On the same way of Koha::Biblio->get_holds,
Koha::Biblio->get_holds_placed_before_today and Koha::Patron->get_holds,
this new subroutin will permit to retrieve the holds placed on a
specific item.
Note that at the moment we do not need a Koha::Item->get_holds method:
we do not want to display future holds placed in the future.
Test plan:
I would suggest to test this patch with patches from bug 17736 and bug 17738,
to place different kind of holds (biblio and item level, future and
past).
Then do a whole workflow to detect bug, view a record, delete record,
order, place a hold on an item which has been ordered, etc.
The hold's informations should always be the same without or without
these patches.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The C4::Reserve::GetReservesFromBiblionumber took 3 parameters, the
biblionumber, an optional itemnumber and a "all_dates" flag.
If set, the subroutine returned all the holds placed on a given bibliographic
record, even the ones placed in the future. Almost all of the calls had this
flag set, they will be replaced with a call to Koha::Biblio->holds.
But 5 did not have it:
- C4::Biblio::DelBiblio
-tools/batch_delete_records.pl
=> These 2 were wrong, we want to retrieve the holds to cancel them
before deleting the record. We need to get all the holds, even the ones
placed in the future /!\ CHANGE IN THE BEHAVIOR
- acqui/parcel.pl
=> 1 call per item were made to this subroutine. They have been replaced
with only 1 call to the new method Koha::Biblios->holds_placed_before_today
Then we filter on the itemnumbers.
I think this is wrong: we need the number of holds to know if the record
can be deleted, so even if future holds exist, the deletion should not
be possible.
- serials/routing-preview.pl
- C4::ILSDI::Services::GetRecords
- C4::SIP::ILS::Item->new
=> Seems ok, we just one to display holds placed before today
Test plan:
I would suggest to test this patch with patches from bug 17737 and bug 17738,
to place different kind of holds (biblio and item level, future and
past).
Then do a whole workflow to detect bug, view a record, delete record,
order, place a hold on an item which has been ordered, etc.
The hold's informations should always be the same without or without
these patches.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
C4::Items::GetItemsCount can be replaced with Koha::Biblio->items->count
Test plan:
Create a bibliographic record with items attached
Try to delete the record from a basket (acquisition module), the detail
page and the batch item deletion tool.
=> You should not be able to delete it.
Remove the items and then try again to delete the record
=> Now you must be able to delete it.
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
This patch create a Koha::Acquisition::Booksellers module and
Koha::Acquisition::Bookseller::Contract[s] modules.
All code in the acquisition module is adapted to use the CRUD methods of
Koha::Object[s].
The former C4 routines are removed.
Test plan:
Since a lot of files are impacted by this patch, try a complete
acquisition workflow and try to catch errors.
Be focused on bookseller and bookseller' contacts data.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Ready for an archaeology course?
C4::Circulation::GetItemIssues is only used once, from
catalogue/issuehistory.pl
This call has been added by
commit 95d6452462
Adding some more information on issuehistory.
which says "Adding itemnumber to issuehistory.pl API so that one could search
for issuehistory of a specific item."
So it added the ability to see the item issue history but did not
provide a way to access it via the interface.
It's ok so far but this subroutine is broken since
commit aa114f5349
Bug 5549 : Only use DateTime for issues table
because of this change:
- my $today = C4::Dates->today('iso');
+ my $today = DateTime->now( time_zome => C4::Context->tz);
I let you catch the typo ;)
And since this commit the subroutine explodes with "The following
parameter was passed in the call to DateTime::from_epoch but was not
listed in the validation options: time_zome"
Since it has never been raised by someone and that the feature is
hidden, I'd recommend to simply remove it.
Note that the "Checked out from" column would have been wrong even if we
fixed all the previous issue.
Test plan:
Just dig into the code and confirm what this commit message tells
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Looks fine for me.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In order to avoid warnings in the logs, $cgi->param should be forced to
scalar context
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Caused by
commit ac5a1bfece
Bug 16154: CGI->multi_param - Manual changes
The change was wrong, we wanted to retrieve a scalar (the string), not
an array.
We want to retrieve a string with the different column' names, not an
array of 1 element.
Test plan:
Launch an item search and play with column sort
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The subroutine C4::Members::GetHideLostItemsPreference can easily be
replaced with Koha::Patron->find(42)->category->hidelostitems
Test plan:
Create 2 patron categories, 1 with "Lost items in staff client" set to
"shown" and another one to "Hidden by default"
Create 2 patrons using them
On the result search page, the detail page of a record, the item list
page and the page to place a hold, make sure the lost items are
shown/hidden as expected
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Ok I am silly, we needed to replace to use the cache mechanism for
search_by_koha_field, not find_by_koha_field...
Let's create another subroutine
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If the period is entered without spaces wrapping the hyphen
You can't get any result
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
I can't reproduce the error, search still works after applying the patch
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
C4::Koha::getframeworks returned a hashref of biblio frameworks.
It was mainly used to generate the dropdown list of frameworks.
The scripts modified in this patch did not necessary order the element
by description (frameworktext), the displays were not consistent from
one screen to another.
Using the same search method everywhere:
Koha::BiblioFrameworks->search({}, { order_by => ['frameworktext'] });
We will know always get the framework in the same order.
Test plan:
Following the different pages modified by this patch, and make sure the
frameworks are displayed correctly in the dropdown list:
1/ acqui/z3950_search.pl - Create an order from an external source.
2/ admin/fieldmapping.pl - Define some mappings keyword / MARC field
3/ admin/marctagstructure.pl - On the MARC frameworks admin page, select
another framework than the default one and click on the 'Search' button
4/ catalogue/MARCdetail.pl - On the MARC defail page, change the
framework you want to use to display the record
5/ cataloguing/addbiblio.pl - Add or edit a biblio record, change its
framework. When editing, the framework of the record should be selected
by default
6/ cataloguing/addbooks.pl - Go on the cataloguing home page and click
on the "New record" button. You should see all the frameworks
7/ cataloguing/merge.pl - Select 2 biblio records to merge. On the first
step (select the merge reference), you should be allowed to select the
framework to use.
8/ tools/inventory.pl - On the inventory page, the "Item statuses" part
should be populated as before this patch
9/ tools/manage-marc-import.pl - Stage records for import. Before
importing them into the catalog, you should see the framework dropdown
list.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Works Ok.
No errors
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The C4::Koha::GetFrameworksLoop retrieves biblio frameworks and returns
them ordered by the description (frameworktext). If a parameter is
passed, a selected flag is set. The selection of the options should be
done on the template side.
These 2 calls can be replaced with
Koha::BiblioFrameworks->search({}, { order_by => ['frameworktext'] });
Test plan:
1/ Go on a Labeled MARC biblio view (catalogue/labeledMARCdetail.pl)
You should see a dropdown list with the biblio frameworks. The framework
of the record should be selected by default
2/ Create a sql report using the biblio_framework parameter, something
like:
SELECT COUNT(*) FROM biblio WHERE frameworkcode=<<framework|biblio_framework>>
Save and execute the report.
You should get a dropdown list with the framework list.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Both dropdowns Ok
No errors
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch replaces the call to C4::Koha::GetKohaAuthorisedValues with
Koha::AuthorisedValues->search_by_koha_field
Test plan:
AV descriptions should be displayed on the following pages:
- XSLT view - location and ccode
- Bibliographic detail, moredetail and OPAC pages - location, ccode, copynumber
- returns - location
- opac-basket - ccode, location
- The 3 reports: catalogue_stats.pl, issues_stats.pl and
reserves_stats.pl - location, ccode
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
GetAuthValCode did not return anything if the authorised_value column
was not defined. Our new calls to Koha::MarcSubfieldStructures->search
should behave the same
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The subroutine C4::Koha::GetAuthValCode returned the authorised value
category for a given kohafield.
This can be acchieve easily using a new Koha::AuthorisedValues->search_by_koha_field
method which will mimic search_by_marc_field.
Test plan:
Confirm that the description is correctly displayed on the following
pages:
- detail and moredetail of a bibliographic page (itemlost, damaged, materials)
- Set AcqCreateItem=ordering and receiving items.
The description for notforloan, restricted, location, ccode, etc.
field should be displayed.
- Items search form
- On the checkout list from the circulation.pl and returns.pl
pages, the description for "materials" should be displayed
Note that GetKohaAuthorisedValuesMapping is going to be removed on bug
17251.
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The subroutine C4::Koha::GetKohaAuthorisedValueLib just retrieves a description
(lib) for a given authorised value.
We can easily replace it using:
Koha::AuthorisedValues->search({ category => $cat, authorised_value => $av })->lib
or
Koha::AuthorisedValues->search({ category => $cat, authorised_value => $av })->opac_description
Test plan:
- On the detail page of a bibliographic record, the description for notforloan,
restricted and stack (?) should be correctly displayed
- View a shelf, the location (LOC) description should be displayed
- On the search result page, the location description should be displayed in the
facets
- Set AcqCreateItem=ordering and receiving items.
The description for notforloan, restricted, location, ccode, etc. field
should be displayed.
- When creating item in the acquisition module, the dropdown list for
field linked to AV should display the AV' descriptions
- On the transfers page, the description of the location should be
displayed.
- On the checkout list from the circulation.pl and returns.pl pages, the
description for "materials" should be displayed
- Fill some OPAC_SUG AV and create a suggestion, the reason dropdown
list should display the description of OPAC_SUG
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
This patch adds holding library ("current location") to the list of
fields available in the item search form.
To test, apply the patch and go to Search -> Item search.
- Perform a search using the "current location" option and verify that
it returns the correct results.
- Try other searches to confirm that they work as before.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
[1] C4/Search
A call to Koha::Libraries is added to routine pazGetRecords, but the
results of that call are not used. So removing it again.
[2] catalogue/itemsearch.pl
Although A=>B=>C=>D works, we'd better use here A=>B, C=>D.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This is the fourth and last patch set to remove C4::Branch.
The real purpose of this patch is to standardise and refactor some code
which is related to the libraries selection/display.
Its unconfessed purpose is to remove the C4::Branch package.
Before this patch set, only 6 subroutines still existed in the C4::Branch
package:
- GetBranchName
- GetBranchesLoop
- mybranch
- onlymine
- GetBranches
- GetBranch
GetBranchName basically returns the branchname for a given branchcode.
The branchname is only used for a display purpose and we don't need to
retrieve it in package or pl scripts (unless for a few exceptions).
We have a `Branches` template plugin with a `GetName` method which does
exactly this job.
To achieve this removal, we will use this template plugin and delete the
GetBranchName from pl and pm files.
The `Branches.all()` will now select the library of the logged in user
if no `selected` parameter has been passed.
This new behavior could cause regressions, for instance there are some
places where we do not want an option preselected (batch item
modification for instance), keep that in mind when testing.
GetBranchesLoop took 3 parameters: $branch and $onlymine.
The first one was used to set a "selected" flag, for a display purpose:
select an option in the libraries dropdown lists.
The second one was useless: If not passed or set to 0, the
`C4::Branch::onlymine` subroutine was called.
This onlymine flag was use to know if the logged in user was able to see
other libraries infos.
A patron can see the infos from other libraries if IndependentBranches
is not set OR if he has the superlibrarian permission.
Prior to this patch set, the "onlymine test" was done on different
places (neworderempty.pl, additem.pl, holidays.pl, etc.), including the
Branches TT plugin. In this patch set, this test is only done on one
place (C4::Context::only_my_library, code moved from
C4::Branch::onlymine).
To accomplish the same job as this subroutine, we just need to call the
`Branches.all()` method from the `Branches` TT plugin. It already
accepts a `selected` parameter to set a flag on the option to select.
To avoid the repetitive
[% IF selected %]<option selected="selected">[% ELSE %]<option>[% END %]
pattern, a new `html_helpers` TT include file has been created, it
defines an `options_for_libraries` block, which takes a `selected`
parameter. We could imagine to use this include file for other
selects.
The 'mybranch` and `onlymine` subroutines of the C4::Branch package have
been moved to C4::Context. onlymine has been renamed with
only_my_library. There are only 4 occurrences of it, against 11 before
this patch set.
There 2 subroutines are Context-centric and it makes sense to put them
in `C4::Context` (at least it's the least worst place!)
GetBranches is the tricky part of this patch set: It retrieves all the
libraries, independently of the value of IndependentBranches.
To keep the same way as the existing calls of `Branches.all()`, I have
added a `unfiltered` parameter. If set, the `Branches.all()` will call
a usual Koha::Libraries->search method, otherwise
Koha::Libraries->search_filtered will be called. This new method will
check if the logged in user is allowed to see other libraries or only
its library.
Note that this `GetBranches` subroutine also created a `category` key:
it allowed to get the list of groups (of libraries) where this library
existed. Thanks to a previous patch set (bug 15295), this value was
not used anymore (I may have missed something!).
Note that the only use of `GetBranch` was buggy (see bug 15746).
Test plan (for the whole patch set):
The best way to test this whole patch set is to test with 2 instances: 1
with the patch set applied, 1 using master, to be sure there is no
regression.
It would be good to test the same with `IndependentBranches` and the
without `IndependentBranches`.
No difference should be found.
The tester must focus on the library dropdowns on as many forms as
possible.
You will notice changes in the order of the options: the libraries will
now be ordered by branchname (instead of branchcode in some places).
A special attention will be given to the following page:
- acqui/neworderempty.pl
- catalogue/search.pl
- members/members-home.pl (header?)
- opac/opac-topissues.pl
- tools/holidays.pl
- admin/branch_transfer_limits.pl
- admin/item_circulation_alerts.pl
- rotating_collections/transferCollection.pl
- suggestion/suggestion.pl
- tools/export.pl
Notes for QA:
- There are 2 FIXMEs in the patch set, I have kept the existing behavior,
but I am not sure it's the good one. Feel free to open a bug report and
I will fill a patch if you think it's not correct. Otherwise, remove the
FIXME lines in a follow-up patch.
- The whole patch set is huge and makes a lot of changes.
But it finally will tremendously reduce the number of lines:
716 insertions for 1910 deletions
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds the frameworkcode option param, using each record's frameworkcode
as expected by the filter. Otherwise the ViewPolicy filter falls back to the
default framework.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Koha::RecordProcessor and the defined filters are supposed to bring us
joy and happiness. Let's keep the code compact, simple and clean.
This patch removes record cloning all over the place.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
There are still some leaks, but it is not as a result
of the filter, but rather a result of poorly written
template files.
Bug fixing template files is beyond the scope of this
set of patches.
TEST PLAN
---------
1) Backup your DB
2) run the following SQL on your DB.
> UPDATE marc_subfield_structure set hidden=-8;
-- this should set EVERYTHING to hidden across the board.
3) In staff client, set OPACXSLTDetailsDisplay to blank
4) In OPAC, view any detail.
-- Normal view may mostly leak values still.
-- MARC view may leak values.
-- ISBD view may leak values.
5) In staff client, set OPACXSLTDetailsDisplay to default
6) In OPAC, view any detail.
-- same issues as step 4
-- 'View Plain' may leak too.
7) 'Save record' -> 'Dublin Core'
8) Apply this patch
9) run koha qa test tools
-- should be fine
10) prove -v t/db_dependent/Filter_MARC_ViewPolicy.t
-- should pass
-- this proves Koha/Filter/MARC/ViewPolicy.pm tweaks too
11) In OPAC, view any detail.
-- Normal view:
-- Material type comes from the LEADER field.
-- Lists this is on will still display
-- 'Tags from this library' will still display
-- Item information in table will still display
(THIS IS BEYOND SCOPE)
-- MARC view:
-- Record number is leaked
(THIS IS BEYOND SCOPE)
-- 'View plain' leaks LEADER field.
-- ISBD view may leak field headings, but not values.
(THIS IS BEYOND SCOPE)
12) In staff client, set OPACXSLTDetailsDisplay to blank
13) In OPAC, view any detail.
-- same kind of output as step 10
14) 'Save record' -> BIBTEXT
-- Should be next to nothing leaked.
15) 'Save record' -> Dublin Core
-- Should be the same or less leaked between the two versions.
-- (XML FILTERING IS BEYOND SCOPE)
16) In the staff client, go view the same record.
-- it should be mostly hidden in ISBD View.
17) run the following SQL on your DB.
> UPDATE marc_subfield_structure set hidden=1;
-- this should set EVERYTHING to hidden in OPAC, but not
the STAFF across the board.
18) Refresh the staff ISBD page
-- values should reappear.
19) View the ISBD details in the OPAC
-- values should still be hidden.
20) Check out the OPAC Cart and List
-- while the intermediate pages may still leak
the download links should leak very minimally.
-- (CARTS AND LISTS ARE BEYOND SCOPE, THOUGH
THE INTRANET ISBD AND SOME CART/LIST STUFF
WERE FIXED BECAUSE OF THE GetISBDView REFACTOR)
Expectations:
Before Patch - all the OPAC Detail pages will display things
After Patch - all the OPAC Detail pages will display much less,
and hopefully nothing (though there are known limits).
the ISBD detail page in the Staff client will be
filtered as well based on STAFF settings.
The saving/exporting should generate nearly empty
files.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In Staff client, the advanced serach form does not display the
translations of item types.
(Note: It is not necessary to have translations installed to verify
this bug.)
Prerequisites:
- Go to Home > Administration > Item types administration
- Edit e.g. item type "BK" (Book)
- Near "Description", click link "Translate into other languages
- If you have other languaes installed, add translatons for those
- If you have an Englis only installation, add a "translation" for
English, make sure that you can identify it while testing (I
used "BOOOOOOOOOOOOKS")
Verify:
- Go to Home › Advanced search
- Verify near "Limit to any of the following" that the description for
itemtype BK reads "Book" instead of "BOOOOOOOOOOOOKS"
Test:
- Apply patch
- Verify that the item type description now reads ""BOOOOOOOOOOOOKS"
- If you have a multi language installaton, verify that item types
you translated display as appropriate
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
If there was more than one search term you could see that that it
was url encoded. Also problems with search terms with umlauts and
other diacritics.
Patch should fix that.
https://bugs.koha-community.org/show_bug.cgi?id=17074
Signed-off-by: Marc <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The 'scan indexes' search that can be reached from the
advanced search has 2 problems to begin with:
- The search term you searched for is not displayed
in the input field.
- The links in the result list are missing the index
and because of that, are not giving the correct results.
To test:
- Go to the advanced search, select an index to search in
- Enter a search term and check 'scan indexes'
- Submit search
- Check if the search term is visible in the input box
- Check if the result links contain your selected index
and give you correct results (count and the number of
results should match)
Tested both patches together, works as expected.
Signed-off-by: Marc <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Hit
/cgi-bin/koha/catalogue/detail.pl?biblionumber=1<script type="text/javascript">alert("XSS")</script>
/cgi-bin/koha/catalogue/ISBDdetail.pl?biblionumber=1<script type="text/javascript">alert("XSS")</script>
/cgi-bin/koha/catalogue/MARCdetail.pl?biblionumber=1<script type="text/javascript">alert("XSS")</script>
/cgi-bin/koha/catalogue/moredetail.pl?biblionumber=1<script type="text/javascript">alert("XSS")</script>
/cgi-bin/koha/catalogue/labeledMARCdetail.pl?biblionumber=1<script type="text/javascript">alert("XSS")</script>
=> Without this patch you will see the alert
=> With this patch, no more alert
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch adds an "add to cart" link to each line of search results in
the staff client.
To test, apply the patch and clear your browser cache if necessary.
- Enable the intranetbookbag system preference.
- Perform a search which will return multiple search results.
- Each result should have an "Add to cart" link.
- Clicking the "Add to cart" link should add the title to the cart,
triggering the correct pop-up message and changing the link to read
"In your cart (remove)."
- Clicking the "remove" link should remove the title from your cart
and trigger the correct messages.
- Add multiple titles to your cart and perform the same search again.
Each result should correctly indicate which titles are already in your
cart.
- Open the cart popup window.
- Check the checkbox for one or more titles in your cart and choose
"Remove." The titles should be removed, and the "In your cart" label
in the search results page should reflect that the titles are no
longer in the cart.
- Choose "Empty and close." All titles in the parent page should now
indicate that they are not in the cart.
- Disable the intranetbookbag preference and confirm that the "Add to
cart" links are no longer there.
Followed test plan. Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Delete extra useless comment line:
"# if its a subject we need to use the subject.tt"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The template koha-tmpl/intranet-tmpl/prog/en/modules/catalogue/subject.tt
is not used and can be removed.
To test:
- Apply patch
- Verify that catalogue/moredetail.pl works as before (go to a
biblio with items and click 'Items' in left hand menu)
Signed-off-by: Hector Castro <hector.hecaxmmx@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
A malicious user can delete the search history of all other users by
correctly guessing the ID value assigned to the victim's search. As
searches are assigned values sequentially, an attacker could quickly
remove the searches belonging to all of the application's users.
To reproduce:
Login with patron A
launch a search
Note the id generated for this search history:
select id from search_history order by id desc limit 1;
Login with patron B
Hit /cgi-bin/koha/opac-search-history.pl?action=delete&id=<ID>
Note that the row is deleted in the DB
Test plan
Confirm that this patch fixes the issue.
The same test can be made at the staff interface
Reported by Alex Middleton at Dionach
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Works as first patch
No errors
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
This patch is a follow-up of bug 16154.
It removes the warning "CGI::param called in list context" in the
following scripts:
admin/branches.pl
admin/categories.pl
admin/patron-attr-types.pl
admin/preferences.pl
catalogue/image.pl
circ/circulation.pl
patroncards/add_user_search.pl
serials/add_user_search.pl
tools/marc_modification_templates.pl
virtualshelves/shelves.pl
Note that the warning from catalogue/itemsearch.pl still exists (the
call to CGI->param is done from the template).
Test plan:
- Add/modify a library, patron category, patron attr type
- Update a syspref
- Set localcoverimage and call catalogue/image.pl?biblionumber=XXX
- Search for patrons in the patron cards or serials module
- Add a marc modification templates
- Add a list (shelves)
You should not get the warning in the log after all these actions.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Edit: fixed catalogue/detail.pl and opac/opac-detail.pl so they use the right
XSLT syspref.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
In catalogue/detail.pl and catalogue/moredetail.pl, the
GetAuthorisedValues subroutine is called once per item. It's not needed,
only 1 call is enough.
Test plan:
Edit item and view a catalogue record.
The withdrawn, lost and damaged values should be correctly
displayed/saved.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Brendan Gallagher <bredan@bywatersolutions.com>
This patch does the same as the previous one, but affects lines which
have not been caught by the regex.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
This patch replaces the occurrences of
my @foo = $cgi->param('foo');
with
my @foo = $cgi->multi_param('foo');
perl -p -i -e
's/^(\s*my\s*@\w+\s*=\s*)\$(cgi|input|query)\->param\(/$1\$$2\->multi_param\(/xms'
**/*.pl
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
By default ES returns the facet terms ordered by most used, which makes
sense.
This patch removes resort done in the scripts (catalogue/search.pl and
opac/opac-search.pl) and moves it to the module.
For Zebra it's now done in C4::Search::getRecords, and there is no
change to expect (still alphabetically).
On the Elastic search side, we could imagine to let the library define
the order of the facets. The facet terms are now sorted by most used.
To test easily this change, turn on the displayFacetCount pref.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
This reverts commit cd4905c2969b067476881016d0b03271f0bcc7c8.
This commit caused an error in C4::Search::GetFacets when running in
zebra mode.
Conflicts:
Koha/SearchEngine/Elasticsearch/Search.pm
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
By default ES returns the facet terms ordered by most used, which makes
sense.
This patch removes resort done in the scripts (catalogue/search.pl and
opac/opac-search.pl) and moves it to the module.
For Zebra it's now done in C4::Search::getRecords, and there is no
change to expect (still alphabetically).
On the Elastic search side, we could imagine to let the library define
the order of the facets. The facet terms are now sorted by most used.
To test easily this change, turn on the displayFacetCount pref.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
This allows sorting to be configured within a field. For example, while
many values are included for search on author, sorting should only be
done on the main entry values. This permits that by have a sort value,
which can be true, false, or null. true and null are pretty much the
same, but false means that a field isn't available for sorting on. By
default (null), fields can be sorted on.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jesse Weaver <jweaver@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
From C4::Koha::GetAuthorisedValues
# TODO: the "selected" feature should be replaced by a utility function
# somewhere else, it doesn't belong in here. For starters it makes
# caching much more complicated. Or just let the UI logic handle it, it's
# what it's for.
Indeed, it's not a job for a subroutine, the template should take care of that.
Note that a perf gain could be won with this patch \o/
Test plan:
- Edit an itemtype and check the value of the "Search category" dropdown list
- Edit a patron attribute type and check the value of the "Class" dropdown list
- Detail for a catalogue record, the Status column should be correctly
populated if items are damaged and/or lost
- Item details for a catalogue record, the lost, damaged and withdrawn
value should be correctly displayed
- Edit a patron, the "street type" should be correctly selected
- Create a patron attribute type linked to an authorised value list.
- Edit a patron, set a value for this attribute, edit it again. The
correct value should be selected.
- Search for subscriptions. The 'Location' dropdown list should behave
correctly (select the entry you have choosen before, etc.)
- Edit a subscription, the location dropdown list should select the
correct value.
- Edit and view a suggestion with a 'reason for suggestion' set (you
should have at least 1 OPAC_SUG AV defined)
Followed test plan, works as expected
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
In catalogue/detail.pl, if items.materials is linked to an authorised
values list, show label instead of code.
Test plan:
1/ Create an authorised values list 'MATERIALS' with some values
2/ In default MARC biblio framework, link an item subfield to
'items.materials', and to the AV list 'MATERIALS'
3/ Edit an item and give a value for this subfield
4/ Go to biblio record detail page (catalogue/detail.pl)
5/ In the items table, the authorised value label should be displayed.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
To test:
1) Ensure your non-public note field is mapped to the
items.itemnotes_nonpublic database column
2) Edit an item, add a test nonpublic note
3) Verify the nonpublic note is shown in the items table on the Detail view.
sponsored-by: New Zealand Ministry of Education Library
sponsored-by: New Zealand Central Agencies Library
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Removed a stray Data::Dumper
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
* Use ->id instead of ->branchcode when possible to eliminate use of that nomenclature
* Fix bad use of ->branchcode to ->{branchcode} for unblessed hashref version of Koha::Library
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
C4::Branch::GetBranchDetail retrieved library infos, it could be easily
replaced with Koha::Libraries->find
When this change needs other big changes, the unblessed method is
called, to manipulate a hashref (as before) instead of a Koha::Library
object (for instance when $library is sent to GetPreparedLetter).
Test plan:
1/ Print a basket group, the library names should be correctly
displayed.
2/ Enable emailLibrarianWhenHoldIsPlaced and place a hold, a HOLDPLACED
notice will be generated (focus on the library name)
3/ Edit a patron and change his/her library
4/ Generate the advanced notices (misc/cronjobs/advance_notices.pl) and
have a look at the generated notices
5/ Same of overdues notices
6/ Set IndependentBranches and use a non superlibrarian user to place a
hold. The "pickup at" should be correctly filled.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
C4::Branch::GetBranchesInCategory can be replaced with
Koha::LibraryCategory->libraries
Test plan:
1/ Define some 1+ group of libraries with 1+ libraries each
2/ Go on the advanced search (OPAC and Staff) and select a group of
libraries
3/ The result should be consistent and only include record from these
libraries
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
On issuehistory.pl you have:
flagsrequired => { circulate => "circulate_remaining_permissions" },
But that really doesn't make sense. People should be able to view the history of circulation without having permission to circulate items themselves
This patch changes the required permissions from circulate to catalogue.
Test Plan:
1. Login as user without the circulate_remaining_permissions
2. Attempt to view Circulation History of an Item
3. Does not work
4. Apply Patch
5. Attempt to view circulation history with a user that has access to the staff side.
6. Can view circulation history now
Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This patch mainly replaces C4::ItemType->all with
Koha::ItemTypes->search.
Test plan:
At the places where the C4::ItemType module was used, confirm there is
no regression:
- acqui/neworderempty.pl
- catalogue/itemsearch.pl
- admin/item_circulation_alerts.pl
and the 2 cataloguing plugins:
- marc21_linking_section.pl
- unimarc_field_4XX.pl
QA step:
prove t/db_dependent/HoldsQueue.t should return green
Note that the tests were buggy.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
'Withdrawn' is an authorised value just like 'Lost' and 'Damaged,' so
the item detail screen should offer the same means of selecting one of
multiple values.
This patch re-uses the same template markup and code 'Lost' and 'Damage'
use to make it possible to select a specific withdrawn value.
To test you should have multiple values entered for the authorised value
category 'WITHDRAWN'.
1. Apply the patch and locate any record in the catalog.
2. From the detail screen, click the barcode in the items table to go to
the item detail page.
3. Confirm that there is a dropdown list of choices for 'Withdrawn
status.'
4. Try both setting and unsetting various withdrawn statuses.
5. Confirm that setting Lost or Damaged statuses.
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
When Koha export a bibliographic record to DC, makes it in XML format.
This XML not follows the DC-XML recommendations as should be: elements
in uppercase eg. dc:Date, dc:Creator, section 4.2, recommendation 4
explain that "The property names for the 15 DC elements should be all
lower-case." eg. dc:date, dc:creator" and section "4.3 Example - a
simple DC record", xsi:schemaLocation="http://example.org/myapp/http://example.org/myapp/schema.xsd" schema does not exist.
NOTE: This new feature implement the XSLT transformation for OAI-DC,
SRW-DC and RDF-DC
Test plan
---------------
1) Download Dublin Core file from record detail page. Open up the file,
and make sure that the document not follows the DC-XML
recommendations as should be.
2) Apply patch.
3) Go to whichever bib record in OPAC or staff and click on Save >
Dublin Core. A modal will display, prove all options.
4) Change the system preference 'Opac ExportOptions' by enabling and
disabling Dublin Core and try to download a record.
5) Try several bibliographic records in any format (book, magazine, DVD,
etc.) to confirm that properly exported.
6) Test with all marc flavours.
Sponsored-by: Universidad de El Salvador
Signed-off-by: Frederic Demians <f.demians@tamil.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
Test plan
1/ enable OpacAddMastheadLibraryPulldown
2/ Defined a group of libraries as searchdomain
and tick 'show in pull down'
3/ At the OPAC, go on the advanced search form, limit by the group of
libraries you have just created.
4/ The group should be selected by default in the dropdown list
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
http://bugs.koha-community.org/show_bug.cgi?id=15294
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
Currently if the AnonymousPatron system preference is in use, all patron
data is anonymized. Some libraries would like to be able to see the last
patron who returned out an item ( in case of damage ) but still keep all
other patrons anonymized.
* Add the table items_last_borrower ( id, itemnumber, borrowernumber )
* Add new system preference StoreLastBorrower
* If StoreLastBorrower is enabled, upon checkin have Koha insert into
this table the patron who last returned this item. Replace existing
row based on itemnumber if exists.
* If table has a row for a given item, link to the patron from the item
details page.
Test plan:
1) Apply patch
2) Run updatedatabase.pl
3) Enable StoreLastBorrower
4) Issue an item to a patron and return said item
5) Issue the same item to a second patron, do not return it.
6) View moredetail.pl for the given bib, find the given item. There
should be a new field in the history list 'Last returned by' with a link
to the last patron to return the item.
Optionally, you can also verify this works even if patron issuing
history has been set to anonymize issues upon return.
Signed-off-by: Nick Clemens <nick@quecheelibrary.org>
Signed-off-by: Jen DeMuth <JDeMuth@roseville.ca.us>
Signed-off-by: Tom Misilo <misilot@fit.edu>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Brendan Gallagher brendan@bywatersolutions.com
This patch removes code related to stopwords usage. The following methods are removed:
C4::Search->remove_stopwords
C4::Context->stopwords
C4::Context->_new_stopwords
And the buildQuery API was changed (removed the \@removed_stopwords return value).
A follow-up is provided for database changes, to make rebasing easier.
To test:
- Apply this patch
- Do some searches in both intranet and opac interfaces
- Nothing should break
Sponsored-by: Universidad Nacional de Córdoba
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
The preference is named "marcflavour" not "marcflavor".
Without this change, search will always use "copyrightyear"
and break search by publication date for UNIMARC.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Thx for the follow-up!
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Problem: MARC21/NORMARC stores the publication
date in biblio.copyrightdate, but UNIMARC uses
biblioitems.publicationyear.
To test:
- Without patch in a MARC21 installation:
- Search by publication date
- Verify that the results don't match the
publication year you searched for.
- Try sorting the table by publication year.
- Verify that the sort doesn't work.
- Apply patch.
- Repeat both, search and sort.
- Verify both work correctly now.
- Repeat tests on a UNIMARC installation.
- Verify both still work.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Tested searching and sorting successfully in a MARC21 installation. DID
NOT test in UNIMARC.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Same as previously.
For these files it's a bit less obvious.
To make sure these changes won't introduce any regression, check that
the variable returned by GetMember is never used to get something
else than a borrower fields.
The 'flags' should not be get neither.
For opac-user.tt it's different, other keys are got but there are defined
in the pl script.
On the way:
- 'showname' is removed (never used)
- fix scope var issue in opac-user.tt (BORROWER_INF.OPACPatronDetails vs
OPACPatronDetails)
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
remove superfluous second declaration of template, borrowernumber and
cookie which are never used
Also removed the variables @results and @results_array which are
declared but not used
Signed-off-by: Frédéric Demians <f.demians@tamil.fr>
As suggested by Colin, perl -wc catalogue/search.pl doesn't complain
anymore after applying the patch. perlcritic confirms the 2 variables
were unused.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Brendan A Gallagher <brendan@bywatersolutions.com>
The nonpublic note for items is not displayed in the staff client. It
should be displayed in the following areas:
1) Checkouts (circulation.pl)
2) Checkins (returns.pl)
3) Record details ( moredetail.pl )
Test Plan:
1) Ensure your non-public note field is mapped to the
items.itemnotes_nonpublic database column
2) Edit an item, add a test nonpublic note
3) Check out the item, verify the note is visible in the checkouts table
4) Check in the item, verify the note is visible in the checkins table
5) View the item details, verify the note is visible and editable
if your account has the rights to edit items
Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch fixes:
- reports/bor_issues_top.pl
- sort order
- adv search and search results
- opac-topissues.pl
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Test plan:
1/ update the Schema (misc/devel/update_dbix_class_files.pl)
2/ Translate templates for some languages (es-DE, de-DE for instance)
3/ Enable them in the pref (search for 'lang') for the staff interface
4/ Go on the item type admin page (admin/itemtypes.pl)
5/ Edit one
6/ Click on the 'translate for other languages' link
7/ You are now on the interface to translate the item type's description
in the languages you want. So translate some :)
8/ Go back on the item type list view (admin/itemtypes.pl)
9/ You should see the original description (non translated)
10/ Switch the language
11/ You should see the translated description in the correct language.
If the description is non translated, the original description is
displayed.
12/ On the different page where the item type is displayed, confirm that
the translated description appears.
Think further / Todo:
1/ Update all occurrences of the item type's description (DONE)
2/ Implement for authorised values
3/ Implement for syspref value (at least textarea)
4/ Implement for branch names
5/ Centralize all the translation on a single page in the admin area
...
N/ Implement a webservice to centralize all the translations and give
the ability to sync the item types/authorised values description with
the rest of the world (push and pull).
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Same as previous patch for calls in pl scripts.
Test plan:
- delete an entry of your search history from intranet and opac
- with IndependentBranches=OFF, go on the waiting holds and confirm that the
link next to 'Holds awaiting pickup for your library on' is correct.
- search for items, the pagination should work correctly
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
There is no special need to format the date in the perl script.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This bug removes deprecated C4::Dates from catalogue/detail.pl
To test:
Apply patch
Go to Home > Catalog > Details for [some biblio with items and holdings]
Make sure that biblio and Holdings and Acquisition details display as appropriate
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Bug 14879 - Remove C4::Dates from catalogue/detail.pl
Remove forbidden patterns (tab) to pass QA tools
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
If IdependentBranches is ON, to edit/delete items from other branches
you need to be superlibrarian.
Currently a "simple" staff user cannot edit them from the edit item page
but from the catalogue detail page.
The edit links should not be displayed on this table.
Test plan:
O/ Set IndependentBranches to "Prevent".
Create a record and add 2 items:
Set homebranch to L1 for item I1.
Set homebranch to L2 for item I2.
1/ With a superlibrarian user, you should be able to edit both items.
2/ With a "simple" user attached to L1, you should only be able to edit
I1. The edit links should not be displayed for I2.
Note that the checkbox is displayed on the catalogue detail page (item
list), but on the batch tools, it won't be possible to select non-modifiable
items.
TODO: Add a server-side check. Indeed it is still possible to edit an
item if the user know the url.
Followed test plan. Works as expected.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 10404 adds the use of String::Random to catalogue/search.pl but bug
11369 removes it without removing the import line.
Test plan:
git grep String::Random catalogue/search.pl
should not return anything
Signed-off-by: Joonas Kylmälä <j.kylmala@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
The script catalogue/getitem-ajax.pl is called by acqui/orderreceive.pl
when item is receipt.
There is not auth check done, this means anybody can retrieve item info.
Test plan:
With the acquisition => order_receive permission, try to receive an
item.
It should work.
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz>
Very easy to test.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
On the item search form the list of home libraries isn't sorted
alphabetically by their descrption.
To test:
- Ensure that you have libraries whose code/name are sorted in a different alphabetical order (e.g. Aardvark/ZZZ & Zebra/AAA)
- Staff: Advanced search - item search
- See that libraries are sorted in code order
- Apply patch
- Verify selection block for home library is correctly sorted after
applying the patch.
Signed-off-by: Indranil Das Gupta (L2C2 Technologies) <indradg@gmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Note that this does not appears at the OPAC.
We will need 2 different testers here, the results seem to depend on the
Encode version.
0/ Determine your Encode version (`pmvers Encode`).
If you have 2.60:
1) /cgi-bin/koha/catalogue/search.pl?q=ééé&op=Submit
You should get
" No results match your search for 'kw,wrdl: ���' in my library Catalog."
2) /cgi-bin/koha/catalogue/search.pl?q=ກ
You should get
Cannot decode string with wide characters at
/usr/lib/i386-linux-gnu/perl/5.20/Encode.pm line 215.
If you have <2.60 (? not sure here):
1) /cgi-bin/koha/catalogue/search.pl?q=ééé&op=Submit
You should not get encoding problems.
2) /cgi-bin/koha/catalogue/search.pl?q=ກ
You should not get encoding problems.
Apply this patch, try again 1 and 2.
If the Encode version is >=2.60, the encoding issues should be fixed.
If not, please detail if there are any regression.
NOTE: Tested on Ubuntu 14.04, Debian 8, and Debian 7. See comment #3.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
To test:
Click Advanced search in staff client
Click the link for "Go to Item Search" at the top of the page
Do a search, you should get results. Try some combinations and make sure it works like it should.
Signed-off-by: Jacek Ablewicz <abl@biblos.pk.edu.pl>
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch changes one small line in catalogue/search.pl and opac/opac-search to sort facets by:
facet_label_value
instead of
facet_title_value
To test:
1 - Perform a search with results in two branches e.g. Centerville (code CPL) and Fairfield (code FPL)
2 - Notice that branch facets appear correctly sorted
3 - Rename the branches Centervile->Zebra and Fairfeild->Aardvark (but don't change codes)
4 - Repeat original search
5 - Note that branch facets are no longer correctly sorted
6 - Apply patch
7 - Repeat search
8 - Facets should be correctly sorted
9 - Test in both staff and opac search
10 - Ensure there are no unintended consequences/regressions
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Work as described, staff AND opac
No errors
Signed-off-by: Jonathan Druart <jonathan.druart@koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@unc.edu.ar>
On the MARC detail page, the columns are displayed in a random order.
This means that you can open 2 different records and see the columns
displayed in a different order.
Test plan:
Go on different MARC detail view and confirm that 1/ all fields are
present and 2/ they always are displayed in the same order
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
1/ & 2/ correct
No errors
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This csv does not use the correct way to display headers.
They should be put in a separate file to get a correct display.
Without this patch, the first line of the generated file contains the
headers + data
Test plan:
1/ choose a language and update + translate the templates
for instance:
cd misc/translate;
./translate update es-ES; ./translate install es-ES
2/ Go to the item search form using this language
3/ Launch a search and select CSV to display the results.
The CSV headers should be correct
Signed-off-by: Frederic Demians <f.demians@tamil.fr>
Seen the bug. Works as described.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
First, it is strongly recommended to set the OPACBaseURL. But
this patch allows the inclusion of the protocol and not just
a site.
Next, C4/Auth now puts OPACBaseURL into the template parameters
regardless of OPAC or Staff clients. t/db_dependent/Auth.t was
tweaked to add a check for confirming that get_template_and_user
adds OPACBaseURL to both OPAC and Staff templates.
In the staff client, once the OPACBaseURL is set, you get a nice
OPAC View link when viewing a biblio's detail. It should reflect
the protocol used now.
Hard coded 'http://' strings were removed from the
sample_notices.sql files. This is what required also updating
the letters table in the updatedatabase.pl script.
The explanation text in the sysprefs.sql needed updating too to
reflect the inclusion of the protocol. And this was the other
update done in the updatedatabase.pl script. The opac.pref file
was similarly changed as well.
catalogue/detail.pl had no need to pass a custom OpacUrl value,
since C4/Auth passes the required OPACBaseURL, so it and the
corresponding template were modified.
Both the MARC21 and NORMARC intranet details files had 'http://'
hard coded in them. This was removed.
Both the bootstrap and prog theme opac-detail template had a
protocol parameter that was used. The logic for the parameter
was not removed, because it is used extensively in one template.
Perhaps it should be used to simplify the other. However, the
calculated current_url parameter had references to the protocol
removed, because of the changes to OPACBaseURL.
opac/opac-shareshelf.pl had a hard coded 'http://' which was
removed.
t/db_dependent/Auth_with_cas.t had 'http://' added to the value
set for OPACBaseURL.
In virtualshelves/sendshelf.pl explicit code which sent the
OPACBaseURL preference was removed, since C4/Auth sends it all
the time now.
C4::Context::set_preference was tweaked to ensure that
OPACBaseURL would always start with http.
t/db_dependent/Context.t was tweaked to specifically test this.
The Shibboleth authentication needs OPACBaseURL set, and that
it be https protocol. The _get_uri routine was tweaked to always
pass back https:// as the protocol on the OPACBaseURL.
t/Auth_with_shibboleth.t was tweaked to specifically test the
changes.
TEST PLAN
---------
This is not an easy patch to test. Difficulties include:
- configuring Koha to run under https
(tweaking apache2 isn't so hard, just tricky)
- configuring Koha to run OPAC and Staff with Plak
(since code with comments about plak were sliced out)
- configuring Koha to use CAS
(may be requires for the CAS test)
1) Apply patch
2) Make sure OPACBaseURL is set without the protocol included.
UPDATEDATABASE
3) back up your DB
4) ./installer/data/mysql/updatedatabase.pl
-- It should run without errors.
5) Look up the OPACBaseURL system preference in the staff
client
-- It should have http:// prepended.
6) Run the mysqlclient from your koha git directory
USE koha_library;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
-- There should be no prepended http:// on the
<<OPACBaseURL>>.
7) restore your DB
8) Make sure OPACBaseURL is set with the protocol included,
preferably https.
-- Using https requires a bunch of apache2 tweaks.
AUTH
9) Call up staff client.
10) Call up OPAC.
-- C4/Auth.pm doesn't barf.
11) Call up Plack staff client
12) Call up Plack OPAC.
-- C4/Auth.pm doesn't barf.
13) prove -v t/db_dependent/Auth.t
CONTEXT
14) Home -> Koha administration -> Global System Preferences
-> OPAC
15) Modify and save OPACBaseURL to not have http:// or https://
on it.
-- It should be modified to include http://
16) Modify and save another system preference.
-- It should save normally
17) prove -v t/db_dependent/Context.t
CATALOGUE/DETAIL (tt & pl)
18) Confirm the OPACBaseURL is set
19) Navigate to any biblio details in the staff client
-- There should be a "OPAC view" link which has the
correct http:// or https:// in it.
SQL (sample notices and sysprefs)
20) Run the mysqlclient from your koha git directory
USE koha_library;
DELETE FROM letter;
source installer/data/mysql/de-DE/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/en/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/nb-NO/1-Obligatorisk/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/es-ES/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/fr-FR/1-Obligatoire/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/it-IT/necessari/notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/pl-PL/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/ru-RU/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
DELETE FROM letter;
source installer/data/mysql/uk-UA/mandatory/sample_notices.sql;
SELECT content FROM letter WHERE content LIKE "%<<OPACBaseURL>>%";
-- Each of the selects should should lines that have
<<OPACBaseURL>> starting them, but no hard-coded http://
DELETE FROM systempreferences;
source installer/data/mysql/sysprefs.sql;
SELECT * FROM systempreferences WHERE variable='OPACBaseURL';
-- The explanation should reflect the new explanation.
QUIT
21) restore your DB
22) Make sure OPACBaseURL is set with the protocol included,
preferably https.
-- Using https requires a bunch of apache2 tweaks.
SLIM2INTRANETDETAIL
23) Set 'XSLTDetailsDisplay' system preference to default.
24) Set 'marcflavour' system preference to MARC21.
25) View any biblio's details.
-- the URL beside 'OPAC View' should have the appropriate
http:// or https://
26) Set 'marcflavour' system preference to NORMARC.
27) View any biblio's details.
-- the URL beside 'OPAC View' should have the appropriate
http:// or https://
OPAC-DETAIL
28) Set 'opacthemes' to bootstrap.
29) Set 'SocialNetworks' to enabled.
30) In OPAC, view any biblio's details.
-- the Share links should have the appropriate protocol on
the OPACBaseURL.
31) Set 'opacthemes' to prog.
32) In OPAC, view any biblio's details.
-- the Share links should have the appropriate protocol on
the OPACBaseURL.
AUTH_WITH_CAS
33) prove -v t/db_dependent/Auth_with_cas.t
OPAC-SHARESHELF
34) Set 'OpacAllowSharingPrivateLists' to allow.
35) In OPAC, 'Save to Lists' a search result.
36) Save it to a new private list.
37) Click the Lists button, and select the new list.
38) Click the Share button.
AUTH_WITH_SHIBBOLETH
39) prove -v t/Auth_with_shibboleth.t
-- needs to be tests on Debian, because I can't get
the Test::DBIx::Class installed in Ubuntu. :(
Rebased again on kohadevbox...
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This patch adds stocknumber (named Inventory number in interface)
to details table and items display if it exists.
Test scenario:
1. find item(s) which have inventory number assigned
2. verify that you don't see inventory number in items display
3. apply this patch
4. verify that inventory number is now available
Signed-off-by: Nicole <nicole@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Chris Nighswonger <cnighswonger@foundations.edu>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
http://bugs.koha-community.org/show_bug.cgi?id=9987
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
When records are imported into Koha, the items is stored into the
import_items table.
This marcxml in this table is never retrieved to display items.
Test plan:
1/ Import a records with items
2/ Before importing the batch into the catalog, you can see the marc
of the records, in the table below.
3/ Verify that the items is correctly displayed.
QA note: This patch does not provide test for new subroutines but the
module (C4::ImportBatch) is not tested at all and it will be time
consuming to provide them.
Signed-off-by: Nicole Engard <nengard@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Since SearchSubscriptions is the way to search subscriptions, each call
to GetSubscriptions could be replaced by a call to SearchSubscriptions.
Test plan:
Verify following pages display the same thing as before this patch:
- catalogue/detail.pl
- opac/opac-ISBDdetail.pl
- opac/opac-detail.pl
Verify the following page returns correct results:
- serials/checkexpiration.pl
Verify the Serials UT file still passes:
- prove t/db_dependent/Serials.t
Note: The title filter on checkexpiration now only searches on the title
DB field. I don't think it is a regression, it should be the way to use
this field. Maybe should we add new search fields on this form.
Bug 5337 reintroduces a bug fixed by bug 5864, this patch restore the
right way to search subscription (based on biblionumber).
Signed-off-by: Aleisha <aleishaamohia@hotmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Signed-off-by: sonia BOUIS <sonia.bouis@univ-lyon3.fr>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
Bug 13425 tried to fix XSS in OPAC, by using url filter in template toolkit
on whole generated url. This doesn't work and create double encoded strings
in facets because we are creating url variable by concatenating query_cgi
(which did pass through uri_escape_utf8 on perl side) and other
parameters which have to be escaped in template.
Also, code like
[% SET limit_cgi_f = limit_cgi | url %]
doesn't do anything (at least doesn't apply url filter) so it's not needed.
This patch also fixes encoding of hidden fields used in sort by form.
And lastly, it tries to make facet changes for opac and intranet as same as
possible to simplify future maintencence of this code.
Test scenario:
1. find results in your opac which contain accented characters
2. click on them and verify that results are missing
3. apply this patch
4. re-run search and click on facets link verifying that there are
now results
5. test sort by form and verify that results are ok
6. verify that facets are still safe from injection by constructing url like
/cgi-bin/koha/opac-search.pl?q=123&sort_by='"><script>prompt('Happy_Holidays')</script>&limit=123
and verifying that you DON'T see prompt window in your browser
Signed-off-by: Jonathan Druart <jonathan.druart@biblibre.com>
Signed-off-by: Katrin Fischer <Katrin.Fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
This data is passed into form so it needs to be correctly marked as
utf-8 if we want form submit to work correctly
This change fixes sort issues which use form submit.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
The C4::Acquisition module should be exploded in order to add
readability and maintainability to this part of the code.
This patch is a POC, it introduces a new Koha::Acquisition::Bookseller module and put in
it the code from GetBookSeller and GetBookSellerFromId.
Test plan:
1/ Create a bookseller, modify it.
2/ Add contacts for this bookseller
3/ Create an order, receive it, transfer it
4/ Launch the prove command on all unit tests modified by this patch and
verify that all pass.
Signed-off-by: Paola Rossi <paola.rossi@cineca.it>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@gmail.com>
