Martin Renvoize [Thu, 14 Apr 2022 09:19:47 +0000 (10:19 +0100)]
Bug 30540: Unit test
This patch adds tests for checking the output_pref method against
a timezone and datetime that would cause an Invalid local time failure
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/DateUtils.t
=> FAIL: The feature is not implemented, tests fail to complete
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 052dd948af6eaaaeeb0e83a6950543b4832aeefe)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 3e42ca76c28e8d4a043fbf4af1e60ad14e4fae73) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Wed, 13 Apr 2022 07:24:22 +0000 (08:24 +0100)]
Bug 30518: Correct DateTime maths for needs_advancing
The needs_advancing method prior to this patch used basic DateTime
arithmatic, adding a DateTime::Duration in Days to the Arrival date of
the item and then comparing that to today. This, however, can cause bugs
when the arrival + duration date coincides with a DST boundary and as
such may result in an invalid local date. See
https://metacpan.org/pod/DateTime#Making-Things-Simple for further
details.
This patch updates the code to use the DST safe delta_days method to
count the days between arrival and now instead and then compares this
integer to the defined duration of the stage.
To test:
1. Re-run the unit tests, they should now pass.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 3929335cdbea81c7c891a8a979d69861468502fd)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit fb1f752f47b70c56509747c5ce6e25bc56f34779) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Wed, 13 Apr 2022 07:52:02 +0000 (08:52 +0100)]
Bug 30518: Unit test
This patch adds tests for checking the needs_advancing method against
a timezone and datetime that would cause an Invalid local time failure
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/StockRotationItems.t
=> FAIL: The feature is not implemented, tests fail to complete
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 4450ad21100a02055e3f0f05918b2d4b17852107)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit b8c1391c4a7e23d6c1de25bd03b95612c8f99de8) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Tue, 19 Oct 2021 13:03:07 +0000 (13:03 +0000)]
Bug 29271: Fix cash register report results
This patch changes accounts.inc to use the credit/debit type codes directly
rather than needlessly fetching the credit_type/debit_type object jsut to get
the code. This allows the BLOCK to work on non-object lines
We also only pass a debit or credit type to csv (accountline cannot be both)
empty-line.inc is also removed in favor of correcting the markup
one more column added to total line
To test:
1 - Add some debits and credits to accounts
2 - Browse to Reports->Cash register
3 - Select transaction type 'All transactions'
4 - Output to screen
5 - Run report
6 - Note transaction types column is empty
7 - Output to a file
8 - Run report
9 - Open file and note:
amount column is out of place
extra line before total
10 - Apply patch
11 - Repeat and note display and export are correct
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Mason James [Sat, 5 Mar 2022 02:30:21 +0000 (15:30 +1300)]
Bug 19169: Add a test to detect unneeded 'atomicupdate' files
to test...
1/ set git repo
$ git reset --hard v21.11.03
2/ run test
$ prove ./t
OK
3/ apply patch
4/ run test again, observe FAIL
$ prove ./t/00-check-atomic-updates.pl
./t/00-check-atomic-updates.pl .. 1/?
# Failed test 'check for unhandled atomic updates: bug_29596.pl'
# at ./t/00-check-atomic-updates.pl line 34.
# 'bug_29596.pl'
# matches '(?^u:.*pl$)'
# Looks like you failed 1 test of 3.
./t/00-check-atomic-updates.pl .. Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/3 subtests
JD Amended patch: fix copyright year Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 1d24015e46c3127497aac31b2baddad547e4e8b3)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit bc831c17ad45819ab01dd97685cecc862c427643) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Thu, 24 Mar 2022 15:24:06 +0000 (16:24 +0100)]
Bug 30172: Enqueue the job even if rabbitmq is not reachable
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit ce24a745c30f807587857e2f9449176ad4f78291)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 25c3a72725009d55c7cfd3078d8cd2a37cf9a071) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Thu, 24 Feb 2022 09:41:16 +0000 (10:41 +0100)]
Bug 30172: Prevent race condition when enqueuing a new task
As we are sending the job to the rabbitmq before in the transaction, the
worker can receive the job to process before the transaction committed.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 40a329474486ffdef145466ddb66d65060d656ac)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit ec67db56f155a092cdb6d0b0ddce7abc9956ace0) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
David Cook [Fri, 4 Dec 2020 05:36:04 +0000 (05:36 +0000)]
Bug 26328: Cast barcode from varchar to integer for incremental barcode
Without this patch, the incremental barcode generation will
treat 978e0143019375 as having an exponent and interpret it as a very
large number.
With this patch, the incremental barcode generation will first cast
barcode varchar strings to integers before finding a max() value.
In this case 978e0143019375 becomes 978 instead of
1.7976931348623157e308
Test plan:
0. Using koha-testing-docker
Before applying patch:
1. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=autobarcode
2. Set to "generated in the form 1, 2, 3"
3. Go to http://localhost:8081/cgi-bin/koha/cataloguing/additem.pl?biblionumber=1#additema&searchid=scs_1607059974968
4. Add item with barcode 978e0143019375
5. Click "p - Barcode"
6. Note the barcode is "Inf"
After applying patch:
1. Go to http://localhost:8081/cgi-bin/koha/cataloguing/additem.pl?biblionumber=1#additema&searchid=scs_1607059974968
2. Click "p - Barcode"
3. Note the barcode is "39999000019194"
Signed-off-by: Marjorie <marjorie.barry-vila@collecto.ca> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 445cbb373bc7756494a4b28cede53ec23942999e)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 1b5cb40fbcc769a7cf0355a46d3d13e2a00deb0f) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Mon, 21 Mar 2022 14:56:21 +0000 (15:56 +0100)]
Bug 26328: Add test
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 68664b7b706945ad0d9176be69dd5fe71a0bd13b)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 2a290b36a734f0dd3df64d764c1f25cfec904c94) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Fridolin Somers [Sat, 22 Jan 2022 01:57:28 +0000 (15:57 -1000)]
Bug 28943: (QA follow-up) Fix opac.pref
Fix YAML syntax of opac.pref, we must use dash for new lines.
Also removes duplicate text before syspref.
No need to say "code" since it is now a list of categories.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 31fffa6006bf25bfa303fa44f4ae56f461cebb59)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 53e2a1b61c1b54dc7729e90049f35b9eb585320b) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Bug 28943: Lower the risk of accidental patron deletion
If you do not use a temporary self registration patron category,
you should actually make the preference
PatronSelfRegistrationExpireTemporaryAccountsDelay empty.
As the comment in sysprefs.sql already said, we should not let
a zero value in the pref delete patrons too.
The module is changed now, the test adjusted and
the description of both related sysprefs modified.
Test plan:
Run t/db_dependent/Members.t
Check in Administration the two adjusted OPAC pref descriptions.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 8e500c57da0e33b517c13715d3a17271fe47c286)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 7730699767fd4f77a9ac75d58f153dc0627a00a5) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Fri, 25 Feb 2022 20:04:41 +0000 (20:04 +0000)]
Bug 22993: Handle default messaging preferences during patron creation from API
TO test:
1 - Set default messaging preferences for a patron category
2 - Create a patron in that category using the API
3 - Verify messaging preferences are not set
4 - Apply patch, restart all
5 - Create another patron
6 - Verify messaging preferences are correctly set
7 - prove -v t/db_dependent/api/v1/patrons.t
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 1e02087923230e5c6ecad66dcf1288a196ba2c81)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit ced32711bb2915e9b4dd97bf3695d86712620ca4) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Fri, 25 Feb 2022 20:04:14 +0000 (20:04 +0000)]
Bug 22993: Unit tests
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit c5577fa6ba3c7a29acbe83cde82b3195ef32ef86)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit bb9cf28aa201fa26d81cb7843da691c21551f86f) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Thu, 27 Jan 2022 11:40:45 +0000 (12:40 +0100)]
Bug 30296: [20.11.x] Set path for bibs_selected
Or it does not get cleared. Not that we may want to skip it for master
as bug 29932 is going to replace it with sessionStorage
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
No longer needed too on 21.11 and 21.05. Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 0d81e337696038ad194a98461f138676d6235fb4) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Mason James [Mon, 24 May 2021 21:21:53 +0000 (09:21 +1200)]
Bug 30084: Remove explicit dependency of liblocale-codes-perl
1/ apply patch
2/ build and install new koha-common package
=> Package liblocale-codes-perl is not installed, Koha does not need it
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Mason James <mtj@kohaaloha.com>
JD amended patch: fix commit message Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle Hall <kyle@bywatersolutions.com>
(cherry picked from commit b793c25f80a69b292d7300f53892b291534341af)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 47afecd38026c8be8827b1d0a3d215a0a63413ac) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Bug 29877: Make POST /holds handle maxreserves correctly
The current implementation doesn't consider the following values for the
syspref: undef and 0.
The tests mistakenly didn't cover them.
To test:
1. Apply the regression tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Tests fail, obvious warnings about comparing undefined values
too.
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. You can try on Postman as well
=> SUCCESS: Behavior is correct!
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit b002a84a2c6e5ee59562620b62bb21cfc7f61a02)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 19f3a58d4d57bc89017f22d3db640160142fe2dd) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 8ea1b883b76187a1d863f08426b65f5321fd703e)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 998e0997e4949abe5505d03253addd5dcb5ec4bb) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit e6faadbc8647cbe667a38c47d265c6b6d301880d) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
This patch adds the Yiddish language to Koha. The language codes were
taken from https://www.loc.gov/standards/iso639-2/php/code_list.php
Sponsored-by: Universidad Nacional de San MartÃn Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 808fb2679bb4c3574589486546d61e0d392c8368)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit c014c4bc530407d580990a32bcfc541a6cfac3c5) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Thu, 2 Dec 2021 12:52:45 +0000 (13:52 +0100)]
Bug 29385: Catch register_id for payments against fees
This patch refactors the pay method in SIP FeePayment such that we
consistently pass parameters to both invocations of Koha::Account->pay.
It ensure the missing cash_register definition is passed when a set of
account lines to pay is defined.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit e8b1bc88508c1cf919b21cf93a0f7163e1c07289)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit bbb22c061ad67faf4c545b8080c9a5b53e33ea5d) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
- Wraps the new SIP tests in a single transaction. We do that to avoid
sub-test interference, specially when test files get big. The provided
tests are correct and don't require previous tests data.
- Migrated from the introduced 'diag' calls to 'note', as I just learned
they are the same, but 'note' is only displayed when in verbose mode.
Which is great to avoid unnecessary noise in Jenkins.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 0f0bfcad7c1cfd2ce9baff8ed3cd6208bfe52b04)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 190c925997f75c013627317045dbd9030ca9075a) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Wed, 22 Dec 2021 15:25:44 +0000 (15:25 +0000)]
Bug 29754: Don't include patron when fetching guarantees fines
This patch removes the flag to fetch the patrons own debts as we have already
calculated them
This test plan highlights another issue - the value of NoIssuesChargeGuarantorsWithGuarantees
is not checked in SIP code - we merely get the total owed including guarantees and compares to
noissuescharge
See bug 29755
To test:
1 - Apply first patch only
2 - prove t/db_dependent/SIP/Patron.t
3 - It fails
4 - Enable NoIssuesChargeGuarantorsWithGuarantees, you can set to 1
5 - Create/find a patron
6 - Add a $10 charge to parons account
7 - Add a guarantee to patron
8 - Add a $5 charge to guarantee
9 - Set noissuescharge to 15.01
10 - perl misc/sip_cli_emulator.pl -a localhost -p 6001 -su term1 -sp term1 -l CPL -m patron_information --patron BARCODE
11 - Note the 64 message starts with Y's that mean patron is blocked
12 - Patron shouldn't be blocked as under 15.01
13 - Apply patch
14 - Restart all
15 - repeat 10
16 - Patron is no longer blocked
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit fe59e356a3b2ea32b333d6c1d332468db61feeec)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit c5084b48f038b5c189614c65ab0741d10f1a2f4a) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Wed, 22 Dec 2021 15:20:16 +0000 (15:20 +0000)]
Bug 29754: Unit test
This adds a unit test to the SIP code
It also adds some spacing and dividers to make the tests for 'relationships_debt' easier to read
To test:
prove -v t/db_dependent/Koha/Patron.t - passes and is readable
prove -v t/db_dependent/SIP/Patron.t - fails
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit a38ba3b0bd88c96d5614d9e9231c358512158d68)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 1058a16e87c0448bff9a655145e0a038491b5a2f) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Thu, 27 Jan 2022 13:14:27 +0000 (14:14 +0100)]
Bug 29956: Prevent login form to be serialized into cookie
To recrate:
Logout
Go to /cgi-bin/koha/opac-search.pl
Click "Log in to your account"
Fill in the login form
Submit
Check the 'form_serialized' cookie's value
=> Without this patch it contain login/password
=> With this patch applied the cookie is not created
Confirm that the "Return to the last advanced search" feature still
works as expected.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 69479ba5316f66dcd6b87356874320aed2c8a517) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Marcel de Rooy [Mon, 24 Jan 2022 10:24:08 +0000 (10:24 +0000)]
Bug 29931: Check cookie status before continuing
Test plan:
Logout from staff.
Try to run plugins-enable (you should have some active plugin).
Like: https://yourserver:staffport/cgi-bin/koha/plugins/plugins-enable.pl?class=Koha::Plugin::Test&method=enable
Replace class and method as appropriate.
Verify that with this patch, you will be redirected to 401 page.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 29931: (follow-up) Similar thing in opac-patron-image.pl
Although less harmful indeed. No borrowernumber, no image.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested: logged in, logged out, prefs toggled. All fine.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 29931: (follow-up) Fix svc/checkouts and return_claims too
Adding the same auth_status check here too.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Mason James [Fri, 14 Jan 2022 06:44:24 +0000 (19:44 +1300)]
Bug 29881: libdbd-sqlite2-perl is unavailable on deb12 (koha-common wont install)
to test...
- attempt to install koha-common pkg on deb12
confirm error...
The following packages have unmet dependencies:
koha-common : Depends: libdbd-sqlite2-perl but it is not installable
- apply patch, rebuild new package
- install new koha-common pkg on deb12 successfully
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 382e63cc2da99461dc34fec86dd5014f8cd544c7)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 9a761767103d5881093e9817e4f1de69150b7eb3) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Mon, 17 Jan 2022 10:40:00 +0000 (11:40 +0100)]
Bug 29862: Add missing txn begin/rollback in TestBuilder.t
It fixes the tests when SearchEngine=ES
t/db_dependent/TestBuilder.t .. 7/15 Invalid MARC field expression: l5ffglZ_upqqcwOvaiyALgXfyJw2Ot2AGRPUsiAPzSFHfd8J_hsnuQ8z75B8RKc_kyo2rFBp8BrPNwcM1FPhc01ngP01HU_Z7Rx1VHfcIcmrifYnjBDWNmYB9N5_4xEnxMH7ZhqC9b2Bz9wf9
wSEmx64x6t5xFFKX at /kohadevbox/koha/C4/Biblio.pm line 306.
# Looks like you planned 12 tests but ran 6.
# Failed test 'Tests for delete method'
# at t/db_dependent/TestBuilder.t line 302.
Can't call method "biblionumber" on an undefined value at t/db_dependent/TestBuilder.t line 281.
# Looks like your test exited with 11 just after 8.
Previous subtest created invalid date in the ES mappings.
Test plan:
Set SearchEngine=ES and run the tests, they must pass.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 27ec3a5d4c2b8bc304d23197563952ef47d5986a)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 6c206df70a699679e59b56207cefb66e8f61eb5f) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Fridolin Somers [Sat, 22 Jan 2022 06:45:27 +0000 (20:45 -1000)]
Bug 29722: (QA follow-up) Replace unusual single quote
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit a4c5a166918483c22686fc2ed4677b61e44bb7b6)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 7b8a548a8bcaa609ff7641b0b3e72e1ba18df63c) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Aleisha Amohia [Fri, 17 Dec 2021 02:48:42 +0000 (02:48 +0000)]
Bug 29722: Add more sample quotes
This patch adds sample quotes from women, women of colour, trans women,
Black and Indigenous women, and people who weren't US Presidents!
To test:
1. Install a fresh Koha and import sample quotes
2. Go to Tools -> Quote editor
3. Confirm the quotes show
Sponsored-by: Catalyst IT Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 97692b4bba77597f15c59bdc19fd49663388fdaf)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 63670a5251e6eec2ac2b4017a2c4abce7d65a737) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
We should do the same authentication check than sco-main.pl, and also
make sure to generate the checkout history only for the logged in patron
(the OPAC one, not staff member)
Test plan:
Use the different combinations of the SCO config (AutoSelfCheckAllowed,
SelfCheckoutByLogin and WebBasedSelfCheck) and confirm that this patch
fixes the SCO print slip feature.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 72fa33490b71d91658c32493c687b1c5a37dc1df)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 26cbc70d1981a1ee3d1c658a0b96fb504d65e177) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 7e1e62d69b64c318562306ae15d9cd674e0a1529) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Tue, 18 Jan 2022 15:01:00 +0000 (16:01 +0100)]
Bug 29495: Fix TestBuilder.t
Value not allowed for auto_incr issue_id in Issue at /kohadevbox/koha/t/lib/TestBuilder.pm line 387.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 0e369364a3256d5e1c2e207544607efe553fbd37) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Thu, 18 Nov 2021 07:43:44 +0000 (07:43 +0000)]
Bug 29495: Update relationship methods
This patch updates the relationship methods found in
Koha::Checkouts::ReturnClaim so that they are prefetchable and embeddable on
the API.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit faf8601bfd54ca8e61f305f7fbcbf382865fbe6b) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Wed, 17 Nov 2021 10:27:38 +0000 (10:27 +0000)]
Bug 29495: Add code level constraint replacement
This patch adds a check in Koha::Checkouts::ReturnClaim::store to
replace the database level foreign key check.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit f0fac71bbd8f073a5836f88402d20aa67175195b) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Wed, 17 Nov 2021 10:10:18 +0000 (10:10 +0000)]
Bug 29495: Add DBIC relationships back into Schema
This patch adds the relationship accessors back into the affected Schema
classes, now below the fold so they are retained during dbic rebuilds.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 1a25da170839d42f912c49911f49a750b7b74ca9) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Wed, 17 Nov 2021 09:56:48 +0000 (09:56 +0000)]
Bug 29495: Drop issue_id constraint from return_claims
This patch removes the issue_id constraint from return_claims.
Due to the nature of our dual table approach to checkouts/old_checkouts
we can't safely hae this constraint and not lose data. Prior to this
commit, when an item is checked in we move the checkout from checkouts
to old_checkouts.. this therefore triggers the delete of the issue_id
from the return_claims table as described by the foreign key constraint.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit f8125ecc182cfbc072886e0b122759c32290b0f6) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Mon, 22 Nov 2021 16:30:13 +0000 (16:30 +0000)]
Bug 29495: Unit Tests
Test plan
1. Run updated tests prior to applying new patches.. pass
2. Run updated tests after applying new patches.. pass
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit a052d6752ca641017d3008d56b6638643f9f1651) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Bug ?????: DBIC schema changes: bug of dbic or forgotten update
Or a bug of DBIC that creates duplicate relationships mappings that
should be harmless. Or a forgotten update but it was not possible to
track down the ticket.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit f9d9e5302aa0ebd3949d8a9d39f0ef937605c4c4) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Wed, 24 Nov 2021 16:05:23 +0000 (16:05 +0000)]
Bug 28832: (follow-up) Don't remove false values, only empty strings
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 117d826bf3b10c98a903fd0ed032fc9cb888741d) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Mon, 20 Sep 2021 17:22:46 +0000 (17:22 +0000)]
Bug 28832: (follow-up) Handle regex fields too
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 91289587d3b924b9108ba3438344cdfa356d6988) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Mon, 9 Aug 2021 16:28:16 +0000 (16:28 +0000)]
Bug 28832: Don't batch modify fields that we don't update
In bug 27837 we made sure to always pass through the permanent_location if it was passed in unlike
other fields which are not passed if they have no value.
During batch mod, however, fields that aren't editied have no value, so forcing permanent_location
to pass through forces blanking it.
This patch alters the script to only pass thgouhr for edit the fields that have been updated or
cleared.
To test:
1 - In frameworks add a new subfield to 952, "C" - make it editable in items tab and visible in intranet/editor
2 - In mappings map that subfield to items.permanent_location
3 - Set an item to have differing shelving location and permanent_location
4 - This saves correctly for an individual item
5 - Edit the item using Tools->batch item modification, updating the note field
6 - Note the permanet_location is removed
7 - Check the DB, the field is set to NULL
8 - Apply patch
9 - Repeat
10 - Permanent location is not cleared
11 - Verify that clearing fields works as before, including permanent_location
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Deb Stephenson <dstephen@dubuque.lib.ia.us> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit ba9713ba3a2d8fa5b94211dbc1e6003517079578) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
This patch fixes the duplicate buttons issue.
To test:
1. Apply the regression tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/Illrequests.t
=> FAIL: Tests fail
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 692804a49a59208b6726f48523bfb82e73671ddc)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 0b9c338f581fc562c94e8f1122b6d5b9bfc715e3) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit cbac005968752ce5c473e9efb481183531cb7ddf)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 8a1f2fb600d58f201f2030c943fa71fc40795285) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Colin Campbell [Thu, 25 Feb 2021 10:59:24 +0000 (10:59 +0000)]
Bug 27793: Store FTX free text in vendor note
This is important for proquest ordering to distinguish types of
material.
FTX segment from quote is stored as vendor note.
Contents of vendornote are included in the order FTX segment.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 33c8d6f175bf5c5f2a2f08db9e95d363027c276a) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Thu, 9 Dec 2021 13:55:41 +0000 (13:55 +0000)]
Bug 29670: Fix EDI for AcqCreateItem = 'placing on order'
The AcqCreatItem at order time functionality was broken by bug 27708.
This patch resolves that.
Test plan.
1) Run the newly created unit tests that prove both settings work
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
(cherry picked from commit 960372b76ca0b42d8e22dde445402f4c9ba523dc)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit bda8299669d1a34a32fe45f6f765133a0f54f22a) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Thu, 9 Dec 2021 16:04:55 +0000 (16:04 +0000)]
Bug 29670: Unit tests
This patch adds unit tests for Koha::Edifact::Order->order_line. We now
check that the message segments are created as expected for both the
'ordering' and not 'ordering' case for acquisitions item creation time.
Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
JD amended patch: spelling segement ==> segment
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 1926a207536d38d772a816b0c0179d9201273e04) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 7a87c3ddb33ed561da194f717be49565e85e8af8) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Wed, 17 Nov 2021 16:49:27 +0000 (16:49 +0000)]
Bug 29457: Generic warning at upgrade
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended: Adding exec flag and two dots. Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 1dec6d946875b7151278fab9d6da65995f37cdab)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit a28dd48b5ee08fea46ead91b0ef1a071dff5e686) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Martin Renvoize [Thu, 11 Nov 2021 10:56:45 +0000 (10:56 +0000)]
Bug 29457: Pass context borrowernumber
This patch updates the call to cancel such that we pass the currently
logged in users borrowernumber instead of their userid.
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 0a79d2542178439e6dee39adc669cdeeecf5207e)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 002954a83cb71db137f46c57fb9f944e0c730c0a) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Bug 29736: (QA follow-up) No need to delete all clubs
There's no real need to delete all the existing clubs in the tests.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit d4c628f1711f532b6441e9e8244e7e13369af40e)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 4e4a452609e00b12877399a6ac643867d6570ccb) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Without this patch, the list will always display all clubs.
To test:
1. Have two clubs, with enrollemnts:
- Cthulhu fans
- The Shadow Out of Time fans
2. Search for the letter c
=> FAIL: You get both results
3. Apply this patch
4. Repeat 2
=> SUCCESS: Only Cthulhu is returned
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 96012930ee78776af2a2c3e00aaf87a5ff231fac)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 91fd6ddd7cfdd69d33b7742365336a5e42e050e9) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Mon, 20 Dec 2021 14:14:56 +0000 (15:14 +0100)]
Bug 29736: Don't return empty clubs
There is an error when placing a hold for a club without members:
Uncaught TypeError: err.responseJSON.error is undefined
It seems that we should remove clubs without members from the search.
Test plan:
Create 1 club xx with 2 patrons
Create 1 club xxx with 1 patron and cancel their enrolment
Create 1 club xxxx without patron
Place a hold for club "x", only the first one should be returned with
this patch.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit b45e67e03eeffdaa006c693e2e6426d452cbb09e)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 4520178095b3bfe1e9ba976b2798721f96635052) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Bug 29018: Make DELETE /patrons/:patron_id check things
When the route was implemented, the checks were overlooked. This patch
adds checks for:
- Guarantees
- Debts
- Current checkouts
Any of those will block deletion, as it should.
To test:
1. Apply the regression tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: Tests fail, the route misses checks
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! The three conditions prevent deletion!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 4948faacc0807773d4a8540b8bbc02db56d1729f) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 493db07948f0cc4211f916e87273313f4e020638) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Mason James [Tue, 31 Aug 2021 04:05:05 +0000 (16:05 +1200)]
Bug 28926: Update cpanfile for Mojolicious::Plugin::OpenAPI v2.16
to test...
- apply patch
- build package
- confirm in about.pl that minimum versions are updated
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit bfd033c68aa63650f7f78d85054d2d41b697c094)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit 81ce0e2db52ff83e023f22c46dd20ed2f62d0190) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
We are loosing the link with the biblio (suggestion.biblionumber)
Test plan:
At the OPAC, go to the detail page of a bibliographic record, click
"Suggest for purchase" and submit the form.
Without this patch the suggestion is created but the link to the
bibliographic record is lost
With this patch applied you should see that suggestions.biblionumber has
correctly been preserved
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 9ae252946da274ef50435a23e3e08cb8cb024f74)
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit ad5a157c82ae2d5fac215c4b34d3035feef1957c) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Wed, 15 Dec 2021 06:02:08 +0000 (07:02 +0100)]
Bug 29696: Add tests
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 146c1e1d9f8d94e10d189fb601f71f6683963b7d)
Bug 29696: correct number of tests for 21.05.x
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
(cherry picked from commit c467f3facad11655b4c817e88a48a3cb17d6547d) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Test plan:
Create a message, see the "Delete" link, don't click it but copy it
Change logged in library and use the link
If AllowAllMessageDeletion is off you should be redirected to 403
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit a2b9a76431a887aad7ebcee7b34fb921159271fd) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Wed, 5 Jan 2022 14:56:24 +0000 (15:56 +0100)]
Bug 29542: Prevent access to private list to non authorized users
The catalogue permission is not enough.
Test plan:
Create a private list owned by user A
Login with user B and hit (with XX the shelfid)
/cgi-bin/koha/virtualshelves/sendshelf.pl?shelfid=XX
You should get an error message "You do not have sufficient permission
to continue."
Login with user A
=> You should be able to send the list
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 6ca49b550e54a0f1729c5d23838256a0e4542f91) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Nick Clemens [Mon, 24 Jan 2022 14:19:24 +0000 (14:19 +0000)]
Bug 29914: (QA follow-up) Expand tests to cover failure case before patches
When asking for permissions we get 'failed', without we get 'ok'
Adding explicit checks for not 'ok'
Add a FIXME:
We should cover the case where we return 'failed' after changes, but that is a larger undertaking
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e956130f8f57d6204637015e57f362563041f984) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Marcel de Rooy [Fri, 21 Jan 2022 10:50:59 +0000 (10:50 +0000)]
Bug 29914: Remove warn on timeout
The value of the system preference 'timeout' is not correct, defaulting to 600.
Caused by previous test. Actually an omission in another sub that
does not seem to support 10x.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit eea32e6c5d39f5ec506b5c6cc81b390fcb6f8c52) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Fri, 21 Jan 2022 08:23:38 +0000 (09:23 +0100)]
Bug 29914: Add tests
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 3af901ae645a380d167fbc7b4e96bea892318d49) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Thu, 20 Jan 2022 09:10:05 +0000 (10:10 +0100)]
Bug 29914: Make check_cookie_auth compare the userid
check_cookie_auth is assuming that the user is authenticated if a cookie exists
and that the login/username exists in the DB.
So basically if you hit the login page, fill the login input with a
valid username, click "login"
=> A cookie will be generated, and the sessions table will contain a
line with this session id.
On the second hit, if the username is in the DB, it will be enough to be
considered authenticated.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 7114dc2fb1a1440dd031ee771efee6e50bb86540) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Thu, 2 Dec 2021 08:04:14 +0000 (09:04 +0100)]
Bug 29544: Fix opac-issue-note.pl
We must check if logged in user is trying to modify one of their
checkouts
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Mon, 22 Nov 2021 13:56:58 +0000 (14:56 +0100)]
Bug 29544: Ensure logged in user is allowed to modify checkout note
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Mon, 6 Dec 2021 12:58:25 +0000 (13:58 +0100)]
Bug 29541: Prevent users from another group to access patron's images
We should respect group restrictions here.
Test plan:
Create a patron from another group of libraries and don't let them
access info from patrons outside of this group.
Access the following link and confirm that you can see the image only
for patrons from their group
/cgi-bin/koha/members/patronimage.pl?borrowernumber=XX
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Jonathan Druart [Mon, 22 Nov 2021 14:29:58 +0000 (15:29 +0100)]
Bug 29541: Restrict access to patron's image to borrowers => * and circulate => *
The patron images is displayed on the 'circulation' and 'members'
modules.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Marcel de Rooy [Mon, 22 Nov 2021 07:55:47 +0000 (07:55 +0000)]
Bug 29540: Raise flagsrequired in modrequest
Test plan:
Try modrequest with a user having only 'catalogue' perms and the following URLs:
[1] /cgi-bin/koha/reserve/modrequest.pl?reserve_id=XX&CancelBorrowerNumber=XX&CancelItemnumber=XX&biblionumber=XX
Fill the XXs with correct identifiers for some item level hold.
[2] /cgi-bin/koha/reserve/modrequest_suspendall.pl?suspend=1&suspend_until=2021-12-01&borrowernumber=XX
Fill the XX with borrowernumber for borrower that has pending holds.
You should see: Error: You do not have permission to access this page.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[AMENDED] More consensus for using reserveforothers than circulate_remaining.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 15285ae209f5a98ab2e77c730b0b70ff0b29c283) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
David Cook [Thu, 22 Jul 2021 06:34:20 +0000 (06:34 +0000)]
Bug 28735: Self-checkout users can access opac-user.pl for sco user when not using AutoSelfCheckID
This patch makes the sandboxing of the selfcheckout more robust by
adding a "sco_user" session variable which is turned on when
logging into the self-checkout (either by AutoSelfCheckAllowed or manually).
If a user with this session variable turned on tries to access
other parts of the system (like the rest of the OPAC), it will
"kick out", so that the browser user will lose the authenticated session.
Test plan:
1) Apply the patch
2) koha-plack --restart kohadev
3) Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
4) Note that you are logged into the self-checkout
So you see the login screen specific to the self-checkout.
To log with the actual patron. It's a nested auth.
5) Go to http://localhost:8080/cgi-bin/koha/opac-main.pl
6) Note that you are not logged into the OPAC
7) Log into the staff interface and disable the
system preference AutoSelfCheckAllowed
8) Log out of the staff interface (this step is very important)
9) Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
10) Note that you are prompted to log into Koha
11) Login using the "koha" user (when using koha-testing-docker)
12) Note that you are logged into the self-checkout
13) Go to http://localhost:8080/cgi-bin/koha/opac-main.pl
14) Note that you are not logged into the OPAC
Without the patch you would still be logged as "koha"
15) Go back to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
16) Note that you will need to log in again as you've lost your
session cookie
Without the patch you will still be logged in the self-checkout
Voila!
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 6d022889a2fac79c9148dd5f20c36f926d66065c) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Owen Leonard [Tue, 11 Aug 2020 17:26:18 +0000 (17:26 +0000)]
Bug 26102: Prevent XSS when To.json is used: unimarc_field_4XX.tt
To test, edit a MARC framework to link a subfield to the
unimarc_field_4XX.tt. The process of triggering the plugin and selecting
a search result from the plugin popup should work correctly.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit dbd13593538b8dbba9dfe9ff200b1d472ec0595b) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Owen Leonard [Tue, 11 Aug 2020 15:22:33 +0000 (15:22 +0000)]
Bug 26102: Prevent XSS when To.json is used: subscription-add.tt
Test the process of adding a subscription, entering both a valid vendor
ID and a non-existent vendor ID. The non-existent vendor ID should
trigger a validation alert.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 583aad8e48790443a14ac4b7dfe85fa1bdeb91a2) Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>