Matt Blenkinsop [Wed, 17 Jul 2024 08:36:16 +0000 (08:36 +0000)]
Bug 37288: Improve display of data provider edit form
This patch makes some improvements to the edit form for data providers. It delays page display until the counter registry has responded and also improves the display of the "create manually" and "Create from registry" buttons
Test plan:
1) Create a Data provider in the ERM module
2) Click to edit that new provider
3) The page will load and there will be a slight delay before the Data provider name input is populated
4) The "Create manually" button will also be visible
5) Apply patch and yarn build
6) Hard refresh the browser and repeat steps 1 and 2
7) This time when the page loads the provider name should be prepopulated and no manual creation button will be visible
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit b646d8ab651e32067367a8ba781fc4256b9eec68) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 37419: Update FK constraint on record sources to avoid data loss
Without this patch, deleting a record source will delete the associated
biblio_metadata rows, which is a severe data loss.
This patch makes the constraint restrict this action.
To test:
1. Add a record source
2. Set the record source to some records
$ koha-mysql kohadev
> UPDATE biblio_metadata SET record_source_id='your source id' WHERE
biblionumber=1;
3. Delete the record source
=> FAIL: Record metadata deleted
4. Apply this patch
5, Run:
$ ktd --shell
k$ updatedatabase
=> SUCCESS: DB update goes well
6. Repeat 1~3 with another record
=> SUCCESS: Source cannot be deleted if there are linked records
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Janusz Kaczmarek <januszop@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8754458775da37acfc2513cc0c1b2523740fe79b) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Phil Ringnalda [Thu, 11 Jul 2024 12:13:39 +0000 (05:13 -0700)]
Bug 37093: Searching for reports on Mana should use GET
Searching for reports on Mana currently fails by sending a POST to
svc/mana/search without a CSRF token. There's no reason to POST, it's
just sending a search string.
1. Enable Mana: Reports - lower right is a blue Knowledgebase box with
a link to Change your Mana KB settings
2. Switch Use Mana KB to Yes, click Save, below that give it a name and
email, Send to Mana KB
3. Reports - Use saved - New report - New SQL from Mana
4. Enter any keyword to search, get a 403 forbidden error
5. Apply patch, restart_all, Shift+Reload the page to clear cache
6. Enter any keyword likely to return results, like select, get results
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f4d248f076ef7368535beead9689acf4ad98d5f3) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Owen Leonard [Tue, 30 Jul 2024 12:13:23 +0000 (12:13 +0000)]
Bug 37523: CSRF error when modifying an existing patron record
This patch modifies the patron entry template to avoid a CSRF error when
clicking the "Edit existing record" button after a duplicate patron is
found. The operation should be GET and thus can be a link.
To test, apply the patch and go to Patrons.
- If you aren't using the default testing data you should first locate
an existing patron record so you can refer to the details.
- Start the process of creating a new patron record.
- Use the existing patron's data to fill out the form.
- With the default data you can use:
- Surname: Bennett
- First name: Pamela
- Date of birth: 09/16/1946
- Any random new card number
- When you click "Save" you should get a duplicate patron warning:
"Duplicate patron record?"
- Click "It is a duplicate. Edit existing record."
- You should be taken to the edit form for the existing patron.
Sponsored-by: Athens County Public Libraries Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Johanna Räisä <johanna.raisa@gmail.com> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 2f6226ad695a7092c71ba86d06bd9d7edac8f583) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jennifer Sutton [Thu, 25 Jul 2024 23:11:16 +0000 (23:11 +0000)]
Bug 35236: Make "Batch description" label match corresponding <input> field
To test:
1. Create a new patron.
2. Go to Tools -> Patron card creator.
3. Create a new patron card batch.
4. On the "Edit patron card batch" page, click the "Batch
description:" label.
5. Observe that the corresponding <input> field is selected.
Mentored-by: Catalyst Academy Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 558b900895a42ff33fed06f746f677ac9ea3f51c) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Sam Lau [Thu, 25 Jul 2024 16:02:16 +0000 (16:02 +0000)]
Bug 36998: Correctly update the 'Amount paid' displayed on the issue refund modal
To test:
1) Enable the 'EnablePointOfSale' sys pref (also requires the 'UseCashRegisters' pref)
2) In the POS module, configure a cash register and also configure some items for purchase with different costs
3) Make multiple sales
4) View the transactions table by clicking the 'Cash summary for ...' tab and then clicking on your cash register's name.
5) Click on the 'Issue refund' button for one of the sales, this should have the correct 'Amount paid'
6) Close the modal and click issue refund on your other item.
7) Note the 'Amount paid' is incorrect and lists the value from the previous item
8) Apply patch
9) Now when clicking issue refund, it displays the correct 'Amount paid'
Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 47a3c284734c56e095a5945cdbd40f6e50652496) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 37476: Fix reserved word error on Serials.pm on MySQL 8
This patch fixes the fact `RANK` become a reserved word in MySQL 8.0.2
[1]
To test:
1. Launch KTD with MySQL 8:
$ ktd down
$ DB_IMAGE=mysql:8 ktd up -d
2. Open the logs
$ ktd --shell
k$ tail -f /var/log/koha/kohadev/*.log
3. Create a serial, receive an issue and try to create a routing list
4. Click on `+ Add recipients` and look for Henry
5. Click `Add` and then `Close`
=> FAIL: Henry not added
=> FAIL: The logs show an error about wrong SQL syntax
6. Run:
k$ prove t/db_dependent/Serials.t
=> FAIL: Tests explode with the same kind of error!
6. Apply this patch
7. Restart plack
8. Repeat 3 through 6
=> SUCCESS: Henry added!
=> SUCCESS: No explosion about the SQL syntax in the logs
=> SUCCESS: Tests pass!
9. Sign off :-D
Thibaud Guillot [Wed, 28 Feb 2024 15:20:10 +0000 (16:20 +0100)]
Bug 36196: Handling NULL data on ajax call
Test plan:
1) Update some data in your cities table, sample for one send:
"UPDATE cities SET city_state=NULL WHERE cityid=<id>"
2) Go on "/cgi-bin/koha/admin/cities.pl" and wait a entire life :)
3) Apply this patch
4) Rebuild your po files if needed
5) Reload the same page and now you get normally the datatable
Sponsored by: BibLibre Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e0856d0db648766ba1d65a4f784983a416ac4a35) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Mason James [Fri, 2 Aug 2024 01:53:01 +0000 (13:53 +1200)]
Bug 37303: Update yarn.lock after adding new dependency to packages.json
use ./xt/verify-yarnlock.t test in BZ 37490 to confirm
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8ff9e665e4d275ac601ee5165ab4233a14189f2c) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Wed, 10 Jul 2024 10:16:55 +0000 (12:16 +0200)]
Bug 37303: Replace po2json with a JS version
When using __() (ie. Gettext.js) we are seeing the translations that are marked as fuzzy.
This is definitely not the expected behaviour.
It happens because (our version of) po2json are old and no longer maintained,
and just embed them.
It seems that the bin we have has been upgraded to a JS version
(different authors).
Test plan:
(replace LANG with your language code)
0. Do not apply this patch
Edit misc/translator/po/LANG-messages-js.po
Mark a string as fuzzy
Edit ./intranet-main.tt and add the following lines inside $(document).ready
console.log(_("Your string"));
console.log(__("Your string"));
Replace "Your string" with the string you are actually testing.
Update the templates: `koha-translate --update LANG --dev kohadev && restart_all`
Go to the Koha home page, open the console.
=> Notice that the second log in the console is displaying the fuzzy string.
1. Apply this patch
Install the new version of po2json using `yarn install`
Repeat the previous steps.
=> With this patch applied both logs show the English version of the
string.
Remove fuzzy, update the templates and try again.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 4eb981635453871fa2a33396391f3f75a6baa8b1) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Wed, 24 Jul 2024 22:44:05 +0000 (22:44 +0000)]
Bug 37351: Rework checkbox JS to work with paginating dataTable
To Test:
1. Log in to staff client
2. Place items on items for borrowers
2-1 Place enough holds as noted above
2-2 Trap holds for borrowers
3. Open Circulation->Holds Awaiting Pickup (circ/waitingreserves.pl)
4. Click a checkbox for one or mroe holds
Note->The 'Cancel selected (0)' button changes to 'Cancel
selected (1)', etc.
5. Cancel selected Holds using the (Cancel selected (#) button)
6. Confirm Cancellation
7. Wait for background processes to complete, then verify holds are cancelled.
8. Return to Open Circulation->Holds Awaiting Pickup (circ/waitingreserves.pl)
9. Ensure button shows "Cancel selected (0)"
10. Click "Next >" to navigate to page 2 of holds
11. Click a checkbox for one or more holds
Note->The 'Cancel selected (0)' button DOES NOT increase as boxes
are selected.
12. Cancel selected Holds using the (Cancel selected (#) button)
13. Confirm Cancellation
14. Wait for background processes to complete, then verify holds are cancelled.
Note-> Holds were not cancelled
15. APPLY PATCH
16. Try step 9-14 again. This time the 'Cancel selected (0)' button should update even when you paginate.
17. Make sure you try all the tables, Holds waiting, Holds waiting over X, Holds with cancellation requests.
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit bbd1fa0bfa2604e60eb38072569d7af5ec6808d8) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Tue, 23 Jul 2024 12:14:44 +0000 (12:14 +0000)]
Bug 37378: libraries_where_can_see_things should always return an array
The subroutine libraries_where_can_see_things stores the list of libraries that things
can be viewed from in an internal variable, so we can return this directly if we have already calculated.
When returning if not cached, we dereference the list and return an array. If cached, we are returning
an arrayref. This patch simply ensures we dereference the array even if already cached.
Before this patch, we were fetching the patrons, then redacting all info as their branches didn't match against
an arrayref, rather than checking against each branch we are allowed to view.
To test:
1. Setup a library group and check the "Limit patron data access by group ." option.
2. Add some libraries to the group. ( IN k-t-d I added CPL and MPL )
3. Create a staff account who has staff access permissions and all of the borrower permissions except "view_borrower_infos_from_any_libraries"
4. Set the home library of that staff member to one of the branches in step 2. ( In my test I choose MPL )
5. Log in as that patron and attempt a patron search that would include users from either library in step 2.
6. See the error:
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e7a017e663bd0376c626a692a85cda4dc7e68324) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 37285: Printing lists only prints the ten first results
GIVEN koha in a version later than 22.11, a list with more than ten entries
WHEN the user tries to print the list
THEN only the ten first results are printed
EXPECTED THEN all results are printed
It looks like it is an undesired effect of BZ36858. Page remains set
even while printing, therefore, however the number of rows is not set,
default value (10) is used.
TEST PLAN
1 - create a list with more than 10 items
2 - print the list -> there is a pagination and that only 10 items
are printed
Apply patch
3 - print the list again -> every items are being printed
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 64027daadcea8c44cb73aae71a48ac64d527ed3f) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 33455: Fix the size of the patron change password heading
The H1 heading on the patron change password page in the staff
interface is too big and should be outside of the area with
form area with the white background.
Test plan:
1. In the staff interface, click on top right of menu and navigate
to my account.
2. Click the 'Change password' button.
3. Note that title is now outside the legend and font size is
comparable to other H1 headings (e.g. Duplicate).
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3eb461bc9b293aa88a1c60addc5125759b46ff03) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Eric Garcia [Tue, 23 Jul 2024 18:04:41 +0000 (18:04 +0000)]
Bug 37435: Fixed renew patron from moremember.pl without circulate permissions
To recreate:
1. Have a staff account with limited permissions:
-Staff access ( catalouge )
-Add, modify and view patron information (borrowers)
-NO circulate permissions
2. Log in as that staff user and find a patron with an expired account.
3. See the warning "Expiration: Patron's card has expired. Renew or Edit details".
4. Try clicking on Renew, you are logged out and see "Error: You do not have permission to access this page."
To test:
1. Apply patch
2. From the expired patron's details page see the warning and click Renew
3. Notice it renews the patron and returns to the patron details page
4. Details -> Edit -> Set the expiration date so that the patron is expired
5. Go back to your staff patron and check 'Check out and check in items' permission
6. In your expired patron's page -> Check out -> See warning -> Renew
7. Notice it renews the patron and returns to the check out page
8. Set the expired patron's expiration date so that it expires soon
9. Uncheck 'Check out and check in items' permission for your staff patron
10. Confirm the warning for your patron now is "Expiration: Patron's card expires on (DATE). Renew or Edit details"
11. Repeat steps 2-7 and notice it returns to the correct pages
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 39ff9705444f8da1ebd82e2093a808c26c503338) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 37407: Fix automatic checkout for fast cataloging
This patch adds a check for the referrer to the circulation page.
If the referrer is from the same origin's additem.pl then get the
barcode from the url parameters, fill the form and submit.
Test plan:
1. Apply patch
2. Enter a barcode not in the system, eg 99999
3. Click '+ Add record using fast cataloging'
4. Fill required bib fields 000, 008 and 245a and click 'Save'
5. Add required item field y - Koha item type and click 'Add item'
6. Notice the barcode is filled and the form is submitted automatically
7. Confirm the item is checked out and the dutedate specified works
8. Add an html customization somewhere else in koha with a link like
http://localhost:8081/cgi-bin/koha/circ/circulation.pl?borrowernumber=38&barcode=99999&duedatespec=&stickyduedate=
9. Click on the link to simulate a csrf attack
10. Confirm the checkout page is loaded for that patron but no checkout is made
Signed-off-by: Eric Garcia <cubingguy714@gmail.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 620dbcde87704ebbd095c24dfa78b9b847235869) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Tue, 23 Jul 2024 12:51:00 +0000 (12:51 +0000)]
Bug 34147: Load all categories for displaying patron results
Currently we are only loading unlimited categories into the patron search, so when we return
patrons from a category limited to another library we crash because we don't have the descriptions
loaded.
This patch removes the limit from 'categories_map' which is only used for displaying patrons. As patron
visibility is a feature of permissions and groups, I don't think we should enforce if based on category
limitations.
NOTE: the categories for searching are still limited in the left hand filters - but not in the dropdown if you click the options button in the top search form. This is beyond the scope of this bug.
To test:
1. Make sure you are logged in as Centerville
2. Do a patron search for 'Ac' -- there are two patrons: Henry (Staff) and Edna (Patron)
2. Go to Administration > Patron Categories
3. Edit the Patron (PT) category, set the Library limitations to Fairfield only
4. Do the patron search for 'Ac' again - it hangs up with a Processing box
5. Apply patch
6. Reload the page (clear cache) and confirm the results now load
Signed-off-by: Jason Robb <jrobb@sekls.org> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 476776cc5b828c7fad76c584f36855dea591fd3f) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Kyle M Hall [Fri, 19 Jul 2024 16:23:43 +0000 (12:23 -0400)]
Bug 36362: (QA follow-up) Tidy code
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit a62d39ea11a9b6986c155f6333ac6e3afde0dd87) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
David Gustafsson [Tue, 19 Mar 2024 17:33:18 +0000 (18:33 +0100)]
Bug 36362: Only call Koha::Libraries->search() if necessary in Item::pickup_locations
To test:
1) Make sure the following tests pass:
- t/db_dependent/Koha/Item.t
- t/db_dependent/Koha/Biblios.t
- db_dependent/Koha/Biblio.t
Sponsored-by: Gothenburg University Library Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 2c1e95562188a6d93c22055e30d6a5e9d7e50034) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Emmi Takkinen [Mon, 19 Feb 2024 10:55:26 +0000 (12:55 +0200)]
Bug 36129: Make check on "Hide all columns" persist on item patch modification/deletion
On item patch modification/deletion tool, if one checks
"Hide all columns" checkbox and then reloads the page,
checkbox is no longer selected. Columns are hidden as
they should. This patch adds line to batchMod.js which
sets "checked" attribute and class "selected" to checkbox.
To test:
1. Find items to modify/delete and modify/delete them with
corresponding tool.
2. Check checkbox "Hide all columns".
3. Refresh the page.
=> Note that columns are still hidden, but checkbox is now
unselected.
4. Apply this patch.
5. Check checkbox again and refresh page.
=> Checkbox should be still checked.
Sponsored-by: Koha-Suomi Oy Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 1a154f1f0e1fa4d5c7295ba181fc27eaff99fd09) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Owen Leonard [Wed, 10 Apr 2024 11:30:33 +0000 (11:30 +0000)]
Bug 36566: Correct eslint errors in OPAC enhanced content JS
This patch fixes various eslint errors in enhanced content JS files:
- Consistent indentation
- Remove variables which are declared but not used
- Add missing semicolons
- Add missing "var" declarations
To test, apply the patch and clear your browser cache if necessary.
- Go to Administration -> System preferences and enable these
preferences:
- OPACAmazonCoverImages
- BakerTaylorEnabled
- GoogleJackets
- OPACLocalCoverImages
- OpenLibraryCovers
- Go to the OPAC and confirm that covers from these services appear
correctly in search results and on detail pages.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3d82116830ac7fbafe7414e08f155a54b7bb723f) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Mon, 22 Jul 2024 19:46:33 +0000 (19:46 +0000)]
Bug 37425: Check for existence of biblio object before fetching cover images
This patch simply adds a conditional to ensure the biblio object has been retrieved and assumes no cover images otherwise
To test:
1 - Enable system preference LocalCoverImages
2 - Perform a search in staff interface
3 - Find the biblionumebr for one of the results and delete it via the SQL backend:
DELETE FROM biblio WHERE biblionumber=3;
4 - Search again.
5 - KO!
Can't call method "cover_images" on an undefined value at /usr/share/koha/intranet/cgi-bin/catalogue/search.pl line 671.
6 - Reindex, confirm error is gone
7 - Apply patch
8 - Search again
9 - Delete a record from the results via SQL
10 - Reload and confirm no error
11 - Reindex and repeat search and confirm no error
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8fdddccffb2fa165b32e6a9c9b8d6d3dcacd5b08) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Fri, 12 Jul 2024 09:23:22 +0000 (10:23 +0100)]
Bug 37340: Restore sorting on 'Details' column in edifactmsgs
This patch restores the sorting options on the 'Details' field in the
edifact messages page.
We sort by basket_id followed by type behind the scenes, so the
resulting order for a Descending sort will group by basket id highest to
lowest with Quotes coming before Orders.
This is generally what the end user actually wants to see, even though
it may be somewhat unintuitive intially as it's not a clear alpha sort
for what's displayed in the column in the UI.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Mary Blomley <mary.blomley@uwl.ac.uk> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e828f5f839ae709fd8425a0ee46401cb835b2ce1) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Mon, 22 Jul 2024 23:41:46 +0000 (23:41 +0000)]
Bug 37383: Use libraries_where_can_edit_items to check if items are editable
To test:
1 - have a system with 2+ branches
2 - have a bib with 2+ items, all with holdingbranch=A
3 - set logged in library to A
4 - go to bib details page, confirm each item has an Edit button in the holdings table
5 - edit one item, set holdingbranch=B
6 - reload bib details page
7 - confirm the item now at branch B does not have an edit button
8 - APPLY PATCH and restart_all
9 - Try 1 - 6 again, this time you should see the proper edit buttons
10 - Set up library group:
* Create a library group for library A + B
* Action: Limit item editing by group
11 - Set up test user:
* Create a staff patron with these permissions:
* catalogue
* fast_cataloguing
* edit_items
* view_borrower_infos_from_any_libraries
* edit borrowers
* Home library: library A
12 - Set up test items:
* Create a record with 3 items with different home libraries:
* A
* B
* C
13 - We expect the use to be able to edit A and B, but not C.
14 - With the same user turn OFF the view_borrower_infos_from_any_libraries permission
15 - Behavior should not change, we expect the use to be able to edit A and B, but not C.
16 - Make sure StaffDetailItemSelection still works as expected for all users. With the sys pref on the checkbox should show up for superlibrarians and users with 'tools' permissions.
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 66c332a78977b97c753bdc0e1acf60b243df9eca) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
This patch removes the 'About Koha' link as a module button, and
instead uses the 'Koha xx.xx.xx' version URL on the mainpage as a
shortcut to the 'About Koha' page.
Additionally, a link to the Koha Community website has been added to
the bottom of the 'About Koha' page, in the same place the 'Koha
xx.xx.xx' version URL appears on the mainpage.
To test:
a) Log in to Koha's staff client
b) Notice the 'About Koha' module button, and that the 'Koha xx.xx.xx'
version URL goes to the Koha Community website.
c) Notice that on the 'About Koha' page, there is no link to the Koha
Community website.
d) --> Apply patch <--
e) Notice that the About Koha module button is now missing
f) Notice that the 'Koha xx.xx.xx' version URL now goes to 'About
Koha'
g) Notice that on the 'About Koha' page, there is now a link for the
Koha Community website at the bottom of the page.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 4743e4639ae0296205077bd57c3687be9a0df770) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit a5710c49dbcf7127ed19bb497ab0cf9e48d90b54) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 56621b992669b0b04e4134dd034cb5a4ac427e5c) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Mon, 22 Jul 2024 19:02:22 +0000 (19:02 +0000)]
Bug 28762: (QA follow-up) Restore protection against unknown itemtypes
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5ff47fc40c2e6be3e10eb5aef0a7dfcd8ac03b16) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Mon, 22 Jul 2024 15:32:34 +0000 (16:32 +0100)]
Bug 28762: Rename not_for_loan as effective_not_for_loan_status
This patch updates the method name to follow current conventions.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit fdefef14445bc8d680496ae9f52f221983db2ec5) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Mon, 22 Jul 2024 15:14:08 +0000 (16:14 +0100)]
Bug 28762: Replace is_notforloan with not_for_loan
This patch replaces the use of is_notforloan with not_for_loan and
removes the older is_notforloan method and tests
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 4e6d9d13bf879593303eed8188bcfc615111519c) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Mon, 22 Jul 2024 15:09:30 +0000 (16:09 +0100)]
Bug 28762: Confirm return of not_for_loan in boolean context matches is_notforloan
This patch is simply here to prove that is_notforloan is just
not_for_loan but in a boolean context.. we'll remove it in the next
patch.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0d5c224cc30a74a0b258bd3e929b82bbd3e2e088) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Mon, 22 Jul 2024 12:29:06 +0000 (13:29 +0100)]
Bug 28762: (follow-up) Remove warning in tests
Looks like a recent bug introduced a superflous warning, we just clean
that up here whilst we're in the code.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e45a595996c69a980c47ea68102188ffea76c93f) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Mon, 29 Jan 2024 10:46:07 +0000 (10:46 +0000)]
Bug 28762: Unit tests for not_for_loan accessor
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 99b800620e17f2cbeec2aa472d03e8106d3243af) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Mon, 29 Jan 2024 09:41:08 +0000 (09:41 +0000)]
Bug 28762: Add test for new 'instructors' accessor
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit fdd6a019320788c47f38bef716ec752befe3d492) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Fri, 24 Sep 2021 09:25:53 +0000 (10:25 +0100)]
Bug 28762: Move notforloan fallback into object
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 294447d07e1a880e58dc28a458a1229dddf20767) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Fri, 24 Sep 2021 07:39:52 +0000 (08:39 +0100)]
Bug 28762: Update item-status include
This patch updates the item-status include so that it expects just an
item object making if simpler and more widely re-usable.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8ff4d3740e92194fb5e3df0739af89d8ac2d4842) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Thu, 23 Sep 2021 18:06:43 +0000 (19:06 +0100)]
Bug 28762: Use Koha::Course in course-details controller
This patch updates Koha::Course to include the 'instructors' relation
accessor and then update the course-details controller to use the
Koha::Course object and pass it to the template instead of building a
hash using GetCourse.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7f38c77d091cd4192b039041bcc3a00a05e10583) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Wed, 8 Sep 2021 17:01:03 +0000 (17:01 +0000)]
Bug 28762: (follow-up) fix template logic with Available
Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 316c14c1bf75cec6f3fcae61fa29a69223a292c6) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Tue, 27 Jul 2021 21:45:12 +0000 (21:45 +0000)]
Bug 28762: handle notforloan better
Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e3e306efdb622f4c4857aa645c72c89320dac63d) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Tue, 27 Jul 2021 21:17:48 +0000 (21:17 +0000)]
Bug 28762: add staff item-status.inc and better handle statues on course-details.tt
This patch adds an item-status.inc to the staff side much like what is already in place on the OPAC.
To test:
1. create a course in course reserves, add an item to it.
2. confirm your item shows Available for its status on course-details.pl
3. edit your item to be withdrawn, lost, damaged, notforloan, and restricted use
4. reload course-details.pl, confirm it still shows available
5. apply patch
6. repeat step 3 with each of the statuses and make sure it correctly shows on course-details.pl
Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 38427cc357de46d60114ca308329c89f3220a9dd) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Thu, 25 Jul 2024 09:54:36 +0000 (10:54 +0100)]
Bug 37374: (follow-up) Add csrf token and op to form
This patch adds a hidden op input and csrf token to the clubs hold
request form.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 83966f4273093dc2d31f13a81ed563c2d5b16dd6) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Sam Lau [Mon, 22 Jul 2024 15:48:01 +0000 (15:48 +0000)]
Bug 37374: Fix functionality of 'Place hold' button for club holds
To test:
1) create a club
2) put 1 patron in your club
3) find a bib
4) Click Holds, then Clubs
5) search for your club, confirm hold detail
6) click Place Hold
7) nothing happens
8) Apply patch
9) Refresh page and click 'Place hold' again
10) Hold is properly placed
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0f7d3fab6cef893b3fa7c0bdb8e71c8f5b960b55) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
This patch changes the data-order attribute for the item callnumber column
to use the item's cn_sort instead of the callnumber value.
Test plan:
1. Create a bib
2. Add three items with source of classification LLC
call numbers:
JC43 .G6 1890
JC330 .F74 2000
JC480 .R63 2006
4. On additem.pl sor the items table by 'Full call number'
5. Confirm the items are now ordered correctly by cn_sort
6. Confirm the other columns still sort correctly
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 033e9abc302d14b8edf83051af5b8f07c4314a61) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Wed, 24 Jul 2024 06:49:18 +0000 (07:49 +0100)]
Bug 37302: (follow-up) Update yarn.lock
We were having some issues with package building because we missed the
update to the yarn.lock file here.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5c8baafc6111d34c4804dbd5094d000215d14d88) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Wed, 10 Jul 2024 10:26:09 +0000 (11:26 +0100)]
Bug 37302: Add swagger-cli to devDependancies
This patch adds swagger-cli 4.0.4+ to the devDependancies section of
package.json. This should ensure it gets installed when appropriate
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 86938e11fbdd3d9d3475d30a986aaef8912ea9c8) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Wed, 10 Jul 2024 10:12:56 +0000 (11:12 +0100)]
Bug 37302: Set test to failed if swagger-cli missing
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit be3924a70f1a610330c631175f01ac8f2cfd8f49) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Kyle M Hall [Thu, 18 Jul 2024 11:27:47 +0000 (07:27 -0400)]
Bug 37400 - In returns.pl don't search for a patron unless needed
In returns.pl we find a patron, then use it in an if statement.
Test Plan:
Cancel a hold with other holds remaining on the record.
No change should be noted.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 82535a488764be5437c47d38953eb0aea81ce4ee) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Owen Leonard [Thu, 16 May 2024 13:57:11 +0000 (13:57 +0000)]
Bug 36885: Fix Bootstrap tooltip on budget planning page
This patch finishes the process of adding a Bootstrap tooltip to the
listing of funds which are locked.
To test, apply the patch and go to Administration -> Budgets.
- Edit a budget and make it locked: Check the "Lock budget" checkbox and
save.
- View the budget you locked.
- From the toolbar, click Planning -> Plan by months.
- In the table of funds, hover your mouse over a fund.
- You should see a Bootstrap-styled tooltip, "Fund locked."
Signed-off-by: David Nind <david@davidnind.com>
Bug 36885: (follow-up) Correct popup hint
Bug 36885: (follow-up) Remove tooltip from unlocked budgets (copy-paste error)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit deb9bf78b8197eeb90e2c9c9088104a0b91d498b) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jan Kissig [Mon, 15 Jul 2024 11:01:39 +0000 (13:01 +0200)]
Bug 37324: Self registration complete login form won't login user
This patch fixes the self registration complete login form which appears after a complete self registration process.
To test:
a) open http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=PatronSelfRegistrationDefaultCategory
b) set PatronSelfRegistration to allow
c) set PatronSelfRegistrationDefaultCategory to Self registration
d) logout or open a private tab
e) http://localhost:8080/cgi-bin/koha/opac-memberentry.pl and enter required fields
f) Registration complete! appears with a prefilled login form. Click Log in.
g) Check you are not logged in
apply patch and redo steps e-f and check that login worked.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0988be4a599209d4b8a72659c39198b060d28e6f) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Kyle M Hall [Fri, 19 Jul 2024 13:54:44 +0000 (09:54 -0400)]
Bug 29509: (QA follow-up) Tidy atomic update
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0505531cde2e0513a2c8fbc3c91d18f9ae3a3a89) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Tue, 7 May 2024 13:18:04 +0000 (14:18 +0100)]
Bug 29509: (QA follow-up) Check top level permissions too
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 56c7c3782b2ceacbbd2777ec0f3fa9955e877d2c) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Mon, 22 Jan 2024 16:49:56 +0000 (16:49 +0000)]
Bug 29509: Update swagger specification and add permissions to users
This patch removes the 'edit_borrowers', 'manage_bookings',
'lable_creator', 'routing' and 'order_manage' permissions from the list
of options in the patrons list endpoint.
We then assign the new 'list_borrowers' permission to any users who have
those removed permissions
Test plan
1) Apply patch and run the database update
2) Users with any of the permissions listed above should now also have
the 'list_borrowers' permission too.
3) Check that patron searching continues to work from the various
locations in the UI for the above affected users
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Incorporated second patch and removed 1<<4. 16 reads much better :)
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 85ea79c45b6f95baee9ec955c6c09046808771b5) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
If syspref "noItemTypeImages" is disabled, holdings table won't display
itemtype column. This patch fixes this.
To reproduce:
1. Enable syspref "noItemTypeImages".
2. Find biblio with items.
=> Note that itemtype column is displayed on holdings table.
3. Disable syspref "noItemTypeImages".
=> Itemtype column is no longer displayed on holdings table.
4. Apply this patch.
=> Now column should be displayed correctly.
Sponsored-by: Koha-Suomi Oy Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 313f7e86b8b9bb063d07be292dd352c2f889fa99) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Andreas Roussos [Mon, 1 Jul 2024 14:27:42 +0000 (14:27 +0000)]
Bug 37226: append a random number to the `id` attribute of each <li>
When you view the authority details page for a term that contains more
than one terms with broader relationship, clicking on the expand/collapse
arrows next to the top-level terms in the hierarchy tree will not work
properly, i.e. *only one* broader term will show the narrower term under
it at any given time.
This is affecting both the OPAC and the Staff interface.
This is happening because in the HTML source of the page the individual
<li> elements associated with each node do not have unique `id` values,
which confuses the JavaScript library (jsTree) responsible for rendering
the hierarchy tree.
This patch fixes that by appending a random number to each `id` attribute.
Test plan:
0) Enable the AuthDisplayHierarchy System Preference (set to 'Show').
1) Copy the provided MARC21 Authority sample data (sample-data.mrc)
to your KTD Koha container (it must have MARC21 marc flavour):
2) Import the provided authorities (the sample file contains three
Geographic Name records):
WARNING! the --delete switch is passed to bulkmarcimport.pl
WARNING! this will erase any authority data you have in your instance!
(this is done to retain the broader/narrower authid associations)
In the authority hierarchy tree, click the arrows next to 'Europe'
and 'Greece' to expand and show the narrower term: notice how only
one item works at any given time.
4) Apply the patch.
5) Repeat step 3) (refresh the pages) -- this time you should be able
to view 'Athens' as a narrower term of both 'Europe' and 'Greece'
at the same time.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 24e54b1fd4b241a0d5723ff7ec97b2fe9645d577) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Eric Garcia [Tue, 16 Jul 2024 17:00:43 +0000 (17:00 +0000)]
Bug 37343: Fixed search for vendors when transferring an item in acquistions
To test:
1. Have several vendors in acquistions
2. Add a basket and click "+Add to basket"
3. I used an mrc file to add an order from a new file
4. Stage for import -> add staged files to basket
5. Select the items and choose an item type
6. In the Orders table click 'Transfer' under the 'Modify' column
7. Try searching for vendors, nothing happens.
8. Apply patch restart_all
9. Click 'Transfer' again and try searching for vendors.
10. Notice vendors appear
NOTE:
Vendor search is a GET operation not POST. Use 'do_search' instead of 'cud-do_search'.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 54575f3c30f6eab9adf2078ffcb92cee05a987dc) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Matt Blenkinsop [Fri, 28 Jun 2024 13:53:10 +0000 (13:53 +0000)]
Bug 29087: (QA follow-up): Fix QA tests
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Conform BZ comment31 Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7f5e1fac86bf7eaa3f217a8e41cc4522e7fe9c3c) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Matt Blenkinsop [Tue, 16 Apr 2024 12:47:16 +0000 (12:47 +0000)]
Bug 29087: Add unit tests
prove t/db_dependent/Koha/Items.t
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 44d3762a6921a323443ca56996fc55d5e96cc9b8) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Fri, 19 Nov 2021 12:27:44 +0000 (13:27 +0100)]
Bug 29087: Prevent filter_by_for_hold to crash if default holdallowed is not_allowed
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8c804c17493ecc9cb993c5434644c1b2a860bae3) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Pedro Amorim [Fri, 5 Jul 2024 13:28:24 +0000 (13:28 +0000)]
Bug 37260: Check message broker for both 'about' and 'sysinfo' tabs
Test plan:
1) Apply test patch only
2) Visit <staff_url>/cgi-bin/koha/about.pl
3) Notice it shows 'Using RabbitMQ' (it should show 'Using SQL polling')
4) Apply this patch, repeat 3)
5) Notice it now shows 'Using SQL polling'
6) Remove test patch. Notice it shows 'Using RabbitMQ' again.
7) Repeat test plan but for /cgi-bin/koha/about.pl?tab=sysinfo tab
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6a321c6ee44413e1e3601d1d9fcd727788e2bb3f) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Tue, 18 Jun 2024 19:34:52 +0000 (19:34 +0000)]
Bug 37111: Fix renew link on opac-user.tt
To test:
1. Check some items out to a patron
2. Set the username and apssword for the patron so that you can log in as that patron.
3. Log in to the OAPC as that patron.
4. Go to Your account > Summary (the default landing page after you log in).
5. Click "Renew" for one of the items.
6. You get the error as above.
7. APPLY PATCH
8. Try steps 1 -5 again, you should not get an error.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Alexander Wagner <alexander.wagner@desy.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 58838fc263ecc9a843c94520e373030c77fc4eed) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Tue, 18 Jun 2024 19:34:24 +0000 (19:34 +0000)]
Bug 37111: Add submit-form asset to OPAC assets
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Alexander Wagner <alexander.wagner@desy.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6c56d3d90b92a4ca6f7120a187adb35d3e6fd914) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Wed, 17 Jul 2024 15:10:24 +0000 (15:10 +0000)]
Bug 37371: Move Maskito instantiation to onReady ( OPAC )
To test:
1. Find a any date picker in Koha, like DOB in the patron record.
2. Add a date, either manually or using the date picker.
3. Once there is a date like 07/15/2024 try to edit only part of the
date, or the '15'.
4. The date easily becomes malformed.
5. APPLY PATCHSET, maybe clear your browser cache too
6. Try directly inputing dates. I would suggest the following places:
-Patron record DOB
-Specify due date on circ/circulation.pl as this includes time
-Add item screen, this is the dateaccessioned plugin
-OPAC self reg/self modify
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit bae3203f700cdac634b5bd3c65e02902c8ae50bf) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Wed, 17 Jul 2024 14:58:14 +0000 (14:58 +0000)]
Bug 37371: Move Maskito init to onReady in dateaccessioned.pl
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit f723c33d480dbd1883fa32dc85e6cc0bd8a5c0a0) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Wed, 17 Jul 2024 14:50:42 +0000 (14:50 +0000)]
Bug 37371: Set overwrite mode to replace
In our case I think overwriteMode needs to be set to replace:
https://maskito.dev/core-concepts/overwrite-mode Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0f04c9a26afe02824e1c3b213a4c0f8ad212278c) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Wed, 17 Jul 2024 14:08:58 +0000 (15:08 +0100)]
Bug 37371: Move Maskito instantiation to onReady
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7e1de5b5574bf09cdc9c4f83f6f0acd916c6d6cf) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Emily Lamancusa [Fri, 28 Jun 2024 21:02:50 +0000 (17:02 -0400)]
Bug 37216: (follow-up) Clear invalid value
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 37683ffd695f6cc0c356325e8b9f2c2a516e1477) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Fri, 28 Jun 2024 15:03:03 +0000 (16:03 +0100)]
Bug 37216: (QA follow-up) Add update to set existing options
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit fbcdce5e0a00da4eb8884a7786ead92db966ad16) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Emily Lamancusa [Thu, 27 Jun 2024 20:27:37 +0000 (16:27 -0400)]
Bug 37216: Fix SQL for EmailFieldSelection
Test plan:
Part A: New installation
1. Start a fresh test instance
2. Set EmailFieldPrimary to "selected addresses", and do not touch
EmailFieldSelection
3. Edit a patron to ensure the following fields are set:
- Primary email
- Secondary email
- Alternate email
- Enable email notices for item checkout
4. Attempt to check an item out to that patron
--> Koha explodes!
5. Apply patch
6. reset_all
7. Repeat steps 2-4
--> Checkout succeeds!
8. Ensure test plan for bug 12802 still passes
Part B: Upgraded installation
1. Start a fresh test instance at version 23.11
2. Switch to main
3. Install database update
4. Set EmailFieldPrimary to "selected addresses", and do not touch
EmailFieldSelection
5. Edit a patron to ensure the following fields are set:
- Primary email
- Secondary email
- Alternate email
- Enable email notices for item checkout
6. Attempt to check an item out to that patron
--> Koha explodes!
7. Go back to 23.11 and reset_all
8. Switch to main and apply patch
9. Repeat steps 4-6
--> Checkout succeeds!
10. Ensure test plan for bug 12802 still passes
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 89a0c62da407e5981f7bc30b12691f0a1546905d) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Mon, 12 Aug 2024 12:10:12 +0000 (12:10 +0000)]
Bug 37508: Don't return Internal server error when running report
To test:
1 - Create a report like:
SELECT "a"
FROM borrowers
WHERE <<Test>> != ''
2 - Run report
3 - Enter "password"
4 - Internal server error / stacktrace
5 - Apply patch
6 - Repeat
7 - Get a yellow warning box
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Wed, 7 Aug 2024 01:15:10 +0000 (01:15 +0000)]
Bug 37508: Test for errors when returning an aliased password column
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 37508: Throw error if password column is detected in SQL report
This enhancement prevents SQL queries from being run if they would return a password field from the database table.
To test:
1. Run tests and notice they fail t/db_dependent/Reports/Guided.t
2. Apply patch and restart services
3. Create a public report with an SQL report which would access a password column in a database table
4. Try to run the report. Notice you are met with an error and the results are not shown.
5. Access the JSON URL, you should not get the results and should be shown an error
6. Confirm tests pass t/db_dependent/Reports/Guided.t
Sponsored-by: Reserve Bank of New Zealand Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 37370: Return 400 if OpacExportOptions does not contain the passed format
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit a164c51d78f375d9d660e2c079cc7e05d2d1d326) Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Thu, 25 Jul 2024 06:44:37 +0000 (06:44 +0000)]
Bug 37466: Add correct filter for sort_by in results.tt
This patch replaces the $raw filter with the correct uri filter
for the sort_by in results.tt
Test plan:
1. Apply patch
2. Go to /cgi-bin/koha/catalogue/search.pl?count=20&sort_by=popularity_dsc&idx=kw&q=1
3. Click on "Edit this search"
4. Note that the "Popularity (most to least)" Sort by option is selected
5. Go to /cgi-bin/koha/catalogue/search.pl?count=20&sort_by=popularity_dsc&idx=kw&q=24y24ty2498294t9824yt9y23
6. Click on "Edit this search"
7. Note that the "Popularity (most to least)" Sort by option is selected
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5148e05d408b43c0eb330683ffa4c26c90faa696) Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Thu, 25 Jul 2024 06:56:18 +0000 (06:56 +0000)]
Bug 37464: Validate "type" sent to barcode/svc
This change validates the "type" sent to the barcode/svc. Without this
change, we pass the user input directly to GD::Barcode, which passes
the input into an eval{} block without any validation of its own.
Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=bad&barcode=123456
3. Note that a Code39 barcode is provided for an invalid type
4. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=Code39&barcode=123456
5. Note that a Code39 barcode is provided
6. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=UPCE&barcode=123456
7. Note that a non-Code39 barcode is provided (presumably UPCE)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 73b0c3cf621250008845f22f7a36f90a48e00b06) Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Fri, 26 Jul 2024 04:01:43 +0000 (04:01 +0000)]
Bug 37488: Validate paths in datalink.txt/idlink.txt files
This change validates the paths in datalink.txt/idlink.txt,
so that only images in the unpacked archive directory are allowed
Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Create a datalink.txt file with the following:
42,selfie.jpg
3. Create a jpeg at selfie.jpg
4. ZIP the datalink.txt and selfie.jpg files
5. Upload to the "Upload patron images" tool
(after enabling the "patronimages" system preference)
6. Note that the image uploads correctly
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 8fcb767fe2836c90ceacb5b5d8211524571eb8aa) Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Fri, 26 Jul 2024 03:27:22 +0000 (03:27 +0000)]
Bug 37323: Tidy
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 579c28c764257a250c12aa11207772c074c1335e) Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Chris Cormack [Thu, 18 Jul 2024 23:57:32 +0000 (23:57 +0000)]
Bug 37323: Don't allow symlinks in link files in zip and validate filepaths
Test plan:
0. Apply patch and restart/reload Koha
1. Test that uploading a patron image still works, in single file format and as a zip
Work as suggested
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 9bc0521493fbe2f9fe0dde051d0b2f52c8a14a9a) Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Amit Gupta [Thu, 11 Jul 2024 17:43:06 +0000 (23:13 +0530)]
Bug 37323: Escape characters in patron image picture upload
To Test
1. Create a file name for example: test.zip`curl xxxxtesting.informaticsglobal.com`.zip
where the domain is one you can watch the logs from.
2. Go to Tools and click on Upload patron images choose option zip file and upload the file.
3. Check /var/log/apache2/access.log and see the curl with the IP
"xx.xxx.xx.xxx - - [11/Jul/2024:23:10:33 +0530] "GET / HTTP/1.1" 200 267 "-" "curl/7.68.0"
4. Apply the patch
5. Repeat 2 and 3 step and check no error is coming for the Remote execution error.
6. Test uploading actual zip file and images still works.
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5c931e00f73e91467581fd29721e5af8d7fa98ab) Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 37255: Fix handling of "All" values on waiting hold cancellation policy
If one creates a default waiting hold cancellation policy with
patron categories set as "All" and itemtype set as "All", Koha
breaks on 500 error. This happens because in we try to match
template policy with "All" values either in category or itemtype
with *, not undef. This patch fixes this.
To test:
1. Create a new default waiting hold cancellation policy and
set both patron category and itemtype as "All".
2. Save policy.
=> Error page for error 500 is displayed.
3. Apply this patch.
4. Reload page.
=> Page is displayed and policy listing displays new policy
as it should.
Sponsored-by: Koha-Suomi Oy Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Andreas Jonsson [Wed, 31 Jul 2024 09:06:02 +0000 (09:06 +0000)]
Bug 37533: Fix query in orderreceive.tt
The new validation in the REST API will no longer allow
the operator "in". Consequently, it has to be replaced
with the allowed "-in".
Test plan:
* Open an invoice and click "Go to receipt page" and
on any basket click "receive" and make sure the dialog
box appears.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Hammat Wele [Thu, 27 Jun 2024 14:09:04 +0000 (14:09 +0000)]
Bug 37210: Escape single quote in search string in overdue.pl
To Test:
1. Go to /cgi-bin/koha/circ/overdue.pl
2. In the «Name or card number» field, type «Tommy'and(select(0)from(select(sleep(10)))v)and'»
3. Apply the filter
==> It takes 10 seconds, sleep(10) is executed
4. Inspect the page, in «Patron category:» field, put «Tommy'and(select(0)from(select(sleep(10)))v)and'» in one of his option's value
5. select the option from the filter and Apply the filter
==> It takes 10 seconds, sleep(10) is executed
we can inject SQL to the followin field : borname, itemtype, borcat, holdingbranch, homebranch and branch
6. Apply the patch
7. Repeat step 1,2,3
==> it doesn't take 10 seconds, the injected sql is not executed
8. Repeat step 5
==> it doesn't take 10 seconds, the injected sql is not executed
9. Repeat step 5 with the followin field : itemtype, holdingbranch, homebranch and branch
==> it doesn't take 10 seconds, the injected sql is not executed
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
The /libraries/{library_id}/cash_registers endpoint was missing the
library_id parameter definition from the swagger specification.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 466d38f18d43e968f3b69562c1ee018177953681) Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
projects / koha.git / log