basket table
The first column was named basket_number, but it's actually the
order_line.

To test:
* Edit column configuration for acquisition > basket
* Make sure to set at least one checkbox for 'basket_number'
* Apply patch, run database update
* Verify that the first column is now 'order_line', but your
  settings have been preserved

Signed-off-by: David Nind <david@davidnind.com>

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:45 -03:00
82234aba24
Bug 29822: DBRev 23.06.00.025
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:45 -03:00
cdedd6f2db
Bug 29822: (QA follow-up) Use pipe for all field separators
- Tidy atomic update

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:44 -03:00
bfcdbeb9a8
Bug 29822: Update unit tests
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:43 -03:00
6a98a8ef83
Bug 29822: Database and Preference description updates
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:43 -03:00
ffcfc13c7e
Bug 29822: Update code to reference by pipe
Moving to modalselect also has the effect of moving from comma delimited
to pipe delimitation for the preference contents

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:42 -03:00
0b4a37a29d
Bug 29822: Use the modal
As requested by Katrin.. switch to the modal and expose all fields from
the borrowers database table

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2023-09-25 10:53:41 -03:00