Katrin Fischer [Sun, 3 Jun 2018 08:09:23 +0000 (10:09 +0200)]
Bug 20861: Correct EDI permissions on EDI messsages
The permission for EDI is edi_manage, but 2 pages asked
for manage_edi, allowing users not to access those.
To test:
- Add edi_manage to your permissions
- Try to access the EDIFACT messages from the
acq start page
- Verify it doesn't work
- Apply patch and try again
- You should be able to access the page now
- Try to access the other page directly (if you don't
have EDI data):
/cgi-bin/koha/acqui/edimsg.pl
- Verify you can access the page and don't get a
permission error
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7883b19de5f24551b36bf29133b04bc71ad4d56a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit cbeed6cf3db342e025b4d837ab135136d39a140e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 28 May 2018 14:40:20 +0000 (11:40 -0300)]
Bug 20827: Display Fund's owner name when selected
When a fund is created or edited and does not have a owner yet, the
name of the patron will not be displayed when selected.
The HTML element the JS code expects is not present in the DOM.
Test plan:
- Create a fund, set a owner
- remove the owner, edit, etc.
- Save
- Edit again
Make sure it works as expected.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit dc396756a050bf3fe07bb3141df6535a27fd9afb) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit b344b81e24b63e4451c49909436a98cfcc71a622) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Tue, 8 May 2018 17:27:38 +0000 (14:27 -0300)]
Bug 20730: Move the authentication block before doing anything
No need to add more information here, it's self-explanatory...
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 43a297efc9b923ecfe5c703e2be4c99549b48954) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Thu, 3 May 2018 12:09:19 +0000 (09:09 -0300)]
Bug 20701: Add csrf protection to mancredit.pl
Works OK.
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit fb083c95a2582904d633b84e4eddabce08baf99c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Thu, 3 May 2018 11:52:24 +0000 (11:52 +0000)]
Bug 20701: Add csrf protection to maninvoice.pl
TO test:
1 - Be signed in to Koha
2 - Add a manual invoice to an account, works fine
3 - Now do it via url: http://localhost:8081/cgi-bin/koha/members/maninvoice.pl?borrowernumber=5&type=test&amount=5&add=Save
4 - Apply patches
5 - Test that everything continues to work as expected (but more securely)
6 - Try adding a new invoice via URL
7 - Should get 'internal server error' and wrong csrf token in logs
Works OK.
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 730d1fd57d982735522b3c7c1bc4d421255c2107) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Fri, 4 May 2018 07:54:30 +0000 (09:54 +0200)]
Bug 11943: Add unit test for double accepts
Test plan:
Run t/db_dependent/Virtualshelves.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 9d96397f55b333d63bec4fc09690aefcd164f809) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Fri, 4 May 2018 07:34:02 +0000 (09:34 +0200)]
Bug 11943: Prevent double accepts in Koha::Virtualshelfshare
This 'bug' existed long enough now to finally remove it ;)
We do so by deleting the invitation if the borrower already has a share
on this list. Actually not that hard.
We still need: a unit test and a db revision.
Test plan:
[1] Share a list. Let user B accept.
[2] Without this patch: Share again and let B accept again.
[3] Verify that you have two shares for this list in virtualshelfshares.
[4] With this patch: Share another list, let B accept.
[5] Share this other list again, let B accept again.
[6] Verify that virtualshelfshares does not contain double entries now.
(Note: This pertains to the second list only.)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 5a185e0d1a62a003d7acb8569465bb145c7585f0) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Fri, 4 May 2018 06:10:46 +0000 (08:10 +0200)]
Bug 20687: (follow-up) Look for invitekey in show_accept and fix error codes
We should check the invitekey in show_accept by passing it along in the
search call.
On the way I fixed some error checking: if the list number is invalid, or
the list is public or you are the owner, or if the key is not found, we
should set the right error code; the template contains those messages.
Test plan:
[1] Share a list and accept a correct invitation with another user.
[2] Try to accept some invalid proposals: wrong key, wrong list.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested invalid key, wrong list, owner, public list, expiry.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7ecc1257865d47336071412bf65b321090b69ce4) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Tue, 1 May 2018 13:47:18 +0000 (13:47 +0000)]
Bug 20687: Check all share keys for a given list
This patch gets all the shares for a list and iterates through to find
the correct one when accepting from a link
To test:
1 - Create a private list in the opac
2 - Invite 2 patrons to the list
3 - Try to accept from the patron you first shared to
4 - You will get a failure message about expiration of the link
5 - Apply patch
6 - Now try to accept the first share
7 - It works! Success!
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 07cc384cdaa5b191a55fe2fe300705d20a908a72) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 16 Apr 2018 20:41:42 +0000 (17:41 -0300)]
Bug 19030: Preserve link between order and subscription when editing an order
The aqorders.subscriptionid info is not sent to the template when the
order is edited. Which means we lose this link.
Test plan:
Create an order from a subscription
Edit the order
=> Without this patch, the aqorders.subscriptionid value is set to NULL
and items are created when receiving serial.
=> With this patch applied the link is preserved and expected behaviors
are preserved during all the acquisition workflow
You should also try and create several orders from the same subscription
Sponsored-by: BULAC - http://www.bulac.fr/ Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4df24fdde1b6845930d2532c23be2e6d3bf6ef9a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 18725: (QA follow-up) Use make_column_dirty instead of status change
Moving the status to the invalid 'processing' might well have unwanted
side-effects. (The status column will be set to empty string and we have
a problem if it is not processed.)
This patch allows pass-through of DBIX's make_column_dirty in
Koha::Object (simple tests included) and uses it to force an update.
If the update does not return true, it still exits.
Test plan:
[1] Read the changes.
[2] Run t/db_dependent/Koha/Object.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
Koha/Object.pm
Kyle M Hall [Thu, 26 Oct 2017 13:04:59 +0000 (09:04 -0400)]
Bug 18725: Prevent process_message_queue to send duplicate emails if message_queue is not writable.
Last week, we had a database server whose disk filled, causing database writes to fail.
This meant that messages in message_queue marked 'pending' were not marked as 'sent' when they were added to the postfix mail queue; messages were sent every 15 minutes (as specified in the cron job) until the disk space issues were cleared.
I would suggest adding a token write to the start of process_message_queue.pl as a 'canary in the coal mine'. If the database write fails, process_message_queue should stop, because it's not safe to proceed sending emails that may not be marked 'sent'.
Test Plan:
1) Apply this patch
2) Make the message_queue table unwriteable somehow
3) Run process_message_queue.pl
4) Script should die with error
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a1e044094b2c29024dfe66b76c7bf2c619be0c7a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 7 May 2018 16:15:34 +0000 (13:15 -0300)]
Bug 20721: (bug 19403 follow-up) Prevent Circulation.t to fail randomly
If items.restricted == 1, CanBookBeIssued will not returned what we are
testing.
The easiest and global fix is to define a default value at TestBuilder
package level
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e93241a7174930c52c6f03560027cd527492148d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The tags for home library and holding library in the 'refine your
search' list should be h5.
This patch changes the html tag for the availability, holding library and home library
facets.
To test:
- Search for an item in the OPAC where the relevant facet appears
- Use 'Inspect element' to check the tag
- Apply patch
- Confirm the facet now has the h5 tag
- Confirm spacing is improved
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 8d5e9750afbf7d73d02d8db19cae428bfd397d59) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Mark Tompsett [Fri, 6 Apr 2018 14:59:28 +0000 (14:59 +0000)]
Bug 20122: Explicitly set path to fix emptying cart functionality
This is caused by bib_list not being deleted.
The path was not explicitly set.
This patch adds path=/ explicitly to ensure it
does get deleted.
TEST PLAN
---------
1) search for 'the' in OPAC
2) add several items to cart.
3) look at your cart.
4) empty and close the cart, select all->remove
-- either way window closes and it looks empty.
5) refresh the page
-- cart comes back.
-- in chromium inspecting the page, specifically
the "Application" area, bib_list is shown as
a cookie still.
6) apply patch
7) restart_all and empty cache forcing JS reload
8) repeat steps 1-5
-- this time cart stays empty.
-- and the bib_list cookie is gone
Signed-off-by: Roch D'Amour <roch.damour@inlibro.com> using firefox 59.0.2 Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 16c6ff1e3cb30f3aa4d2e23301b942eaf5a63d4c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 19267: Rancor - Warn before leaving page if record modified
To test:
1 - Open the advanced editor
2 - Make some changes to a record
3 - Click on 'Patrons' or leave the page in some way
4 - Note there is no warning and changes are not saved
5 - Apply patch
6 - Open the advanced editor
7 - Make some changes
8 - Leave the page
9 - Note you get a warning of unsaved changes and can stay on the page
Signed-off-by: Charles Farmer <charles.farmer@inLibro.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 5a6e7a6ffbab8e42e706486b9e75abe782a696b8) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 6 Nov 2017 18:35:50 +0000 (15:35 -0300)]
Bug 19578: Remove MARC punctuation in notices (TT syntax)
Jenkins fails (run 287) on a test in t/db_dependent/Letters/TemplateToolkit.t:
With the historical syntax:
# Your request for an article from tQYRS (c3Av58O0P5xkkIGu) has been canceled for the following reason:
With the TT syntax:
# Your request for an article from tQYRS_ (c3Av58O0P5xkkIGu) has been canceled for the following reason:
The last character of the biblio's title has been removed because it's a punctuation character.
It comes from: C4::Letters::_parseletter
893 $val =~ s/\p{P}$// if $val && $table=~/biblio/;
The same replacement is done for patron's attributes too.
Test plan:
- Confirm that the new tests pass. That should be enough to confirm this change make sense.
Test plan (manual):
- Create a biblio with a title ending with a punctuation (like "with_punctuation_"), or any other fields of biblio/biblioitem
- Generate a notice which will display this field (CHECKIN for instance)
Use the historical syntax and the TT syntax, both should display the title without the punctuation character at the end
CHECKIN historical:
The following items have been checked in:
----
<<biblio.title>>
----
CHECKIN TT syntax:
The following items have been checked in:
----
[% biblio.title %]
----
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f5be2d525f7540a4833c14759bdc0de2ba5657db) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Fri, 23 Feb 2018 10:58:27 +0000 (10:58 +0000)]
Bug 20282: Match course reserve on holdingbranch
To test:
1 - Add a course (Course Reserves)
2 - Add an item to the course
3 - Ensure to change the holding branch for the course reserve
4 - Modify the course item
5 - Note the dropdwn for holding branch is unset
6 - Apply patch
7 - Modify the course item
8 - Dropdown should be correctly populated
Signed-off-by: Maksim Sen <maksim.sen@inlibro.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 03b31bfc625484c9219935a50a5d0d3cf017b5e6) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Kyle M Hall [Mon, 12 Mar 2018 11:15:12 +0000 (07:15 -0400)]
Bug 20369: Analytics search is broken with QueryAutoTruncate set to 'only if * is added'
Test Plan:
1) Enable EasyAnalytics
2) Disable QueryAutoTruncate
3) Create an analytic record, add some host items to it
4) Browser to the analytics tab for the record
5) Click the link in the 'used in' column of the table
6) No search results
7) Apply this patch
8) Reload the page, now you get the analytic record!
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 14b70dc91006c16beb48d40fe23fad27ed206f02) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 26 Mar 2018 15:22:15 +0000 (12:22 -0300)]
Bug 20462: Ensure batch item deletion will not delete the same item twice
This has been done on bug 9509 when barcodes are scaned, but not when using a text file.
Test plan (stolen from Barton on the bug report):
1) Create a text file containing duplicate barcodes
Here's a quick way to do that, substitute INSTANCE for the instance name of your test server:
sudo koha-mysql INSTANCE <<< "select barcode from items where barcode is not null limit 3" | sed '1d;p' > /tmp/dup_barcodes.txt
2) Go to Home › Tools › Batch item deletion
3) Click 'Choose File', select the file you created in step 1.
4) Click 'Continue'
5) Note that duplicate items appear in the list of items to batch delete
6) Check 'Delete records if no items remain'
7) This will trigger a software error
Note that entering the barcodes via the 'scan items one by one' text box removes duplicates in the list, so this only causes problems when uploading a file.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 1f4baf31bb19c615f43771efa3fac7e2333d3622) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 20318: Merge invoices can lead to an merged invoice without Invoice number
When you want to merge invoices you have a page with a non editable
field 'Invoice number:' it shows the content of the first invoice to be
merged.
But if you validate by clicking the 'merge' button you arrive on the
next page which says that 'Invoice has been modified' and if you quit
this page without saving you have now a merged invoice without Invoice
number.
This tiny patch just prevents this issue to occur.
Test plan :
1° go to the acqui/invoices.pl page and search invoices to merge.
You must have at least 2 invoices on the same vendor
2° check boxes to select invoices to merge and click on 'merge selected
invoices' button
3° next page you see the non editable field 'Invoice number:'
4° click on the 'merge' button
5° next page you see 'Invoice has been modified'
6° leave this page i.e click on the left link 'Invoices'
7° search invoices you'll see the merged invoice without invoice number.
Apply the patch, replay the steps 1 to 3
4° on this page you can enter your invoice number and click on the
'merge' button.
If you leave this field empty and click merge, a message informs you
that it is required and you can not merge.
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
koha-tmpl/intranet-tmpl/prog/en/modules/acqui/invoices.tt
Kyle M Hall [Fri, 30 Mar 2018 11:08:30 +0000 (07:08 -0400)]
Bug 18474: (QA follow-up) Remove useless else in template
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a444807b57bfc0317b23d1a62e08bcbb15d39bc8) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Thu, 21 Dec 2017 18:59:24 +0000 (15:59 -0300)]
Bug 18474: Restore multiple holds when patron is searched for
We lost the ability to place multiple holds when we are searching for
patrons. The multi_holds parameter is lost and not handled correctly in
the template.
Test plan:
- Make sure you can place multiple holds for a patron you will search for
- Same for simple hold
TODO the multiple holds view should not be displayed if only 1 record
has been selected from the search result.
Signed-off-by: claude brayer <claude.brayer@cea.fr> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit dc008b90cd50b80c78520de6379c61e534efce75) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Thu, 21 Dec 2017 00:35:47 +0000 (21:35 -0300)]
Bug 19673: Allow to set patron attributes to 0 with batch patron modification
This patch will have to be tested deeply to make sure it will not
introduce regression!
The idea is to display an empty option in the patron attributes select
and ignore it. That way we can deal with false values 0 and "" which
were skipped before.
Test plan:
Add several patron attributes
Use the batch patron modification tool to add/update/remove them
Play with empty "" and 0 values, as well as other values
Modify several attributes in a row
Signed-off-by: Charles Farmer <charles.farmer@inLibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
koha-tmpl/intranet-tmpl/prog/en/modules/tools/modborrowers.tt
Jonathan Druart [Mon, 26 Mar 2018 16:13:58 +0000 (13:13 -0300)]
Bug 20455: Fix sort patrons by date expired
We may need to apply this change for all other occurrences in our
codebase.
Test plan:
- Make sure sample patron data is loaded and you have a patron without a
date expired defined
- Make an empty search for all patrons or another search that gives you
a good amount of results
- Try to sort on the date expired column
=> Without this patch you get
Odd number of elements in anonymous hash
at /home/vagrant/kohaclone/C4/Utils/DataTables/Members.pm line 189.
output_pref is called with 'dateonly' (ref SCALAR), not a DateTime
object
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 09eaaaebcd8e02dbb3d026304d6227bbdc146cca) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Wed, 20 Dec 2017 16:17:50 +0000 (13:17 -0300)]
Bug 19671: Map itemtypes to hash for correct display in issues_stats.pl
To test:
1 - Run the circulation wizard with itemtypes as columns, shelving
locations as rows - display on screen
2 - Note all itemtype values are blank
3 - Switch rows/columns - same issue
4 - Apply patch
5 - Re-run reports
6 - Itemtypes should display correctly
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b3bab56c3168217878e0db921cebef0a97c01303) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Mon, 4 Dec 2017 09:04:48 +0000 (10:04 +0100)]
Bug 19739: Add default ES configuration to koha-conf.xml
Bug 18571 added default ES configuration for packaging config.
This patch adds it to dev install in koha-conf.xml.
Database name is used in index_name to allow multiple installs.
Test plan :
- Run dev install
- Install ElasticSearch server and Koha deps
- Enable ElasticSearch in Koha
- Check indexing and searching works directly
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 219e427f29554c323b2016dd67898c21f10d8fcb) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Victor Grousset [Thu, 22 Mar 2018 14:44:00 +0000 (15:44 +0100)]
Bug 20461: Serials: fix ignored params in subscription creation form
In subscription-add.pl, the two params aren't passed to
NewSubscription() but they are to ModSubscription()
== Test plan ==
1. Enable syspref "makePreviousSerialAvailable"
2. Create a minimal subscription with a value in the "Item type" and
"item type for older issues" fields.
3. Edit the subscription
4. You should see that the two fields are empty. This is the bug.
5. Apply this patch
6. Do step 2 and 3
7. You should see that the two fields have the right value
8. Express the joy of a successful and easy sign off.
(this is important, otherwise the sign off spell won't work!)
Signed-off-by: delaye <stephane.delaye@biblibre.com> Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit b02528d8bb7e8e86d0157166e0d2868e64d19d51) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Tue, 2 Jan 2018 18:42:12 +0000 (15:42 -0300)]
Bug 18593: Move suggestions when bibliographic records are merged
When bibliographic records are merged, the suggestions.biblionumber
field should be replaced with the new record.
Ideally we should have kept an history of the merges, to know what was
the original record. Now we cannot fix the broken links.
Test plan:
1) Create a suggestion in OPAC
2) Accept the suggestion in staff
3) Add order from this suggestion
4) Go to cataloguing search and search for the record and another
5) Merge the suggestion record with the catalog record - catalog record wins (should be the more common case when a patron suggests something that already exists)
6) Verify that after merging, the new title displays in the acquisition record
7) Verify that the suggestion info no longer displays in basket
From Katrin's test plan:
8) Verify that the new title doesn't display in suggestions. The old title will still show as suggested (not updated)
=> This is the title from suggestions.title, I think it makes sense to show this one.
Maybe we should open a new bug report to improve the display of the suggestion, and link to the bibliographic record
Signed-off-by: Lucie Gay <lucie.gay@ens-paris-saclay.fr> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 3f118604af4ff965a1a320656e40762f9958e791) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Julian Maurice [Mon, 12 Mar 2018 10:51:59 +0000 (11:51 +0100)]
Bug 11936: (QA follow-up) Consistent log message for item insert
Fix the same error in another place
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 174dc4cb2e1de70b310aea2b812ce959ad5ab174) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Magnus Enger [Thu, 22 Feb 2018 09:37:08 +0000 (10:37 +0100)]
Bug 11936: Consistent log message for item insert
If you use bulkmarcimport.pl to import records with items it looks
like the successfull insert of the record is reported multiple time,
but the second and subsequent "ok" is really related to importing
the item(s).
This patch changes the log message on successfully inserting an item
to match the log message given when inserting an item fails.
To test, the easy way:
- Look at lines 530 and 536 of bulkmarcimport.pl, and note that the
"op" in those two lines are different
- Apply the patch
- Look at lines 530 and 536 again, and note that the "op" is now
identical, and that this makes sense, since they are both related
to the same operation, specifically inserting an item
To test, the hard way
- Have some records with items
- Import the records with bulkmarcimport.pl, and make sure to specify
the -l option, to create a log of the actions taken
- Look at the log and verify it looks something like this:
id;operation;status
1;insert;ok
1;insert;ok
2;insert;ok
2;insert;ok
- Apply this patch and import some more records with items. The log
should now be similar to this:
id;operation;status
1;insert;ok
1;insertitem;ok
2;insert;ok
2;insertitem;ok
Signed-off-by: Maksim Sen <maksim.sen@inlibro.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit aa7954907b94487f17d13573c19d9fbd7c6677b2) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Owen Leonard [Tue, 13 Mar 2018 10:15:31 +0000 (10:15 +0000)]
Bug 20383: Hide link to plugin management if plugins are not enabled
This patch adds a check in admin-home.pl to see whether plugins are
enabled. If plugins are disabled, the link to plugins management is
hidden even if the user has plugin management permission.
To test, view the administration home page with plugins enabled and
disabled via the enable_plugins flag in the Koha configuration file.
Also test using users with different plugins permissions:
- Plugins enabled
- CAN_user_plugins = 1
-> Plugins link appears
- CAN_user_plugins = 0
-> Plugins link hidden
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 8450d2020bdfd524ebd20f0de8d278497fce0759) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Owen Leonard [Mon, 12 Mar 2018 12:56:08 +0000 (12:56 +0000)]
Bug 20372: Correct toolbar markup on some pages
Differences in markup around some toolbars has the potential to create
CSS styling problems. This patch changes the markup to be consistent
with other instances of <div id="toolbar"></div>
On each of these pages the toolbar should look correct.
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit c9ee7c8d3b34da110702cfd93e16b11350d19a6d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Maksim Sen [Mon, 12 Mar 2018 20:15:30 +0000 (16:15 -0400)]
Bug 20376: Make select/unselect all ignore disabled checkboxes on batch record deletion
Test Plan:
0.1 - find at least one biblionumber that has at least one item checked out
0.2 - find at least one biblionumber that has zero items checked out.
1 - Go into the module "Tools > Batch record deletion"
2 - in "List of biblionumbers or authority ids (one per line)" put the values you found in step 0.1 and 0.2
3 - click continue
4 - biblionumbers with at least one item checked out should not be clickable.
5 - biblionumbers with zero items checked out should be clickable.
6 - click "Select all" and "Clear all", both buttons should change the "checked" status of the enabled AND disabled biblionumber checkboxes.
7 - apply patch
8 - click "Select all" and "Clear all", both buttons should change the "checked" status of ONLY the enabled biblionumber checkboxes.
Signed-off-by: JM Broust <jean-manuel.broust@univ-lyon2.fr> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
koha-tmpl/intranet-tmpl/prog/en/modules/tools/batch_delete_records.tt
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 336e7faaf451ff29d43a4a557861fbc8511c8e5e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Mark Tompsett [Tue, 31 Oct 2017 02:28:58 +0000 (02:28 +0000)]
Bug 19547: Deal with --create-db missing debian.cnf issue
Followed test plan. Patch functions as described and both commands execute. Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 931db23ee369580bbaf137547accef5a8f47412e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Mark Tompsett [Mon, 30 Oct 2017 21:59:43 +0000 (17:59 -0400)]
Bug 19547: MariaDB install has no debian.cnf
This attempts to handle issues arising when running
koha-create on a system that never had MySQL installed.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit a85d33314cb48a493bbc26f5350911dc5c6b2c51) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Fri, 16 Mar 2018 08:02:36 +0000 (09:02 +0100)]
Bug 20430: (See also bug 19436) Button display depends on wrong server count
This is a QA follow-up of bug 19436, submitted separately for ease of
backporting it. (The bug was not raised by 19436.)
Obviously, the number of authority servers not biblio servers should
be the key factor for showing or hiding the button for new authority
records via Z39.50/SRU.
Trivial fix.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 7852d967d1982de2c19571b8733ea8273458882b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Tue, 6 Mar 2018 11:26:19 +0000 (12:26 +0100)]
Bug 20341: Show authorized value description for withdrawn like damaged and lost
Actually catalog detail page shows for damaged and lost items the authorized value description if exists.
We must do the same for withdrawn information.
Test plan :
1) Set for items a subfield linked to items.withdrawn and using the authorized value category 'WITHDRAWN'
2) Edit the authorized value category to add value '2' and description 'Eaten by dog'
3) Edit an item to set this withdrawn value
4) Go to staff interface and look at items in record detail page /cgi-bin/koh/catalogue/detail.pl :
=> Without patch you see 'Withdrawn' and with patch you see 'Eaten by dog'
5) Go to OPAc and look at items in record detail page /cgi-bin/koha/opac-detail.pl :
=> Without patch you see 'Withdrawn' and with patch you see 'Eaten by dog'
Signed-off-by: delaye <stephane.delaye@biblibre.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 830ce35795f7bbd68d6b68c4795cb36f27fe2b6d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Josef Moravec [Fri, 9 Mar 2018 06:58:34 +0000 (06:58 +0000)]
Bug 12812: (Follow-up) Fix use of C4::Circulation
Fixes this error:
Undefined subroutine &main::MarkIssueReturned called at
misc/cronjobs/longoverdue.pl line 316.
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 4aaf30dfd87289a63e27073be90062db04a32dc1) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
The longoverdue.pl option --mark-returned doesn't work unless the
--charge option is used as well.
Test Plan:
1) Run long overdue with --mark-returned and not --charge,
note your items are marked lost but not returned
2) Apply this patch
3) Repeat step 1, the items should now get returned!
Tested with (for example):
misc/cronjobs/longoverdue.pl --lost 10=1 --mark-returned --verbose
--confirm
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 93c5c8e4c85ed3330184de2c6ea06ab73803656b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Mon, 5 Mar 2018 10:30:15 +0000 (11:30 +0100)]
Bug 17717: (QA follow-up) Fix typo chdir
This test does obviously not achieve the desired result:
[ "chdir" != "no" ]
Trivial fix.
Adding the same quotes around starting_dir (just as for Bug 19546).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 7c55ea5917998bc210d3ee632f0a8ea6beefff5f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 17717: Make cronjobs using koha-foreach use --chdir
In order to patch production sites we need to adjust the shipped
cronjobs so they are called with the --chdir option switch.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 37750b2f20f63bec2de330533bb4d9a82171e9c1) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 17717: Add a --chdir option switch for koha-foreach
Until Perl 5.26, the current directory is added to @INC when running a
Perl script [1]. Having the current directory in @INC means it can be
tried to be traversed when performing a lib lookup. Since version 5.18,
Perl dies when it finds an unreadable directory (permissions) in @INC
that needs to be traversed. This behaviour won't change because Perl
devs consider it an enhancement to security. [2]
Because of this, we need to make sure our scripts are ran **from** a
directory in which they have read permissions.
Ths patch adds a --chdir option switch to the **koha-foreach** wrapper
script, that makes the inner shells/scripts to be ran within the Koha
instance's user home directory.
The change is trivial and should be QAed easily. I tested this on a prod
server:
- Create a /tmp/test.pl file containing:
use Modern::Perl;
use Cwd;
my $dir = getcwd;
warn $dir;
1;
A) then create a cronjob entry to run it using koha-foreach:
(in /etc/cron.d/test):
1/* * * * * root koha-foreach perl /tmp/test.pl
- Once I noticed the cronjob ran, I used mutt to read the emails in the
root user.
=> FAIL:
...
Subject: Cron <root@koha> koha-foreach --enabled perl /tmp/test.pl
"/root"
"/root"
"/root"
"/root"
"/root"
...
B) I then used the patched koha-foreach with different results:
=> SUCCESS:
...
Subject: Cron <root@koha> /root/koha-foreach --chdir --enabled perl /tmp/test.pl
C) master's koha-foreach seems to work just the same... I think it is
because of my previous attempt to fix this by using sudo in koha-shell.
So I think environmental conditions affect the behaviour (which shell is
configured for cron, sudo configuration, etc).
====
In conclusion, I think we should go ahead with this patch as it will solve
peoples issues, and it is a right solution (option #5 on the list) to
this Perl behaviour change. It doesn't cover other commands, but
followup patches could do.
I avoided /tmp as it is writable by any user... so it is an easy path
for both exploiting by replacing some lib, and also because the
existence of an unreadable dir that the interpreter could try to
traverse (unreadable /tmp/Authen or /tmp/Koha will trigger the same
error, and I assume people know what they are putting on the instance's
dir, at least it will be easier to track).
A followup patch takes care of making the cronjobs use --chdir when
calling koha-foreach
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 3db7e1a63a517ad03a5426504ef4010beae0c8bf) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 18709: Make koha-foreach use koha-shell internally
This patch simplifies the koha-foreach script, making it use koha-shell
to gain instance privileges and have all environment variables set.
To test:
- Apply the patch
- Have one or more instances created (kohadev already exists in kohadevbox, add
another onewith $ sudo koha-create --create-db test)
- Run:
$ sudo kohaclone/debian/scripts/koha-foreach echo "This is instance __instancename__"
=> SUCCESS: The script runs gracefuly, and outputs something like:
This is instance kohadev
This is instance test
Note: this means the command was executed for each instance and the current behaviour
of replacing the placeholder __instancename__ for the actual instance name still
works as expected.
- You can try the different filter switches, but the logic has not been touched. only the
command call.
- Sign off :-D
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 75994dc94a2f5d1a500a7789ed113575c49f8b51) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 26 Feb 2018 13:48:18 +0000 (10:48 -0300)]
Bug 20286: Correctly escape URI characters in OPAC RSS template
Bug 19568 use the TT filter url whereas it must have escaped the URI
characters with the uri filter.
Test plan:
Subscribe to an OPAC search
=> Without this patch you will get an empty page
=> With this patch applied you will see result list.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 5de7dc040dbb1e6ebae49a64aac8f4a7c19d4091) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 20234: Update service description in koha-common.init
The service description is very old and outdated. This patch fixes this.
Sponsored-by: Orex Digital Signed-off-by: Hugo Agud hagud@orex.es Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 362c0e0cd1035222ee43febae88cab73c410f41e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 20234: Make maintenance scripts use koha-zebra instead of koha-*-zebra
This patch makes all maintenance scripts use **koha-zebra** instead of
the old **koha-*-zebra** scripts.
To test:
- Run:
$ perl misc4dev/cp_debian_files.pl
$ sudo service koha-common stop
=> SUCCESS: No errors and the Zebra-related sevices are stopped
$ sudo service koha-common start
=> SUCCESS: No errors and the Zebra-related services are started
$ sudo service koha-common restart
=> SUCCESS: No erros and Zebra-related services are running
$ sudo koha-create --create-db test
=> SUCCESS: Instance created and zebra running for it
$ sudo koha-disable test
=> SUCCESS: No errors and Zebra is stopped for instance test
$ sudo koha-zebra --start test
$ sudo koha-remove test
=> SUCCESS: No errors, instance removed, no Zebra running for test
- Sign off :-D
Sponsored-by: Orex Digital Signed-off-by: Hugo Agud hagud@orex.es Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 900f3437622c3d3df4fc8cf782161c9b9eea844f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Fri, 16 Feb 2018 15:23:26 +0000 (12:23 -0300)]
Bug 20229: Explicitly list the SQL modes we support
In our installation procedure we ask the administrator to edit the
MySQL|MariaDB configuration file to specify the SQL modes we support
(see bug 17258 comment 6 and 7 for more information).
We are on the way to catch and fix all these issues and support these
stricter modes (as they highlight problem in our codebase/DB structure)
but in the meanwhile it may be good to remove this step and revert the
changes when we are ready.
TODO:
- Remove that for dev installations (to let developers catch these bugs)
- Edit the wiki page to remove this step
Test plan:
0. Do not apply this patch
1. Edit your MySQL|MariaDB config and add:
sql-mode = "ONLY_FULL_GROUP_BY,STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
to the [mysqld] section (or edit it)
2. Restart your DBMS
3. Try to make the app explode (watch the logs)
(tips: you should get "'koha_kohadev.me.id' isn't in GROUP BY" when
editing an order)
4. Apply the patch, restart_all, restart your DBMS
5. Try to recreate the failure
=> You should no longer see the error in the logs
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4dfdf061badfa40954022653326c3166448ae5bf) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Mark Tompsett [Tue, 30 Jan 2018 22:35:39 +0000 (22:35 +0000)]
Bug 20083: Follow up - use same logic in opac-showmarc
It was correctly pointed out that opac-showmarc would leak
the same way as catalogue/showmarc.pl, and so this patch
moves the authentication step up to the top where it
should be so as to prevent inappropriate data leaks.
TEST PLAN
---------
1) Set your OpacPublic system preference to Disabled
2) Open your OPAC and login
3) Find a biblio with items
4) Go to the opac details, particularly MARC view.
5) Copy the "view plain" shortcut link.
6) log out.
7) Paste the link into the address bar.
-- the information will leak!
8) apply the patch
9) restart_all
10) Refresh the OPAC link
-- log in screen will appear.
11) run koha qa test tools
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e40d0b81bfc059ece2b99475c7bf45fecea0eeb4) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Andreas Roussos [Fri, 26 Jan 2018 01:12:47 +0000 (14:12 +1300)]
Bug 20083 - Information disclosure when (mis)using the MARC Preview feature
The MARC Preview feature in the Staff client (catalogue/showmarc.pl) does not
check whether a user is logged in or not. As a consequence, it can be used to
obtain information that would normally be available to logged-in users only.
For example, you can view any bibliographic record by passing a value to the
'id' argument, but you can also view records as they were imported (normally
done via the 'Staged MARC management' tool).
All three 17.11 installations currently listed at
https://wiki.koha-community.org/wiki/Koha_Demo_Installations
are affected by this issue, as demonstrated by the URLs below:
It should be noted that this only applies to XSLT-enabled installations.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 095a92a94e87cac0c8bdf79f2413fb72efb13f9e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Lari Taskula [Fri, 9 Mar 2018 13:49:27 +0000 (15:49 +0200)]
Bug 20367: Avoid resetting userid when BorrowerUnwantedField contains userid
To test:
1. In staff client, set your username to firstname
2. Add userid to BorrowerUnwantedField system preference
3. Go to your patron modification screen (memberentry.pl) and click Save
4. Observe you get kicked out into login screen, saying:
Error: You do not have permission to access this page.
Log in as a different user
5. Apply patch and restart plack
6. Set your username back to firstname
7. Repeat step 3
8. Observe you were not kicked out and your userid stays the same
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 7e44bb803fa085abdbded2311325f0c442b17708) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 20167: Make changing a hold pass the itemnumber to ModReserve
If you have an item-level hold, changing an attribute (like priority,
pickup location or suspended until date) makes the hold a biblio-level
hold, because ModReserve is not passed the current itemnumber.
This patch uses the hold's itemnumber and passes it to the ModReserve
call.
To test:
- Run the regression tests from the previous patch:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Tests fail
- Apply this patch
- Run the tests:
$ kshell
k$ prove t/db_dependent/api/v1/holds.t
=> SUCCESS: Tests pass!
- Sign off :-D
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e854b570021784d8e6ce8bb9d90e0b02d6f8c9a7) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Conflicts:
t/db_dependent/api/v1/holds.t
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 705deb2aa4bdadbd583bcf322cf0611303725b05) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Fri, 16 Feb 2018 12:31:39 +0000 (12:31 +0000)]
Bug 20218: Fix matching of uri in tracklinks
The current code matches using a regex, this breaks when the url
contains special characters. We swtich it to equality check
To test:
1 - Enable TrackClicks (either track or anonymous)
2 - Find the URL of a biblio in the OPAC
3 - Paste this into the 856$u of another record
(or use any url containing a '?' or other characters)
4 - View the record in the opac
5 - Click the URL
6 - 404 Error!
7 - Apply patch
8 - Try again
9 - Success!
Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 306b461a6a8e57814367de524dfa3bd22c2f3eca) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Tue, 27 Feb 2018 14:40:13 +0000 (11:40 -0300)]
Bug 19979: ->count can be called directly on Koha::Objects
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit f20b91d61b0cfbce6d036b94c08f169bde21bdb2) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Tue, 16 Jan 2018 13:28:36 +0000 (14:28 +0100)]
Bug 19979: Fix get_facets_info test in Search.t
The test should remove the holdingbranch key in the expected results when
there is only one branch.
See the logic in C4::Koha.
Test plan:
[1] Run Search.t on a database with multiple branches.
[2] Run Search.t on a database with one branch. Without this patch the test
would fail: Failed test '_get_facets_info returns the correct data'.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 254684c3ed70f1f07023a9a1ebd8d078dcb633dc) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 19 Feb 2018 20:40:06 +0000 (17:40 -0300)]
Bug 20250: (bug 19529 follow-up) Prevent NoIssuesChargeGuarantees.t to fail randomly
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
t/db_dependent/Circulation/NoIssuesChargeGuarantees.t
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit b671510474fc00e82d5dbec0ff59c92bea7bcb31) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Sun, 18 Feb 2018 18:10:30 +0000 (15:10 -0300)]
Bug 20148: Prevent adding same user multiple times to an order
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 802c81ce1afadefd01f9959c3823b2cd7dc3ba3e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Pasi Kallinen [Wed, 7 Feb 2018 07:45:20 +0000 (09:45 +0200)]
Bug 20148: Prevent adding same user multiple times to acq basket
When adding a user to manage acquisitions basket, it is possible
to add the same user multiple times. Prevent that.
Test plan:
1) Go to Home -> Acquisitions -> [bookseller] -> [basket]
2) On the "Add user" in the Managed by-part, and try adding
the same user multiple times.
3) Apply patch
4) Repeat 1 and 2. You should now get an error message saying
the user is already in the list.
Signed-off-by: Pasi Kallinen <pasi.kallinen@joensuu.fi> Signed-off-by: Roch D'Amour <roch.damour@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
koha-tmpl/intranet-tmpl/prog/en/modules/acqui/basket.tt
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 757c9b4231399ca6082a00b66beca8e59c0b462b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Thu, 12 Oct 2017 11:13:41 +0000 (13:13 +0200)]
Bug 19452: [17.05.x] Remove the truncate option
The truncate option is not really useful. Its result is probably not what
most users of this script expect or need.
It truncates both tables borrower_message_preferences and
borrower_message_transport_preferences. This (unfortunately) includes
deleting messaging preferences for patron categories. After that, adding
preferences again will not add categories again, but only borrower
preferences which are all disabled.
Furthermore, we do not need to disable the foreign key check. Neither
do we actually need to truncate, deleting records seems sufficient.
Also deleting transport preferences is not needed, since it will be
done by a cascade from messaging preferences. Note that the subsequent
call of SetMessagingPreferencesFromDefaults will already delete the
records.
This makes it possible to remove the truncate option altogether.
Test plan:
[1] Select a patron category (say ST) and change days_in_advance to x.
[2] Select a ST patron and set days_advance to y in his msg prefs.
[3] Run borrowers-force-messaging-defaults.pl -doit
[4] Verify that the patron has been reset to the default prefs (incl.
value x in days_in_advance).
[5] Verify that the patron category prefs are still intact.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Charles Farmer <charles.farmer@inLibro.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Wed, 14 Feb 2018 18:15:39 +0000 (15:15 -0300)]
Bug 20145: Do not insert 0000-00-00 in patron tests (and more)
We should call Koha::Patron->is_expired in CanBookBeIssued instead of
doing the same calculation.
Tests have been adapted to pass with new SQL modes.
We should not need to update the values in DB, we already have
Bug 14717: Prevent 0000-00-00 dates in patron data (3.21.00.023)
Test plan:
prove t/db_dependent/Circulation/dateexpiry.t
prove t/db_dependent/Koha/Patrons.t
must return green
Signed-off-by: Roch D'Amour <roch.damour@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Conflicts:
C4/Circulation.pm
t/db_dependent/Koha/Patrons.t
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 9f075a4fdb2649493820ffed20a352add02c05ea) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
== Test plan ==
1. Have a lost item
2. Go to staff:/cgi-bin/koha/tools/inventory.pl
3. Tick "Optional filters" → "items.itemlost" →
"name of Authorized values for the lost state"
4. Tick "Export to CSV file"
5. Submit
6. Open the CSV
7. Check that the lost item is in the list
8. You should observe that the "Lost status" column is empty for all items
This is the problem
9. Apply this patch
10. Click submit to re-export the CSV
11. Open the CSV
12. Check that the lost item is in the list
13. You should observe that the "Lost status" column now filled with the
expected values.
14. Smile because it works! :D
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Maksim Sen <maksim@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 756c95477d2a16843abbd3858d776e37e28b4e90) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Mark Tompsett [Thu, 26 Oct 2017 01:28:10 +0000 (21:28 -0400)]
Bug 19530: Added commentary for last test when prove -v
Before patch, prove -v had no comment for the last test.
After patch, it says something in line with second last test.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 3fefcead1596467155ec28a77105e4416f454d8b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Kyle M Hall [Wed, 25 Oct 2017 18:24:18 +0000 (14:24 -0400)]
Bug 19530: Prevent multiple transfers from existing for one item
We have found multiple open branch transfers for a given item. While I'm not sure how it is happening at this point, it seems that it would make sense to cancel any existing branch transfers when initiating a new one.
Test Plan:
1) prove t/db_dependent/Circulation/transfers.t
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 00fbf1878eb2a767769b1405aec4fff1b13711d0) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Thu, 14 Dec 2017 12:54:14 +0000 (12:54 +0000)]
Bug 19806: Add classes to itemnotes in issues table
To test:
1 - Checkout an item with both public and non-public notes
2 - Note the notes display and both have circ-hlt class
3 - Apply patch
4 - Ensure display has not changed
5 - Note notes now have classes 'item-note-public' and
'item-note-nonpublic'
6 - Sign off
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 03864feb387ebc75b23ec0d15472e8435b4277f3) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Fri, 23 Feb 2018 10:41:10 +0000 (11:41 +0100)]
Bug 20276: Fix GetCourseItem call to get itemnumber
In 17.05.x :
In course_reserves/add_items.pl we now get the item via Objects.
This line:
66 my $course_item = GetCourseItem( itemnumber => $item->{'itemnumber'} );
Should be:
66 my $course_item = GetCourseItem( itemnumber => $item->itemnumber );
This is corrected since 17.11 by :
Bug 18276: Remove GetBiblioFromItemNumber - Course reserves
Test plan :
1) Create a course reserve and add items.
2) Correct information must be displayed on the detail page of the course
reserve, on staff and OPAC interface.
3) Try to add a non existing barcode, you get the page with a message
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Julian Maurice [Fri, 1 Dec 2017 15:51:16 +0000 (15:51 +0000)]
Bug 19730: (follow-up bug 17196) Use biblio_metadata.timestamp in export_records.pl
Since bug 17196, biblioitems.timestamp is not always updated after a
change in the MARC record.
Filtering should be based on biblio_metadata.timestamp instead.
REVISED TEST PLAN
-----------------
0. Do not apply patch
1. Find a biblio record, remember the biblionumber for step 3
2. Edit the record, modify a field (e.g. 003, 015$q) that is
not mapped to a DB column, so biblio_metadata.timestamp will
be modified but not biblioitems.timestamp
3. In MySQL with the koha database selected:
> select timestamp from biblio where biblionumber=###;
> select timestamp from biblio_metadata where biblionumber=###;
-- you'll need to change the ###'s based on the biblionumber
you remembered in step 1.
-- the two timestamps will differ.
-- Remember the timestamp of biblio_metadata for step 4.
4. Run this command:
$ sudo koha-shell -c bash kohadev
$ export DATE="YYYY-MM-DD HH:mm:SS"
-- use the timestamp remembered in step 3.
5. Run this command:
$ ./misc/export_records.pl --date="$DATE"
$ ls -la koha.mrc
-- the file should be 0 bytes.
6. Run this command:
$ exit
$ git bz apply 19730
$ restart_all
$ sudo koha-shell -c bash kohadev
$ export DATE="YYYY-MM-DD HH:mm:SS"
-- use the timestamp remembered in step 3.
7. Run this command:
$ ./misc/export_records.pl --date="$DATE"
$ ls -la koha.mrc
-- the file should be a lot more than 0 bytes.
8. Run this command:
$ /home/vagrant/qa-test-tools/koha-qa.pl -v 2 -c 1
-- this should pass.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit f9fa8227367d65600eca4d2dbf5e2d8c09370b81) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Fri, 2 Feb 2018 11:06:00 +0000 (12:06 +0100)]
Bug 20126: Add simple test for ModBiblioMarc
Just to confirm that we see record length and base address in a record
that has been passed through ModBiblioMarc.
Test plan:
Run the test.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit 1aebb1d476a1ae252758c2e89c9dbb668a60f092) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Fri, 2 Feb 2018 10:32:49 +0000 (11:32 +0100)]
Bug 20126: (follow-up bug 10455) Restore MARC field length calculation in ModBiblioMarc
Trivial fix. Problem raised by bug 10455.
Test plan:
[1] Create or edit biblio record.
[2] Save and check leader field lengths in MARC view.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit ef7f119b1e0c0f5403239213e9ff0f450c923acf) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Alex Arnaud [Thu, 12 Oct 2017 07:24:33 +0000 (07:24 +0000)]
Bug 19443: Remove duplicate message when editing existing patron
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a522df7dd97f5d7e646966d9b7f4f18fe8df7e2d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Alex Arnaud [Tue, 10 Oct 2017 15:21:35 +0000 (15:21 +0000)]
Bug 19443: Wrong HTML in patron creation page (members/memberentry.pl)
The form provided on top of the page if Koha find a duplicate
patron is not closed. This cause some trouble.
Test plan:
- Edit the syspref IntranetUserJS and type the following code:
"$(document).ready(function() {
$("#memberentry_library_management").insertBefore("#memberentry_identity");
});"
- create a patron so that Koha will warn you about a duplicate one,
- click on "Not a duplicate. Save as new record",
- you should get error(s) about empty field(s).
Note that now, the library management part's fields are empty or
reset to default
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 27fca7aceb91124c037bb3545c351d3cf185e7bf) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>