]> git.koha-community.org Git - koha.git/log
koha.git
5 months agoBug 36520: Prevent SQL injection in GetPreparedLetter
Jonathan Druart [Mon, 13 May 2024 12:47:28 +0000 (14:47 +0200)]
Bug 36520: Prevent SQL injection in GetPreparedLetter

Actually in _get_tt_params

The following query will delay the response

SELECT `me`.`biblionumber`, `me`.`frameworkcode`, `me`.`author`, `me`.`title`, `me`.`medium`, `me`.`subtitle`, `me`.`part_number`, `me`.`part_name`, `me`.`unititle`, `me`.`notes`, `me`.`serial`, `me`.`seriestitle`
, `me`.`copyrightdate`, `me`.`timestamp`, `me`.`datecreated`, `me`.`abstract`
  FROM `biblio` `me`
WHERE `biblionumber` = '1) AND (SELECT 1 FROM (SELECT(SLEEP(6)))x)-- -'
ORDER BY field( biblionumber, 1 ) AND (
    SELECT 1
      FROM
    SELECT SLEEP( 6 ) x
   ) -- - )

To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+-  to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 0b3c98b0ba01ea5c886ecfe8eef174b5b7c6ec25)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36520: Add tests
Jonathan Druart [Wed, 15 May 2024 09:25:47 +0000 (11:25 +0200)]
Bug 36520: Add tests

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit ebbab1b398a97ecc884d4cbf22d5bd4239e014cb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: (QA follow-up) Shibboleth POD and checkpw_internal call
Marcel de Rooy [Tue, 30 Apr 2024 14:39:36 +0000 (14:39 +0000)]
Bug 36575: (QA follow-up) Shibboleth POD and checkpw_internal call

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 4cafd512cd31701fa3ee2a19abc4de4488b91e69)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: Adjust checkpw_internal to return patron
Nick Clemens [Wed, 24 Apr 2024 15:06:22 +0000 (15:06 +0000)]
Bug 36575: Adjust checkpw_internal to return patron

This patch refactors checkpw_internal to remove the SQL code, use patron ojbects, and return the
patron that correctly matches the userid/caerdnumber when auth is successful

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit fe78f06a50c41a7dbac24206e31bc5b1189ee185)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: (bug 34893 follow-up) Return patron when autocreating in Shibboleth
Nick Clemens [Wed, 24 Apr 2024 14:25:40 +0000 (14:25 +0000)]
Bug 36575: (bug 34893 follow-up) Return patron when autocreating in Shibboleth

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit f6fe24bdd8f72cdf09111a93d0ca0a114b5ee570)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: (bug 34893 follow-up) Return patron from LDAP
Nick Clemens [Wed, 24 Apr 2024 14:23:51 +0000 (14:23 +0000)]
Bug 36575: (bug 34893 follow-up) Return patron from LDAP

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit e6ce7aded6bc737fd98c2e94aba51abb4581afbb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: (QA follow-up)
Martin Renvoize [Thu, 11 Apr 2024 10:18:30 +0000 (12:18 +0200)]
Bug 36575: (QA follow-up)

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit fffc5600cad077e8b4d8d5211263f1935c5b07cd)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: Return correct patron when there is a shared userid / cardnumber
Nick Clemens [Thu, 11 Apr 2024 09:39:03 +0000 (09:39 +0000)]
Bug 36575: Return correct patron when there is a shared userid / cardnumber

This patch moves some patron fetching code in C4/Auth to use to patron returned from the validation
methods and only try to fetch the patron (to check if locked, update attempts, etc) if we didn't authenticate

To test:
1 - Set a user to have userid = BANANA password = Password1
2 - Set a user to have cardnumber = BANANA password = Password2
3 - Hit the patron authentication API:
    http://localhost:8080/api/v1/auth/password/validation
    with data:
    { "identifier": "BANANA", "password":"Password1" }
    and:
    { "identifier": "BANANA", "password":"Password2" }
4 - Note you receive the same response for both
5 - Apply patch, restart all
6 - Repeat the API and confirm you get the correct patron for the password submitted

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit ff4e0c4293486d2db31d2f48d9f6f31d6470965a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36993: Upgrade fails at 23.12.00.023 [Bug 32132]
Emmi Takkinen [Fri, 31 May 2024 09:39:57 +0000 (12:39 +0300)]
Bug 36993: Upgrade fails at 23.12.00.023 [Bug 32132]

Database update fails on some databases because of
foreign key constraint error. This comes from attempt
to make column aqbudgets.budget_period_id not accept
NULL values. Update also fails if there are rows where
column aqbudgets.budget_period_id doesn't match any
values in aqbudgetperiods.budget_period_id.

To test:
1. Remove changes made in bug 32132 and downgrade your database:
- ALTER TABLE aqbudgets MODIFY COLUMN `budget_period_id` INT(11) NULL;
- UPDATE aqbudgets SET budget_period_id = NULL
WHERE budget_period_id IN(SELECT budget_period_id FROM aqbudgetperiods
WHERE budget_period_description = "Budget for funds without budget");
- DELETE FROM aqbudgetperiods
WHERE budget_period_description = "Budget for funds without budget";
- UPDATE systempreferences SET value="23.1200022" WHERE variable = "Version;
2. Upgrade your database (e.g. running installer/data/mysql/updatedatabase.pl)
=> Update fails on foreign key constraint error.
4. Apply this patch.
5. Try to update your database again.
=> Database should now be upgraded succesfully.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 309127226fb5a308e744ed4011d407e4ec3bed28)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986: (follow-up) Ensure idempotency
Martin Renvoize [Thu, 6 Jun 2024 06:30:37 +0000 (07:30 +0100)]
Bug 36986: (follow-up) Ensure idempotency

MySQL/MariaDB checks the primary key/unique constraint before WHERE
clause when performing an UPDATE. As such, the lack of AutoLocation
existing will not prevent a failure on a second run of the update.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 73634e93fd044d68e6415601ebeab7dbcca5286e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986L (follow-up) Ensure idempotency
Martin Renvoize [Wed, 5 Jun 2024 17:10:33 +0000 (18:10 +0100)]
Bug 36986L (follow-up) Ensure idempotency

MySQL/MariaDB checks the primary key/unique constraint before WHERE
clause when performing an UPDATE. As such, the lack of AutoLocation
existing will not prevent a failure on a second run of the update.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit dc2388281c8e0e9c11ee5829cf09b7737a2f1c6c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986: DBRev 24.05.00.001
Martin Renvoize [Wed, 5 Jun 2024 13:32:57 +0000 (14:32 +0100)]
Bug 36986: DBRev 24.05.00.001

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 1c779aaca820b8dd2edeab3f3369ac342dadb089)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986: (QA follow-up) Catch the case where someone already upgraded
Martin Renvoize [Tue, 4 Jun 2024 10:15:59 +0000 (11:15 +0100)]
Bug 36986: (QA follow-up) Catch the case where someone already upgraded

This adds a corresponding atomic update for the case where someone may
have already upgraded past the version we're correcting in the prior
patch.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit d0f12989518b32c7bf9cb8093d57e49b038e8d70)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986: (Bug 26176 follow-up) Fix rename StaffLoginBranchBasedOnIP in BDRev
Fridolin Somers [Wed, 29 May 2024 15:29:21 +0000 (17:29 +0200)]
Bug 36986: (Bug 26176 follow-up) Fix rename StaffLoginBranchBasedOnIP in BDRev

Test by running upgrade from 23.11.00 to main
Check you see :
Upgrade to 23.12.00.061  [15:34:36]: Bug 26176 - Rename AutoLocation and StaffLoginBranchBasedOnIP system preferences
Renamed system preference 'AutoLocation' to 'StaffLoginRestrictLibraryByIP'
Renamed system preference 'StaffLoginBranchBasedOnIP' to 'StaffLoginLibraryBasedOnIP'

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit ebd4aa682796b8ac4666e948e7c55fde4d91ad2d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoKoha 24.05 is here! v24.05.00
Katrin Fischer [Mon, 27 May 2024 12:48:23 +0000 (12:48 +0000)]
Koha 24.05 is here!

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months ago24.05.00: Add release notes
Katrin Fischer [Mon, 27 May 2024 13:09:06 +0000 (13:09 +0000)]
24.05.00: Add release notes

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months ago24.05.00: Update kohastructure.sql
Katrin Fischer [Mon, 27 May 2024 13:00:17 +0000 (13:00 +0000)]
24.05.00: Update kohastructure.sql

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months ago24.05.00: Update history.txt
Katrin Fischer [Mon, 27 May 2024 12:56:11 +0000 (12:56 +0000)]
24.05.00: Update history.txt

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months ago24.05.00: Update contributors.yaml
Katrin Fischer [Mon, 27 May 2024 12:55:29 +0000 (12:55 +0000)]
24.05.00: Update contributors.yaml

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 31981: (follow-up) Fix typo in class name
Katrin Fischer [Fri, 24 May 2024 13:53:36 +0000 (13:53 +0000)]
Bug 31981: (follow-up) Fix typo in class name

.debt_gaurantors > .debt_guarantors

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36946: Fix cud- error when processing offline circulations
Owen Leonard [Thu, 23 May 2024 13:13:06 +0000 (13:13 +0000)]
Bug 36946: Fix cud- error when processing offline circulations

This patch fixes a CSRF token error when processing offline
circulations. The form needed both the token parameter and to be sent as
POST.

To test, apply the patch and go to Circulation.

- Go to Upload offline circulation file (.koc)
- Upload a .koc file, add to offline circulation queue.
- View pending offline circulation actions.
- Check one or more transactions and click "Process" at the bottom of
  the page.
  - The process should complete without any JS errors, and the
    checkboxes should be replaced with the text "Success."
- Perform the same test with the "Delete" button.

Sponsored-By: Athens County Public Libraries
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 26176: (follow-up) Replace branch with library in syspref description
Nick Clemens [Fri, 24 May 2024 11:30:54 +0000 (11:30 +0000)]
Bug 26176: (follow-up) Replace branch with library in syspref description

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36939: Remove a warning from Serials.t
Jonathan Druart [Thu, 23 May 2024 07:50:59 +0000 (09:50 +0200)]
Bug 36939: Remove a warning from Serials.t

t/db_dependent/Serials.t .. 2/57 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Serials.pm line 2029.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36923: Remove warnings from Holds/LocalHoldsPriority.t
Jonathan Druart [Wed, 22 May 2024 12:01:28 +0000 (14:01 +0200)]
Bug 36923: Remove warnings from Holds/LocalHoldsPriority.t

t/db_dependent/Holds/LocalHoldsPriority.t .. 1/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. 2/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. 5/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. ok
All tests successful.

We didn't have the default values generated by the DBMS

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36931: Fix label-item-search.pl by removing CSRF requirement
David Cook [Thu, 23 May 2024 06:43:40 +0000 (06:43 +0000)]
Bug 36931: Fix label-item-search.pl by removing CSRF requirement

This change converts a stateless POST into a GET, so that the paging
of the label-item-search.pl results works again.

Test plan:
0. Apply the patch and restart Koha
1. Go to http://localhost:8081/cgi-bin/koha/labels/label-edit-batch.pl?op=new
2. Click "Add item(s)"
3. Add '05/01/2000' in "Added on or after date:" and click "Search"
4. Page through the results
5. Rejoice

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36816: Remove warning
Jonathan Druart [Wed, 22 May 2024 08:08:30 +0000 (10:08 +0200)]
Bug 36816: Remove warning

Use of uninitialized value in string eq at /kohadevbox/koha/opac/opac-memberentry.pl line 629.

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36816: Restore clearing patron attributes - OPAC
Jonathan Druart [Wed, 22 May 2024 08:05:16 +0000 (10:05 +0200)]
Bug 36816: Restore clearing patron attributes - OPAC

1) Add a new patron attribute type, visit:
<staff_url>/cgi-bin/koha/admin/patron-attr-types.pl?op=add_attribute_type
2) Add a code and a description (whatever) - Make it 'Display in OPAC' and 'Editable in OPAC'
3) Access OPAC patron personal details page, visit:
<opac_url>/cgi-bin/koha/opac-memberentry.pl
4) Scroll down and add some info to 'whatever'. Click 'Submit update request'.
5) Visit the INTRA 'update patron requests from opac' page:
<staff_url>/cgi-bin/koha/members/members-update.pl
6) Notice the entry is there. Select 'approve' and click "Submit"
7) Repeat 3)
8) Scroll down and notice the approved value is there. Clear that data and "Submit update request" (as if you're requesting for that data to be removed/cleared)
9) Repeat 5)
10) Notice there's an entry, and it is not empty. Select 'approve' and click "Submit"
11) Repeat 3)
12) Scroll down and notice the request to update (clear) that field did go through, i.e. the data is not there anymore.

Also test self-registration and mandatory attributes

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36916: Do not generate invalid JS or CSS from TestBuilder
Jonathan Druart [Wed, 22 May 2024 08:31:29 +0000 (10:31 +0200)]
Bug 36916: Do not generate invalid JS or CSS from TestBuilder

TestBuilder generates random strings for branches.opacuserjs and branches.opacusercss which produces invalid JS and CSS.

Selenium has several warnings related to this:

koha-selenium-1   | JavaScript error: http://koha:8080/cgi-bin/koha/opac-user.pl, line 1744: ReferenceError: CLYxPjQ152 is not defined
koha-selenium-1   | JavaScript error: http://koha:8080/cgi-bin/koha/opac-search.pl, line 2069: ReferenceError: CLYxPjQ152 is not defined
koha-selenium-1   | JavaScript error: http://koha:8080/cgi-bin/koha/opac-reserve.pl, line 1351: ReferenceError: CLYxPjQ152 is not defined

Because of the following in the DOM
    <script>
        CLYxPjQ152
    </script>

This patch suggests to set to an empty string by default, to prevent random failure or inconsistent behaviours when testing the UI.

Test plan:
Run t/db_dependent/selenium/authentication.t and watch the selenium
output.
With this patch applied you will not see the "JavaScript error" lines

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36589: Advanced cataloging - restore the correct height of the clipboard
Phil Ringnalda [Thu, 16 May 2024 20:54:41 +0000 (13:54 -0700)]
Bug 36589: Advanced cataloging - restore the correct height of the clipboard

A simple direct fix for the height of the advanced editor's clipboard,
which is a <select size="10"> that's currently cut down to the height of
one thick line by CSS intended for non-multiple, non-sized selects with
dropdown menus.

Test plan:
1. Set the pref EnableAdvancedCatalogingEditor to Enable
2. Cataloging -> Advanced editor
3. Note the Clipboard is a single line tall
4. Apply patch, shift+reload Advanced editor
5. Note the Clipboard is ten lines tall

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36917: (follow-up) Add FIXME for marcflavour
Nick Clemens [Wed, 22 May 2024 11:58:35 +0000 (11:58 +0000)]
Bug 36917: (follow-up) Add FIXME for marcflavour

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36917: (follow-up) Remove Elasticsearch warnings and tidy
Nick Clemens [Wed, 22 May 2024 11:52:53 +0000 (11:52 +0000)]
Bug 36917: (follow-up) Remove Elasticsearch warnings and tidy

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36917: Remove some warnings from t/db_dependent/Authority/Merge.t
Jonathan Druart [Wed, 22 May 2024 08:56:10 +0000 (10:56 +0200)]
Bug 36917: Remove some warnings from t/db_dependent/Authority/Merge.t

Cannot determine authority type for record: 1709 at /kohadevbox/koha/Koha/SearchEngine/Elasticsearch.pm line 589.
Use of uninitialized value $subfields in pattern match (m//) at /kohadevbox/koha/C4/Heading/MARC21.pm line 412.
Use of uninitialized value $subfields in pattern match (m//) at /kohadevbox/koha/C4/Heading/MARC21.pm line 448.

This change removes the 2 "Use of uninitialized value $subfields in
pattern match (m//)" warnings

The warnings are gnerated because the subfields for headings are hardcoded variables in C4::Heading::MARC21
for any genuine authority record we should receive the correct list of subfields. The tests in this case are
mocking a new authtype, and so do not find the correct subfields. Skipping the generation here silences the
warnings and will prevent user defined types from throwing errors as well.

NOTE: Koha allows the user to define their own authority types, however, we have various features hardcoded
that will prevent them from working as expected

WNC amended commit message

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36819: DBIC schema update
Katrin Fischer [Fri, 24 May 2024 13:11:32 +0000 (13:11 +0000)]
Bug 36819: DBIC schema update

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36943: (follow-up) 24.05.00 - Update .mailmap
Katrin Fischer [Thu, 23 May 2024 17:11:33 +0000 (17:11 +0000)]
Bug 36943: (follow-up) 24.05.00 - Update .mailmap

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36904: Fix batch->ill_batch
Pedro Amorim [Tue, 21 May 2024 09:13:49 +0000 (09:13 +0000)]
Bug 36904: Fix batch->ill_batch

This was missed when renaming follow-ups were added to bug 30719

1) Enable ILL, install FreeForm and checkout the current compatible branch with main
  bash <(curl -s https://raw.githubusercontent.com/ammopt/koha-ill-dev/master/start-ill-dev.sh)
  cd /kohadevbox/koha/Koha/Illbackends/FreeForm
  git checkout reorganize_ILL
2) Visit ILL module:
  http://localhost:8081/cgi-bin/koha/ill/ill-requests.pl
3) Type whatever search in the tiny 'Search' input box directly above the table
4) Notice you get an error. Apply patch. Repeat.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36618: (follow-up) Fix broken translations
Matt Blenkinsop [Thu, 23 May 2024 13:48:36 +0000 (13:48 +0000)]
Bug 36618: (follow-up) Fix broken translations

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 26176: DBRev 23.12.00.061
Katrin Fischer [Thu, 23 May 2024 15:40:47 +0000 (15:40 +0000)]
Bug 26176: DBRev 23.12.00.061

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 26176: (follow-up) Use suggested patturn in update
Martin Renvoize [Thu, 23 May 2024 12:49:16 +0000 (13:49 +0100)]
Bug 26176: (follow-up) Use suggested patturn in update

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 26176: (follow-up) Fix one more occurrence
Nick Clemens [Thu, 23 May 2024 10:41:15 +0000 (10:41 +0000)]
Bug 26176: (follow-up) Fix one more occurrence

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 26176: (QA follow-up) Also rename StaffLoginBranchBasedOnIP
Martin Renvoize [Thu, 23 May 2024 09:54:08 +0000 (10:54 +0100)]
Bug 26176: (QA follow-up) Also rename StaffLoginBranchBasedOnIP

This patch also renames StaffLoginBranchBasedOnIP to
StaffLoginLibraryBasedOnIP to be consistent with our terminology
guidelines

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 26176: (QA follow-up) Branch -> Library
Martin Renvoize [Thu, 23 May 2024 09:47:33 +0000 (10:47 +0100)]
Bug 26176: (QA follow-up) Branch -> Library

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 26176: Rename AutoLocation to StaffLoginRestrictBranchByIP
Nick Clemens [Tue, 21 May 2024 13:44:47 +0000 (13:44 +0000)]
Bug 26176: Rename AutoLocation to StaffLoginRestrictBranchByIP

This patch sets AutoLocation to be called StaffLoginRestrictBranchByIP.
The new name is chosen to reflect the new pref StaffLoginBranchBasedOnIP.

Also this patch corrects the order of sysprefs in installer file.

To test:
Follow test plans on bug 36665 and bug 35890 and confirm that the preferences
continue to work as expected
Confirm the descriptions of the prefs in the staff interface match the behaviors expected

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36908: (QA follow-up) Proposed improvement to prefernce description
Martin Renvoize [Thu, 23 May 2024 09:36:55 +0000 (10:36 +0100)]
Bug 36908: (QA follow-up) Proposed improvement to prefernce description

I found the initial addition of 'or the branch chosen at login' to the
system preference description more misleading than the original. After
discussion on mattermost and with training staff here at PTFS the best
alternative we could come up with is proposed here.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36908: Sort branches based on branchcode
Nick Clemens [Tue, 21 May 2024 12:44:25 +0000 (12:44 +0000)]
Bug 36908: Sort branches based on branchcode

This adds a sort based on branchcode, it's a fallback for an edge case that should be rare
so I think is acceptable, as long as documented.

I added test coverage, but it may no longer be possible to encounter this scenario.

System preference descriptions are updated as well.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36908: Additional unit tests to identify flaw when two branches have same IP
Nick Clemens [Tue, 21 May 2024 12:26:34 +0000 (12:26 +0000)]
Bug 36908: Additional unit tests to identify flaw when two branches have same IP

This could be considered a configuration flaw, but when:
StaffLoginBranchBasedOnIP enabled and not AutoLocation
or
AutoLocation enabledand no IP set in user's branch

AND

two branches have the same IP set

the user can be logged in randomly to one of the matching branches.

These test often pass, but will also randomly fail

Easier to verify with a one liner demonstrating current code:
perl -e 'use Koha::Libraries; use List::MoreUtils qw(uniq); my $branches = { map { $_->branchcode => $_->unblessed } Koha::Libraries->search->as_list }; my $branchcode="CPL"; warn Data::Dumper::Dumper( uniq( $branchcode, keys %$branches ));'

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36908: Expand, clarify, and tidy tests for AutoLocation
Nick Clemens [Tue, 21 May 2024 12:14:50 +0000 (12:14 +0000)]
Bug 36908: Expand, clarify, and tidy tests for AutoLocation

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36924: Remove warning "Value not allowed for auto_incr itemnumber in Item"
Jonathan Druart [Thu, 23 May 2024 06:49:39 +0000 (08:49 +0200)]
Bug 36924: Remove warning "Value not allowed for auto_incr itemnumber in Item"

We are removing entirely the badly written test.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Note: We cannot test this properly when the search index refers to biblios
and items that do not exist in the database.
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36924: Remove "I don't know what to say" warnings
Jonathan Druart [Wed, 22 May 2024 12:05:45 +0000 (14:05 +0200)]
Bug 36924: Remove "I don't know what to say" warnings

Those are a pain really

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36665: (follow-up) Default preference to enabled
Nick Clemens [Thu, 23 May 2024 15:14:51 +0000 (15:14 +0000)]
Bug 36665: (follow-up) Default preference to enabled

While this is a new preference, this was the standard behavior for a long time. I think we should
default to enabled to restore previous behavior.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36943: 24.05.00 - Update .mailmap
Martin Renvoize [Thu, 23 May 2024 10:47:05 +0000 (11:47 +0100)]
Bug 36943: 24.05.00 - Update .mailmap

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36665: (follow-up) Rephrase system preference description
Katrin Fischer [Wed, 22 May 2024 14:14:32 +0000 (14:14 +0000)]
Bug 36665: (follow-up) Rephrase system preference description

... and replace some branches with libraries.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36665: DBRev 23.12.00.060
Katrin Fischer [Wed, 22 May 2024 13:58:35 +0000 (13:58 +0000)]
Bug 36665: DBRev 23.12.00.060

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36665: (follow-up) Allow choosing a branch with no IP when using AutoLocation
Nick Clemens [Wed, 22 May 2024 13:08:43 +0000 (13:08 +0000)]
Bug 36665: (follow-up) Allow choosing a branch with no IP when using AutoLocation

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36665: (follow-up) Wrap code block in type ne 'opac' conditional
Nick Clemens [Tue, 21 May 2024 11:19:14 +0000 (11:19 +0000)]
Bug 36665: (follow-up) Wrap code block in type ne 'opac' conditional

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36665: Add option to set the staff user's logged in branch based on their current ip
Nick Clemens [Fri, 17 May 2024 11:59:21 +0000 (11:59 +0000)]
Bug 36665: Add option to set the staff user's logged in branch based on their current ip

This patch adds a new system preference StaffLoginBranchBasedOnIP which restores the behaviour before bug 35918
of using the current IP to determine the user's logged in branchcode

To test:
 1 - Get your current ip
 2 - Set that IP for a library in the administration section
 3 - Find a user account assigned to a different library that can login to staff side
 4 - Login to staff as that user, select 'My library'
 5 - You are logged in to the user's branch
 6 - Apply patch, restart all
 7 - Log out and back in, selecting 'My library'
 8 - You are logged in to the user's branch
 9 - Enable new system preference StaffLoginBranchBasedOnIP
 9 - Log out and back in, selecting a different branch, noting the new warning below the library selection
10 - You are logged in to the branch with the matching IP
11 - Log out and back in, selecting 'My library'
10 - You are logged in to the branch with the matching IP
11 - Change your logged in branch
12 - Verify the selection sticks and you can perform staff actions in the chosen branch
13 - Change the IP of the library to one that doesn't match yours
14 - Verify you can log out and log back in and that selected branch is respected when your IP doesn't match library IP

Signed-off-by: Kristi Krueger <KKRUEGER@cuyahogalibrary.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36858: Remove warnings
Jonathan Druart [Wed, 22 May 2024 07:24:06 +0000 (09:24 +0200)]
Bug 36858: Remove warnings

Argument "" isn't numeric in int

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36858: Check page parameter for virtual shelves
Marcel de Rooy [Tue, 21 May 2024 14:20:18 +0000 (14:20 +0000)]
Bug 36858: Check page parameter for virtual shelves

Test plan:
Try passing page=x now and verify different behavior (no 500).

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36899: Account for item groups
Lucas Gass [Mon, 20 May 2024 22:05:43 +0000 (22:05 +0000)]
Bug 36899: Account for item groups

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36899: (follow-up) Prevent disabling when clicking twice
Lucas Gass [Mon, 20 May 2024 16:23:24 +0000 (16:23 +0000)]
Bug 36899: (follow-up) Prevent disabling when clicking twice

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36899: Make entire fieldset clickable
Lucas Gass [Mon, 20 May 2024 15:55:11 +0000 (15:55 +0000)]
Bug 36899: Make entire fieldset clickable

To test:
1. APPLY PATCH
2. Regenerate CSS ( https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_interface )
3. Follow the test plan from bug 36864
4. Now the entire disabled fieldset should be clickable.
5. When the disabled fieldset is clicked from anywhere with it the fieldset should become enabled. The other one should then be disabled.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36914: Remove DBIC warning in shelves.pl
Jonathan Druart [Wed, 22 May 2024 07:35:55 +0000 (09:35 +0200)]
Bug 36914: Remove DBIC warning in shelves.pl

Same fix as Bug 28561: Remove DBIC warning in opac-shelves
But for staff

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 35929: Remove extra parenthesis
Jonathan Druart [Wed, 22 May 2024 07:52:04 +0000 (09:52 +0200)]
Bug 35929: Remove extra parenthesis

and make it more readable

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 35929: Don't record a change for empty fields submitted in patron form
Nick Clemens [Wed, 1 May 2024 18:19:42 +0000 (18:19 +0000)]
Bug 35929: Don't record a change for empty fields submitted in patron form

This is reminiscent of bug 36159 - when a field is submitted as empty, and null in the DB
we need to reject this as a change. I tried to copy the logic from that bug, as well as
deleting submitted changes for hidden fields (from html manipulation)

This should be tested extensively. One note: If you submit a valid change request, then submit a second with no change the second will be ignored, but the first will remain. i.e. if you change your name from 'Nick' to 'Nack' - then realize your typo you cannot submit a new request to change it back untl the initial request is cleared

To test:
1 - Play with PatronSelfModificationBorrowerUnwantedField and PatronSelfModificationMandatory field to have some fields set
2 - Add a patron attribute, or several, that are editable in the OPAC
3 - Try submitting a form with no changes, note a modification requets is submitted
4 - Approve the request
5 - Apply patch, restart all
6 - Try submitted a blank request, you are notified there were no changes
7 - Try to force an unwanted field via html modification
8 - No changes reported
9 - Confirm attributes changes are successful
10 - After a successful request, try submitting a blank request
11 - Note no changes are recorded, but the initial request is still active

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36845: Do not loop over the content attribute
Jonathan Druart [Mon, 20 May 2024 11:34:24 +0000 (13:34 +0200)]
Bug 36845: Do not loop over the content attribute

We skip it.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36845: Exclude meta tag from the translations
Jonathan Druart [Tue, 14 May 2024 07:29:02 +0000 (09:29 +0200)]
Bug 36845: Exclude meta tag from the translations

This bug originaly wants to get rid of "noindex" coming from this meta
tag:
  <meta name="robots" content="noindex">

But actually we have other strings from the meta tags that should not be
translated.

Test plan:
0. Do not apply this patch
1. cd misc/translator/po && gulp po:update --lang es-ES (or any other
   lang)
2. git commit -a -m"wip"
3. Apply this patch
4. Repeat 1 and git diff to show the diff
Notice that strings that should not be translated are removed from the
po files (actually commented)

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36819: DBRev 23.12.00.059
Katrin Fischer [Wed, 22 May 2024 13:44:03 +0000 (13:44 +0000)]
Bug 36819: DBRev 23.12.00.059

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36819: (QA follow-up) Improve update output
Martin Renvoize [Tue, 21 May 2024 15:17:36 +0000 (16:17 +0100)]
Bug 36819: (QA follow-up) Improve update output

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36819: (follow-up) Updatedatabase to correct wrong value
Caroline Cyr La Rose [Tue, 21 May 2024 13:37:38 +0000 (09:37 -0400)]
Bug 36819: (follow-up) Updatedatabase to correct wrong value

This patch adds an update to correct the value of scale_width to
0.800000 IF it is 0.080000. It should not change the value if it
is anything else than 0.080000.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36883: Fix club enrollment in the OPAC
Jonathan Druart [Fri, 17 May 2024 07:17:04 +0000 (09:17 +0200)]
Bug 36883: Fix club enrollment in the OPAC

The CSRF tokens were missing in the POST requests.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36892: Fix label for 'is_standing' input
Thibaud Guillot [Fri, 17 May 2024 09:13:21 +0000 (11:13 +0200)]
Bug 36892: Fix label for 'is_standing' input

Test plan:

1) Go to acqui/histsearch.pl and look for "search_children_too" with
   dev tools console.
2) On 'is_standing' input, the same label is used
3) Apply this patch and reload it
4) Now it's correct

Sponsored by: BibLibre

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36856: Fix MARC subfield name in new order from existing bibliographic record
Fridolin Somers [Tue, 14 May 2024 09:41:57 +0000 (11:41 +0200)]
Bug 36856: Fix MARC subfield name in new order from existing bibliographic record

In form of the bibliographic details when adding an order 'From an existing record' in a basket, the marc subfield name is not shown.
The template calls [% field.lib | html %] but this comes from Koha::UI::Form::Builder::Biblio generate_subfield_form() which gives 'marc_lib'.

Test plan:
1) Be sure to have an ACQ biblio framework
2) Enable system preference UseACQFrameworkForBiblioRecords
3) Go to an acquisition basket
4) Add a term in 'From an existing record' and submit
5) On first result click on 'Add order'
6) Look at 'Catalog details'
=> Without patch you only see subfield tag and letter : (123a)
=> With patch you also see subfield name : Name (123a)

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36528: Correct JS assets included in self checkout slip template
Owen Leonard [Fri, 5 Apr 2024 16:05:56 +0000 (16:05 +0000)]
Bug 36528: Correct JS assets included in self checkout slip template

The self checkout's slip print template includes some assets which it
doesn't need (enquire.js) and lacks other that it does (i18n-related
files). This patch correct the problem.

The patch also wraps some code in global.js with a check that the
relevant library has been loaded so that we don't get errors when the
asset isn't included.

To test, apply the patch and clear your browser cache.

- With WebBasedSelfCheck enabled, log in to the self checkout module and
  check some items out.
- Click "Finish" and then "Print receipt..."
- Check the browser console on the receipt page. There should be no
  errors.
- Log in to the OPAC and click the "Messaging" tab on the patron summary
  page.
- Test that the "Digests only" table heading icon shows a tooltip.
- Test that enquire.js is still loading correctly by performing a
  catalog search and narrowing your browser. When the window is narrow
  enough, the facets sidebar should collapse into a "Refine your search"
  button.

Note that the "js_in_body" qa warning is a false positive.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36834: (Bug 29697 follow-up) Koha explodes when trying to open in Labeled MARC...
Janusz Kaczmarek [Sat, 11 May 2024 08:41:04 +0000 (08:41 +0000)]
Bug 36834: (Bug 29697 follow-up) Koha explodes when trying to open in Labeled MARC view a bibliographic record with an invalid biblionumber

After changes made in catalogue/labeledMARCdetail.pl with the bug 29697
when trying to open the Labeled MARC view with
biblionumber=<invalid_number> (e.g. a deleted biblionumber) Koha explodes
with a message << Can't call method "metadata" on an undefined value at
/kohadevbox/koha/catalogue/labeledMARCdetail.pl line 59 >>

Test plan:
==========
1. Activate the viewLabeledMARC syspref.
2. Try to open a biblio record in Labeled MARC view, giving as a biblionumber
   (in URL) a non-existing biblionumber, e.g. in ktd, with standard ktd
   test data:
   http://your_ktd:8081/cgi-bin/koha/catalogue/labeledMARCdetail.pl?biblionumber=1234567
   Koha should explode with the message:
   Can't call method "metadata" on an undefined value at
   /kohadevbox/koha/catalogue/labeledMARCdetail.pl line 59
3. Apply the patch; restart_all.
4. Repeat p. 2.  You should get a regular page with the info "The record you
   requested does not exist (1234567)".

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36060: (follow-up) Remember selections when refreshing the table
Lucas Gass [Tue, 14 May 2024 18:18:05 +0000 (18:18 +0000)]
Bug 36060: (follow-up) Remember selections when refreshing the table

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36060: Simplify logic to enable/disable CheckinChecked/RenewChecked buttons
Lucas Gass [Fri, 9 Feb 2024 18:14:50 +0000 (18:14 +0000)]
Bug 36060: Simplify logic to enable/disable CheckinChecked/RenewChecked buttons

This patch attempts to simplify for disabling/enabling the 'Check in selected items' and 'Renewal selected items' buttons.

To test:
1. APPLY patch, clear browser's cache
2. Have more than 1 checkout issued to a borrower.
3. Load the checkout table on circ/circulation.pl
4. Notice that there is now 'Renew selected items' and 'Checkin
   selected items' button.
5. Play around with each making sure that they work as excepted when
   checkouts are checked in either the 'Check in' or 'Renew' columns.
6. Uncheck everything in the 'Renew column', the 'Renew selected items'
   button should be disabled.
7. Uncheck everything in the 'Checkin column', the 'Checkin selected
   items' button should be disabled.
8. Try unchecking some of these to make sure the Renew/Checkin button is
   properly disabled when no related checkboxes are checked.
9. Try using the select all/none options at the top of both the 'Renew'
   and 'Checkin' columns. Make sure the 'Renew selected items' and
   'Checkin selected items' become properly disabled/enabled.
10. Make sure the 'Renew all' button still works properly.

11. Have two checkouts. Click one for Renew and one for Checkin. Click on Check in selected items.
12. When the table reloads the 'renew' selections should be retained
13. Have two checkouts. Click one for Renew and one for Checkin. Click on Renew selected items.
14. When the table reloads the 'check in' selections should be retained

15. Have overdues
16. Go to a patron account and load the issue table
17. The items that are overdue are checked for renewal by default
16. The 'Renew selected items' button show be enabled.

Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 28869: (RM follow-up) Add missing field in api definition
Martin Renvoize [Fri, 17 May 2024 13:39:05 +0000 (14:39 +0100)]
Bug 28869: (RM follow-up) Add missing field in api definition

We missed adding the new field to the api definition for
authorised_value_category.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
5 months agoBug 36872: Untranslatable strings in request.tt
Owen Leonard [Thu, 16 May 2024 12:52:04 +0000 (12:52 +0000)]
Bug 36872: Untranslatable strings in request.tt

There are errors in the JavaScript in the holds template in the staff
client which results in strings not being translatable. This patch
corrects the errors.

To test, apply the patch and run through the process of placing a hold
on multiple items in the staff interface.

- At the hold confirmation step, try to submit the form without
  selecting pickup locations for one or more titles.
- You should get an alert, "Please make sure all selected titles have a
  pickup location set".
- Uncheck the checkboxes next to each title you're placing a hold on.
- Submit the form. You should get an error: "Please select at least one
  title".

- Test the translation process with a language, e.g. fr-FR:
- In KTD, run: gulp po:update --lang fr-FR
- Check fr-FR-staff-prog.po for the line referring to
  koha-tmpl/intranet-tmpl/prog/en/modules/reserve/request.tt:1499
- You should see the string "Please make sure all selected titles have a
  pickup location set".

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36739: Correct CSRF change to budget deletions
Owen Leonard [Wed, 1 May 2024 11:04:41 +0000 (11:04 +0000)]
Bug 36739: Correct CSRF change to budget deletions

This is another instance of the deletion confirmation step getting
mistakenly auto-updated as if it were the deletion step. The
'delete_confirm' doesn't need the 'cud-' prefix, only the
'delete_confirmed' step.

To test, apply the patch and restart services.

- Test the process of deleting a budget.
- On the confirmation step you should see the name of the budget you're
  about to delete.
- After confirming, the deletion should complete correctly.

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36876: Correct <span>s around translatable strings in table settings
Owen Leonard [Thu, 16 May 2024 12:03:11 +0000 (12:03 +0000)]
Bug 36876: Correct <span>s around translatable strings in table settings

This patch corrects the way translatable strings are handled in the
table settings template. The switch to Bootstrap WRAPPERs for the
accordion widget included several errors.

To test, apply the patch and go to Administration -> Table settings.

- Confirm that the sections expand and collapse correctly.
- Test the translation process with a language, e.g. fr-FR:
  - In KTD, run: gulp po:update --lang fr-FR
  - Check fr-FR-staff-prog.po for the line referring to
    koha-tmpl/intranet-tmpl/prog/en/modules/admin/columns_settings.tt:298
  - It should show the whole string "Interlibrary loans"

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36877: (follow-up) Fix op eq edit to op eq edit_form in edit-batch.pl
Jan Kissig [Thu, 16 May 2024 12:37:16 +0000 (14:37 +0200)]
Bug 36877: (follow-up) Fix op eq edit to op eq edit_form in edit-batch.pl

    Additionally removes fixme comments

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36877: Fix Patron card creator errors on editing layout, profile or template
Jan Kissig [Thu, 16 May 2024 09:23:31 +0000 (11:23 +0200)]
Bug 36877: Fix Patron card creator errors on editing layout, profile or template

This patch fixes the unexpected behaviour when clicking on edit layout,
edit profile or edit template in Patron card creator tool.

Test plans:

1.  edit layout:

  a) go to http://localhost:8081/cgi-bin/koha/patroncards/manage.pl?card_element=layout
  b) click on edit 'Test Layout'
  c) WARNING: An unsupported operation was attempted on layout 20.
     Please have your system administrator check the error log for
     details.

apply patch
  a) go to http://localhost:8081/cgi-bin/koha/patroncards/manage.pl?card_element=layout
  b) click on edit 'Test Layout'
  c) Edit patron card layout form 20 shows up

2. edit template and profile:

  a) go to http://localhost:8081/cgi-bin/koha/patroncards/manage.pl?card_element=template or
     http://localhost:8081/cgi-bin/koha/patroncards/manage.pl?card_element=profile
  b) click edit on an item in the table
  c) notice that the forms are empty

apply patch and redo steps a) and b) to load the edit form

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 33237: (QA follow-up) Remove hardcoded kohadevbox path
Marcel de Rooy [Fri, 17 May 2024 06:33:25 +0000 (06:33 +0000)]
Bug 33237: (QA follow-up) Remove hardcoded kohadevbox path

Test plan:
Run Letters.t (outside kohadevbox :)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36529: manage_additional_fields permission for more than acquisitions and serials
Caroline Cyr La Rose [Fri, 12 Apr 2024 09:53:25 +0000 (05:53 -0400)]
Bug 36529: manage_additional_fields permission for more than acquisitions and serials

This patch renames the manage_additional_fields permission to remove
the specificity of acquisitions orders and serial subscriptions.
Since each additional field requires a corresponding permission, I
wrote each of them next to it. It makes it very long, but right now
there isn't really a way to link permissions other than the permission
description.

To test:
1. Apply patch
2. Go to a patron account
3. Click More > Set permissions
4. Go to the Administration panel permissions and open the
   sub-permissions
5. Check that the manage_additional_fields permission description
   makes sense, check grammar and spelling, try the various
   combinations

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36096: Add ability to set default sort and length to waitingreserves tables
Lucas Gass [Wed, 14 Feb 2024 16:55:33 +0000 (16:55 +0000)]
Bug 36096: Add ability to set default sort and length to waitingreserves tables

To test:
1. APPLY patch and restart services.
2. Have waiting holds, waiting holds past the expiration date, and
   waiting holds with cancellation requests.
3. Go to Administration -> Table settings and find each of the tables. (
   holdscr | holdso | holdst )
4. Each table should now include a 'Default display length:' and
   'Default sort order:'
5. Play with those Table settings, ensuring they behave correctly.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36610: Some improvements to OPAC print CSS
Owen Leonard [Wed, 17 Apr 2024 12:55:04 +0000 (12:55 +0000)]
Bug 36610: Some improvements to OPAC print CSS

This patch makes a few CSS and markup changes to improve the print view.

The markup changes use Bootstrap's ".d-print-none" class to hide
specific elements without creating an ID or class specifically for those
elements.

To test, apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client)

- Log in to the OPAC
- Test the following user pages by viewing the print preview:
  - Summary
  - Holds history
  - Messaging
  - Lists
  - Suggestions
- The "Personal details" tab hasn't been improved for printing but it's
  a good page to view to confirm that the "Back to top" arrow is now
  hidden in the print view.

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 35285: (QA follow-up) Tidy
Nick Clemens [Tue, 14 May 2024 18:02:49 +0000 (18:02 +0000)]
Bug 35285: (QA follow-up) Tidy

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 35285: Unit tests
Martin Renvoize [Mon, 13 Nov 2023 16:46:17 +0000 (16:46 +0000)]
Bug 35285: Unit tests

This patch adds unit tests for the new 'is_html' function introduced in
Koha::Notice::Message and update the tests to include the new plaintext
handling of html_content.

Signed-off-by: David Nind <david@davidnind.com>
test

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 35285: Remove switch in notices.tt
Martin Renvoize [Wed, 8 Nov 2023 10:43:09 +0000 (10:43 +0000)]
Bug 35285: Remove switch in notices.tt

We now wrap appropriately for non-html formatted messages as
part of the html_content method. This means we can remove the
case from members/notices.tt and rely on html_content doing
the right thing for notice previews.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 35285: Add non-html template support to html_content wrapping
Martin Renvoize [Wed, 8 Nov 2023 09:59:30 +0000 (09:59 +0000)]
Bug 35285: Add non-html template support to html_content wrapping

This patch adds support for messages generated using non-html formatted
notice templates to the html_content method of Koha::Notice::Message.

We continue to wrap content for html generated messages with the
appropriate headers, css and title.

For non-html generated content we wrap in the <div style="white-space:
pre-wrap"> block to maintain text formatting as defined in the original
plaintext template.

Test
Follow the test plan for bug 30287, nothing should outwardly change.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 24424: Advanced editor - interface hangs as "Loading" when given an invalid bib...
Janusz Kaczmarek [Tue, 14 May 2024 11:08:19 +0000 (11:08 +0000)]
Bug 24424: Advanced editor - interface hangs as "Loading" when given an invalid bib number

The Advanced Editor hangs with "Loading, please wait" message when given an
invalid bib number, e.g. /cgi-bin/koha/cataloguing/editor.pl#catalog/55555

This is because in the bug 16424, when changes had been made to
koha-tmpl/intranet-tmpl/lib/koha/cateditor/koha-backend.js
(Bug 16424: Add framework support to advanced MARC editor),
the .fail callback method of the outer .get (in the KohaBackend.GetRecord
function called from cateditor-ui.inc) had been (perhaps by mistake?) removed.
So, in case of failure, the situation is not handled properly.

The proposal is to restore the outer .fail.  As a result, the
openRecord( 'new/', editor, finishCb ); will be called (a standard way
of resolving failed openRecord action (cf. the bottom of cateditor-ui.inc).

Test plan:
==========
0. Be sure your browser does not cache JavaScript for this test.
1. Enable EnableAdvancedCatalogingEditor in the system preferences.
2. Try to open in the advanced editor an unexisting record, e.g.
   http://your_ktd:8081/cgi-bin/koha/cataloguing/editor.pl#catalog/55555
   Koha should hang with a message "Loading, please wait".
3. Apply the patch, restart_all.
4. In a new browser window, repeat p. 2 (remember not to cache JS).
5. The editor should open with a new empty record.

Sponsored-by: Ignatianum University in Cracow
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36785: Typo unreconized and bilbio in tags code
Marcel de Rooy [Mon, 6 May 2024 09:12:36 +0000 (09:12 +0000)]
Bug 36785: Typo unreconized and bilbio in tags code

Test plan:
Look at the patch.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36785: Do not pass biblionumber to get_approval_rows
Marcel de Rooy [Mon, 6 May 2024 09:04:26 +0000 (09:04 +0000)]
Bug 36785: Do not pass biblionumber to get_approval_rows

Resolve:
[WARN] get_approval_rows received unreconized argument key 'biblionumber'. at /usr/share/koha/opac/opac-tags.pl line 336.

Test plan:
Visit opac-tags.pl?biblionumber=SOME_NUMBER
With this patch, you should no longer find a warning in the logs.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36793: Fix case of $var in Context->delete_preference
Marcel de Rooy [Mon, 6 May 2024 12:28:45 +0000 (12:28 +0000)]
Bug 36793: Fix case of $var in Context->delete_preference

This only applies to 'local' preferences.

Test plan (first without this patch):
Add a local pref. Delete it. Ask value on commandline with:
* perl -MC4::Context -e"print C4::Context->preference('YOUR_PREF')"
* Did you replace YOUR_PREF :)

Now repeat with this patch. And verify fix (no value now).

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36793: Unit test
Marcel de Rooy [Mon, 6 May 2024 12:28:45 +0000 (12:28 +0000)]
Bug 36793: Unit test

This only applies to 'local' preferences.

Test plan:
Run sysprefs.t with/without second patch.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36619: Restore 'Columns' visibility on the patron search when placing a hold
Jonathan Druart [Wed, 17 Apr 2024 10:18:11 +0000 (12:18 +0200)]
Bug 36619: Restore 'Columns' visibility on the patron search when placing a hold

Test plan:
Go to /cgi-bin/koha/reserve/request.pl?biblionumber=117
Search for "d"
Notice that with this patch applied the "Columns" button is back and
that the "Configure" is working correctly

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36864: Add a font awesome icon to indicate enabled
Lucas Gass [Tue, 14 May 2024 21:47:14 +0000 (21:47 +0000)]
Bug 36864: Add a font awesome icon to indicate enabled

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36864: Add classes/CSS/fix markup on request.tt
Lucas Gass [Tue, 14 May 2024 21:06:52 +0000 (21:06 +0000)]
Bug 36864: Add classes/CSS/fix markup on request.tt

To test:
1. APPLY PATCH
2. Regenerate CSS ( https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_interface )
3. Place a hold
4. On reserve/request.pl the 'Hold a specific item' fieldset should be
   disabled by default.
5. While disabled try clicking on the Allowed pickup locations
   dropdowns, you should not be able to.
6. In the 'Hold next available item', while enabled, you should be able
   to interact with the dropdowns.
7. Use the radio buttons to enable the 'Hold a specific item' fieldset.
   You should now be able to interact with the dropdowns.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 35961: (follow-up) Pass along the borrowernumber
Lucas Gass [Mon, 13 May 2024 22:15:02 +0000 (22:15 +0000)]
Bug 35961: (follow-up) Pass along the borrowernumber

To test:
1. APPLY PATCH
2. Turn on  OpacCatalogConcerns
3. Find a record and go to the OPAC detail page.
4. Click "Report a concern" in the right navigation menu
5. Make sure it works
6. Repeat the proces from MARC view and ISBD view pages

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 35961: Add missing includes
Martin Renvoize [Mon, 13 May 2024 13:43:53 +0000 (14:43 +0100)]
Bug 35961: Add missing includes

This patch adds the missing includes for the 'Catalog concerns' modal on
opac-MARCdetail and opac-ISBDdetail views.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36620: (QA follow-up) Tidy controller
Martin Renvoize [Wed, 15 May 2024 08:44:01 +0000 (09:44 +0100)]
Bug 36620: (QA follow-up) Tidy controller

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>