git.koha-community.org Git

Bug 36872: Untranslatable strings in request.tt

There are errors in the JavaScript in the holds template in the staff
client which results in strings not being translatable. This patch
corrects the errors.

To test, apply the patch and run through the process of placing a hold
on multiple items in the staff interface.

- At the hold confirmation step, try to submit the form without
  selecting pickup locations for one or more titles.
- You should get an alert, "Please make sure all selected titles have a
  pickup location set".
- Uncheck the checkboxes next to each title you're placing a hold on.
- Submit the form. You should get an error: "Please select at least one
  title".

- Test the translation process with a language, e.g. fr-FR:
- In KTD, run: gulp po:update --lang fr-FR
- Check fr-FR-staff-prog.po for the line referring to
  koha-tmpl/intranet-tmpl/prog/en/modules/reserve/request.tt:1499
- You should see the string "Please make sure all selected titles have a
  pickup location set".

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36739: Correct CSRF change to budget deletions

This is another instance of the deletion confirmation step getting
mistakenly auto-updated as if it were the deletion step. The
'delete_confirm' doesn't need the 'cud-' prefix, only the
'delete_confirmed' step.

To test, apply the patch and restart services.

- Test the process of deleting a budget.
- On the confirmation step you should see the name of the budget you're
about to delete.
- After confirming, the deletion should complete correctly.

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36876: Correct <span>s around translatable strings in table settings

This patch corrects the way translatable strings are handled in the
table settings template. The switch to Bootstrap WRAPPERs for the
accordion widget included several errors.

To test, apply the patch and go to Administration -> Table settings.

- Confirm that the sections expand and collapse correctly.
- Test the translation process with a language, e.g. fr-FR:
  - In KTD, run: gulp po:update --lang fr-FR
  - Check fr-FR-staff-prog.po for the line referring to
    koha-tmpl/intranet-tmpl/prog/en/modules/admin/columns_settings.tt:298
  - It should show the whole string "Interlibrary loans"

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36877: (follow-up) Fix op eq edit to op eq edit_form in edit-batch.pl

Additionally removes fixme comments

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36877: Fix Patron card creator errors on editing layout, profile or template

This patch fixes the unexpected behaviour when clicking on edit layout,
edit profile or edit template in Patron card creator tool.

Test plans:

1.  edit layout:

  a) go to http://localhost:8081/cgi-bin/koha/patroncards/manage.pl?card_element=layout
  b) click on edit 'Test Layout'
  c) WARNING: An unsupported operation was attempted on layout 20.
     Please have your system administrator check the error log for
     details.

apply patch
  a) go to http://localhost:8081/cgi-bin/koha/patroncards/manage.pl?card_element=layout
  b) click on edit 'Test Layout'
  c) Edit patron card layout form 20 shows up

2. edit template and profile:

  a) go to http://localhost:8081/cgi-bin/koha/patroncards/manage.pl?card_element=template or
     http://localhost:8081/cgi-bin/koha/patroncards/manage.pl?card_element=profile
  b) click edit on an item in the table
  c) notice that the forms are empty

apply patch and redo steps a) and b) to load the edit form

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 33237: (QA follow-up) Remove hardcoded kohadevbox path

Test plan:
Run Letters.t (outside kohadevbox :)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36529: manage_additional_fields permission for more than acquisitions and serials

This patch renames the manage_additional_fields permission to remove
the specificity of acquisitions orders and serial subscriptions.
Since each additional field requires a corresponding permission, I
wrote each of them next to it. It makes it very long, but right now
there isn't really a way to link permissions other than the permission
description.

To test:
1. Apply patch
2. Go to a patron account
3. Click More > Set permissions
4. Go to the Administration panel permissions and open the
   sub-permissions
5. Check that the manage_additional_fields permission description
   makes sense, check grammar and spelling, try the various
   combinations

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36096: Add ability to set default sort and length to waitingreserves tables

To test:
1. APPLY patch and restart services.
2. Have waiting holds, waiting holds past the expiration date, and
   waiting holds with cancellation requests.
3. Go to Administration -> Table settings and find each of the tables. (
   holdscr | holdso | holdst )
4. Each table should now include a 'Default display length:' and
   'Default sort order:'
5. Play with those Table settings, ensuring they behave correctly.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36610: Some improvements to OPAC print CSS

This patch makes a few CSS and markup changes to improve the print view.

The markup changes use Bootstrap's ".d-print-none" class to hide
specific elements without creating an ID or class specifically for those
elements.

To test, apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client)

- Log in to the OPAC
- Test the following user pages by viewing the print preview:
  - Summary
  - Holds history
  - Messaging
  - Lists
  - Suggestions
- The "Personal details" tab hasn't been improved for printing but it's
  a good page to view to confirm that the "Back to top" arrow is now
  hidden in the print view.

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35285: (QA follow-up) Tidy

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35285: Unit tests

This patch adds unit tests for the new 'is_html' function introduced in
Koha::Notice::Message and update the tests to include the new plaintext
handling of html_content.

Signed-off-by: David Nind <david@davidnind.com>
test

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35285: Remove switch in notices.tt

We now wrap appropriately for non-html formatted messages as
part of the html_content method. This means we can remove the
case from members/notices.tt and rely on html_content doing
the right thing for notice previews.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35285: Add non-html template support to html_content wrapping

This patch adds support for messages generated using non-html formatted
notice templates to the html_content method of Koha::Notice::Message.

We continue to wrap content for html generated messages with the
appropriate headers, css and title.

For non-html generated content we wrap in the <div style="white-space:
pre-wrap"> block to maintain text formatting as defined in the original
plaintext template.

Test
Follow the test plan for bug 30287, nothing should outwardly change.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 24424: Advanced editor - interface hangs as "Loading" when given an invalid bib number

The Advanced Editor hangs with "Loading, please wait" message when given an
invalid bib number, e.g. /cgi-bin/koha/cataloguing/editor.pl#catalog/55555

This is because in the bug 16424, when changes had been made to
koha-tmpl/intranet-tmpl/lib/koha/cateditor/koha-backend.js
(Bug 16424: Add framework support to advanced MARC editor),
the .fail callback method of the outer .get (in the KohaBackend.GetRecord
function called from cateditor-ui.inc) had been (perhaps by mistake?) removed.
So, in case of failure, the situation is not handled properly.

The proposal is to restore the outer .fail.  As a result, the
openRecord( 'new/', editor, finishCb ); will be called (a standard way
of resolving failed openRecord action (cf. the bottom of cateditor-ui.inc).

Test plan:
==========
0. Be sure your browser does not cache JavaScript for this test.
1. Enable EnableAdvancedCatalogingEditor in the system preferences.
2. Try to open in the advanced editor an unexisting record, e.g.
   http://your_ktd:8081/cgi-bin/koha/cataloguing/editor.pl#catalog/55555
   Koha should hang with a message "Loading, please wait".
3. Apply the patch, restart_all.
4. In a new browser window, repeat p. 2 (remember not to cache JS).
5. The editor should open with a new empty record.

Sponsored-by: Ignatianum University in Cracow
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36785: Typo unreconized and bilbio in tags code

Test plan:
Look at the patch.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36785: Do not pass biblionumber to get_approval_rows

Resolve:
[WARN] get_approval_rows received unreconized argument key 'biblionumber'. at /usr/share/koha/opac/opac-tags.pl line 336.

Test plan:
Visit opac-tags.pl?biblionumber=SOME_NUMBER
With this patch, you should no longer find a warning in the logs.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36793: Fix case of $var in Context->delete_preference

This only applies to 'local' preferences.

Test plan (first without this patch):
Add a local pref. Delete it. Ask value on commandline with:
* perl -MC4::Context -e"print C4::Context->preference('YOUR_PREF')"
* Did you replace YOUR_PREF :)

Now repeat with this patch. And verify fix (no value now).

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36793: Unit test

This only applies to 'local' preferences.

Test plan:
Run sysprefs.t with/without second patch.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36619: Restore 'Columns' visibility on the patron search when placing a hold

Test plan:
Go to /cgi-bin/koha/reserve/request.pl?biblionumber=117
Search for "d"
Notice that with this patch applied the "Columns" button is back and
that the "Configure" is working correctly

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36864: Add a font awesome icon to indicate enabled

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36864: Add classes/CSS/fix markup on request.tt

To test:
1. APPLY PATCH
2. Regenerate CSS ( https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_interface )
3. Place a hold
4. On reserve/request.pl the 'Hold a specific item' fieldset should be
   disabled by default.
5. While disabled try clicking on the Allowed pickup locations
   dropdowns, you should not be able to.
6. In the 'Hold next available item', while enabled, you should be able
   to interact with the dropdowns.
7. Use the radio buttons to enable the 'Hold a specific item' fieldset.
   You should now be able to interact with the dropdowns.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35961: (follow-up) Pass along the borrowernumber

To test:
1. APPLY PATCH
2. Turn on OpacCatalogConcerns
3. Find a record and go to the OPAC detail page.
4. Click "Report a concern" in the right navigation menu
5. Make sure it works
6. Repeat the proces from MARC view and ISBD view pages

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35961: Add missing includes

This patch adds the missing includes for the 'Catalog concerns' modal on
opac-MARCdetail and opac-ISBDdetail views.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36620: (QA follow-up) Tidy controller

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36620: (QA follow-up) Add missing filters

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36620: Broken order management for suggestions with quantity

Test plan
=========
Scenario A (the bug)
--------------------
1. In OPAC, create a purchase suggestion with defined quantity
   ("Copies" in staff interface).
2. Accept the suggestion.
2. Have a budget, fund, vendor etc. to use the Acquisitions module.
   Ensure that AcqCreateItem syspref is set to 'placing an order'.
3. Create a new basket and add to basket an order line from accepted
   suggestion.  Note the initial Quantity set to the quantity entered
   in suggestion.  Note increasing this number while you add items
   to the order with the 'Add item' button. Save the order, close the
   basket.
4. Start receiving shipments for this order (create invoice etc.).
   Receive items you created by 'Add item' until there is nothing more
   to receive.  Note the number of unreecived items in the order (eqal
   to the initial quantity from the suggestion) that cannot be regulary
   received (with the items table on the left).  This is the *bug*.
   [This is due to the ambiguity of $data->{quantity} in the neworderempty.pl
   -- it normally comes from the order: GetOrder, but in the case of a yet
   empty order created from a suggestion, it comes from the suggestions table:
   GetSuggestion].
5. Apply the patch, restart plack etc.
6. Repeat step 2 and 3. While adding items in order note that you start
   from quantity 0, and that the suggested quantity is shown in brackets.
7. Continue with p. 4.  You should be able to receive the order in the
   regular way (with the items created).

Scenario B (bonus)
------------------
Repeat the above with AcqCreateItem syspref is set to 'receiving the order',
or 'cataloging the record'.  These cases do not create a bug as it does
the case with 'placing an order'.  Note however, after applying the patch,
the initial quantity in the order is set to 0 and there is the bonus infomation
about the suggested number of items (from the suggestion).

Sponsored-by: Ignatianum University in Cracow
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35836: (follow-up) optimize the script when searching for guarantors

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35836: change | by , for the print

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Philip Orr <philip.orr@lmscloud.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35836: search_for_data_inconsistencies.pl - Search for loops in dependencies

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Philip Orr <philip.orr@lmscloud.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36819: Default layout data prints squished barcodes

This patch changes the default layout data for the barcode
width.

To test:
**On a fresh db**
1. Go to Cataloging > Label creator
2. Click New > Label batch
3. Enter the following barcodes in the text field (or enter your own)

39999000010114
39999000010138
39999000010152
39999000011333
39999000002331
39999000002355

4. Click Add items
5. Click Export full batch
6. Choose the following
   - Template: Avery 5160 | 1 x 2-5/8
   - Layout: Label test
7. Click Export
8. Click Download as PDF
9. Open the PDF
   --> Note the squished barcodes
10. Apply patch and reset_all
11. Redo steps 1 to 9
    --> Note the barcodes now look OK

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36414: OPAC - Skip csrf_token

Skip csrf_token field if it already exists and
is coming from a previous workflow stage form
submission, as it's already included at the
start of the form.

The test plan requires EDS credentials in order to be followed.
I'm available to help others through this test plan if required.
Otherwise, I believe the code is simple enough to understand
and follow what it's fixing without testing.

Test plan:
1) Install an ILL availabililty plugin, e.g.:
https://github.com/PTFS-Europe/koha-plugin-ill-avail-eds
3) Configure the plugin and add EDS credentials
4) Enable ILLCheckAvailability sys pref
5) Enable ILLModuleDisclaimerByType by copying the example YAML block in the sys pref description
6) Create a new ILL request of type 'Book' and add a DOI
7) You should now be on the availabililty stage, click 'Continue adding your request'
8) You should now be on the type disclaimer stage, click 'Create'
9) Notice 'Wrong CSRF token' error.
This happens because the type disclaimer stage is adding its own CSRF token in addition
to the CSRF token coming from the previous availabililty stage
10) Apply patch. Repeat. No error -> Request is created as expected.
11) Do the same test plan on both Staff UI and OPAC

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36414: Staff UI - Skip csrf_token

Skip csrf_token field if it already exists and
is coming from a previous workflow stage form
submission, as it's already included at the
start of the form.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 28869: DBIC schema update

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 28869: DBRev 23.12.00.058

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 28869: (follow-up) Switch to cud-edit_category for CSRF

No test plan.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 28869: Unit tests

Test plan:
Run t/db_dependent/AuthorisedValues.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 28869: (follow-up) Add html restriction for tinyint

Several item fields are signed tinyints, connected to
authorised value categories like NOT_LOAN etc. They only
accept -128 up to 127.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 28869: Implement authorised_value_categories.is_integer_only

Test plan:
Add category with/without integer restriction.
Test adding/editing values.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 28869: Database revision

Test plan:
Run updatedatabase.pl

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36844: (QA follow-up) Fix preselected options on set-library.pl

I found that when switching from a branch with a default register to one without, the default register for
the last branch was remaining selected (though disabled)

When opening the page if no desk was set (choose 'My library' on initial login) the branch was default to 'No desk' rather than defaulting to the first desk of the current branch

Remove a debugging line as well

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36844: (QA follow-up) fix forgotten 'for' attr change

It didn't match the <select> id.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36844: Set library, desk, and cash register menu follow-ups

This patch ties up a couple of loose ends which should have been
included in Bug 36582. The patch includes fixes for the staff interface
login page and the cash register statistics page.

To test you should have multiple libraries, desks, and cash registers
defined. You may need to enable the UseCirculationDesks and
UseCashRegisters system preferences.

- Apply the patch and log out of the staff interface.
- On the login form, test that changing your selected library correctly
  affects the desk and cash register dropdowns: Only desks and registers
  for your selected library should appear.
- Log in and confirm that your selections were submitted correctly.

- Go to Reports, and under "Statistics wizards" choose "Cash register."
- Confirm that changes to the "Transaction library" correctly change the
  available options in the "Cash register" dropdown, including the "All"
  option.

Sponsored-By: Athens County Public Libraries
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36859: Pass the op value 'cud-checkout' for the batch checkout form

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36623: (follow-up) Fix cypress test

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 36149: Add userenv middleware to app.psgi

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 36149: (follow-up) POD and tidy

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 36149: Unset userenv from middleware

The userenv (logged in user's info) are stored in
$C4::Context->context->{activeuser}, which persists in plack worker's
memory.
It's really bad in theory as we are not cleaning it before or after the
HTTP request, but only when set_userenv is called (what we are doing
commonly in C4::Auth::get_template_and_user).
If C4::Context->userenv is called before set_userenv we should get undef,
not the userenv from the previous request!
In practice this should not be a problem, but well... who really knows?

This patch suggests to have a middleware to deal with removing the
userenv at the beginning of each request (maybe it should be after, right? - FIXME).

To test:
1 - Edit /etc/koha/sites/kohadev/koha-conf.xml to set <plack_workers>1</plack_workers>
2 - Edit about.pl  and add a line after: CGI->new:
    warn Data::Dumper::Dumper( C4::Cointext->userenv() );
3 - tail -f /var/log/koha/kohadev/*.log
4 - View about.pl in staff interface, should get a "somethign's wrong" warning
5 - Reload, you get current user info
6 - Open an incognito tab, sign in as a different user and click some stuff
7 - Reload about.pl in other window
8 - You get the opac user info
9 - Apply patch
10 - Edit /etc/koha/sites/kohadev/plack.psgi and add the middleware after "RealIP":
     enable "+Koha::Middleware::UserEnv";
11 - Restart all
12 - Reload about.pl - you get a "Something's wrong" warning
13 - Click things in opac on incognito window
14 - Reload about.pl  - only "Something's wrong" - you no longer see any user info

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 19613: Use the 'note' profile

WNC amended patch: tidied

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 19613: Scrub borrowers fields: borrowernotes opacnote

To prevent XSS

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 36532: Protect opac-dismiss-message.pl from malicious usages

Really bad design, NEVER retrieve the logged in user from the CGI
param!

See comment 1 for more info

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 36382: (QA follow-up) Don't escape quotes in escapeHtml

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 36382: XSS in showLastPatron dropdown

1) Set borrower surname to:
<script>alert("here comes trouble");</script>
2) Save, nothing happens
3) Enable showLastPatron
4) Reload patron
5) Note the alert popup
6) Apply this patch
7) Reload patron
8) No alert!

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>

Bug 36772: OPAC Self checkout accepts wrong or partial barcodes

    When using the opac trusted checkout feature it is possible to enter non existant or partial barcodes to check out items.

    Testplan:
    a) set  System preference OpacTrustedCheckout  to Allow
    b) go to http://localhost:8080/ and login with koha / koha
    c) click Self Checkout in navigation bar
    d) enter barcode 1234
    e) result: Item '39999000011234' was checked out

    apply patch and reload the page

    a) now enter barcode 1234
    b) result: Item '1234' not found
    c) enter 39999000011234
    d) result: Item '39999000011234' was checked out

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36825: Hide "Protected" field via BorrowerUnwantedField syspref

Setting field "Protected" as hidden in patron entry/modification
form via BorrowerUnwantedField syspref doesn't work. Form is
missing condition "UNLESS noprotected".

To test:
1. From BorrowerUnwantedField, check field "Protected" as hidden.
2. Either attempt to create a new patron or modify existing one.
=> Note that "Protected" is still displayed in the form.
3. Apply this patch.
4. Navigate back to create/modify patron form.
=> Note that "Protected" is no longer displayed.
5. Uncheck field "Protected" from BorrowerUnwantedField.
=> Field should now be displayed in create/modify form.

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36837: (follow-up) UNIMARC case

I checked the UNIMARC authResults counterpart file. And it only
contained a single case of generated elements like the previous patch.

To test:
1. On latest main
   $ ktd --shell
  k$ cd misc/translator/po
  k$ git fetch
  k$ git reset --hard origin/main
  k$ cd /kohadevbox/koha
  k$ gulp po:update --lang es-ES
  k$ cd misc/translator/po
  k$ git add -u ; git commit -mWIP --no-verify
2. Apply this patches
3. Run:
  k$ cd /kohadevbox/koha
  k$ gulp po:update --lang es-ES
  k$ cd misc/translator/po
  k$ git diff
=> SUCCESS: Notice CSS class names are not translated anymore

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36837: Simplify XSLT and aid translatability

This patch makes the XSLT contain HTML tags instead of building them
from scratch with static attribute values. This made it awkward for
translators as CSS classes ended up being extracted for translation
purposes. Plus, there's no need to spend CPU cycles on static content
generation.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 33099: Add missing MARC21 Match authority mappings so "Search all headings" search works

The main entry form of corporate names (110), uniform titles (130), topical
terms (150), geographical names (151), and genre/form (155) are not indexed
with 'Match' search field in Elasticsearch standard mapping.  As a result,
the respective records are not present on the result list when performing
an 'All headings' search for the authority records with the main heading form
(MARC 21).

Test plan
=========
0. Have a test installation with Elasticsearch.
1. In Authorities, make an 'All headings' search for a main entry
   form from the corporate names, uniform titles, topical terms,
   geographical names, or genre/form
   --> e.g., in ktd: UK Archiving.  You will get no results.
2. Apply the patch, reindex with:
   sudo koha-elasticsearch --rebuild -r -a kohadev
3. Repeat the test. You should see 'UK Archiving' on the result list.

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36378: Cannot stay logged in if AutoLocation is enabled but branch ip is not set correctly

We can get into a scenario what a user cannot stay logged in for more than a single page load.
If AutoLocation is enabled with branch IP addresses being set to a space, you will be logged out with every page load.

Test Plan:
1) Set your branch ip to a space
2) Enable AutoLocation
3) Restart all the things!
4) Log out
5) Log in
6) Browse to another page
7) You are logged out
8) Apply patch
9) Repeat 1-6
10) You are not logged out!

Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36708: Fix column index for processing No automatic renewal after

To test:
1- Find or create a circulation rule with a 'Holds allowed (total)' limit of 3 (or another number) and no value in 'No automatic renewal after (hard limit)'
2- Select to edit the rule, and note that 'No automatic renewal after (hard limit)' box in the editing line is now populated with a date
3- Note also that 'Holds allowed (total)' is empty in your editing line
4- If you save your edits without clearing the new 'No automatic renewal after (hard limit)' date, it will save as part of the rule. Also, 'Holds allowed (total)' will save as Unlimited unless you re-add your numerical value.
5- APPLY PATCH
6- Try again, the values should save corrected and not erroneously fill the No automatic renewal after (hard limit) column.

Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35862: Fix patron_search_form selection

We were no longer getting a match here and so ended up with 2 forms on
the budget page (where we have two modals for patron: owner and users).

Caught be selenium tests patrons_search.t :
Error while executing command: element not interactable: Element <a class="patron_name patron_preview" href="/cgi-bin/koha/circ/circulation.pl?borrowernumber=511"> could not be scrolled into view

It fixes the following UI issues:
When you open a modal, start a search, close the modal
open the other modal search: the results from the other modal were shown

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35862: Remove dup aside node

The aside element is now a parent of the form block, in
patron-search.inc (BLOCK patron_search_filters).

On members/members-home.pl there were 2 nested aside

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35362: Adjust other "Close window" clicks

Previous patch "Bug 35362: (follow-up) Fix guaruntor preview modal close in test"
didn't adjust the other occurrences.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36018: Prevent random failure from api/v1/acquisitions_orders.t

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 34788: (follow-up) Fix unit tests

prove t/db_dependent/Koha/BackgroundJob/ImportKBARTFile.t

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 30047: (follow-up) Fix failing tests

This patch updates the test files to correctly create authorities and/or correctly
mock the needed data for authorities.

the tests in t/db_dependent/Authority/Merge.t cover the case of 'Default' authorities
which don't have valid headings - so I had to add handling for blanking the heading field
when Default type is used.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36838: Add CSRF token to tags review AJAX requests

The JavaScript for approving or rejecting tags in the staff interface's
tag review interface lacked a CSRF token for the POSTed requests. This
patch adds the token for "approve" and "reject" operations.

To test, apply the patch and clear your browser cache if necessary.

- If necessary, enable tags in system preferences.
- Log in to the OPAC and submit multiple tags on various records.
- In the staff interface, go to Tools -> Tags.
- Test the process of approving and rejecting tags by clicking the
buttons in each row of the table of tags.
- The browser console should show no errors, and the lists of approved
and rejected tags should correctly show the tags you moderated.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: Adjust sysprefs.sql

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36723: Add musical presentation to Elasticsearch index mappings

Testing plan:

1. Start up KTD with Elasticsearch: ktd --es8 up
2. Apply the patch and restart everything (restart_all).
3. Reset the mappings: Administration > Catalog > Search engine configuration (Elasticsearch) > Reset mappings (at the bottom of the page)
4. Reindex: koha-elasticsearch --rebuild -d -b -a kohadev
5. Alternative to steps 3 and 4: reset_all
6. Update the visibility for 254$a in the default framework so that it is visible in the Editor (OPAC, Staff interface should already be selected).
7. Add a new record using the default framework and put a term in 254$a, such as 'Full score'.

Sponsored-by: Education Services Australia SCIS
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36472: Add search box at the top of the authorities editor page

This patch adds the authority search header include to the authorities
editor page.

To test, apply the patch and go to Authorities -> New authority.

There should now be a set of authority search forms at the top of the
page.

Signed-off-by: Michelle Spinney <mspinney@clamsnet.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 34823: Do not show Item group dropdown if there are no item groups

To test:
1. Enable EnableItemGroups and EnableItemGroupHolds
2. Go to the OPAC and log in as a patron
3. Go to any record that doesn't have grouped items and try to place a hold
4. Click on "Show more options"
5. See "Request specific item group:" and dropdown
6. APPLY PATCH
7. Try again, this time if the record has no item groups you should not see the dropdown at all.

Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36440: (QA follow-up) Update op parameter

Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36440: Add edit buttons for patron flags in attention box

Add edit buttons for patron flags in attention box and show
flag status in detail view

To test:
1) Go to patron details for a patron with address in
   doubt and card lost flags set and verify these are
   highlighted under "Library use" and the patron messages
   has edit buttons that links to the modfiy patron page.

Sponsored-by: Gothenburg University
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 26654: Added item number column to item search

Test plan:
1. Apply patch
2. Do an item search and notice the column containing the item number

Signed-off-by: Michelle Spinney <mspinney@clamsnet.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: (follow-up) Add CSS class to list items

This will allow to hide some of the entries by their source from $2.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: DBRev 23.12.00.057

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: Remove margin bottom for paragraph

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: Hide entry if empty

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: (follow-up) Update system preference description and heading

This follow-up:
1. Updates the OPACAuthorIdentifiersAndInformation system preference
   description.
2. Changes the OPAC heading used on the bibliographic record and
   authority record detail pages from "Author identifiers/information"
   to "Author information". Identfiers are a subset of author information
   and having just "Author information" is sufficient. In addition,
   the authority record doesn't have to include identifiers.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: Fix display of selected values

The values were correctly inserted but the display was not sorting
correctly

Signed-off-by: Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: Allow to sort info

With this patch the different info can be ordered when editing the
syspref

Sponsored-by: Orex Digital
Signed-off-by: Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: OPACAuthorIdentifiersAndInformation

This patch merge the previous patch attempt with the existing OPACAuthorIdentifiers syspref.

It creates a new syspref OPACAuthorIdentifiersAndInformation and remove
OPACAuthorIdentifiers.
"identifiers" become an entry of the new syspref.

Test plan:
Select some entries in OPACAuthorIdentifiersAndInformation
Edit an authority record and enter data in the corresponding subfield
(the list is on the syspref entry)
Go to the biblio detail page or the authority detail page at the OPAC
and notice that the info you selected are correctly displayed.

Sponsored-by: Orex Digital
Signed-off-by: Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 29948: Display authors information along with the identifiers

Sponsored-by: Orex Digital
Signed-off-by: Signed-off-by: Hugo Agud <hagud@orex.es>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36827: Fix tab formatting

This patch removes unwanted whitespace between the tabs and the tab content

Test plan:
1) Enable the ERM module and navigate to the eUsage > Reports sections
2) Observe the whitespace between the tabs and the content
3) Apply patch and run yarn build
4) Hard refresh the page, the whitespace should be gone

Signed-off-by: Paul Derscheid <paul.derscheid@lmscloud.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36828: Remove commented out code

Test plan:
1) Look at the patch diff and observe that the commented out code has been removed

Signed-off-by: Paul Derscheid <paul.derscheid@lmscloud.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36370: Add ContentWarningField to UNIMARC XSLT

Bug 31123 added new feature with preference ContentWarningField.
Add this behavior to UNMARC XSLT files.

This patch adds new template 'tag_content_warning' in UNIMARCslimUtils.xsl
called in results and details pages.

New field is placed after 3xx.

Test plan (in both interfaces OPAC and staff):
1) Create a new field 599 in framework
2) Set system preference ContentWarningField to 599
3) Edit a record to add a 599 with text in $a$b and an URL in $u
4) Perform a search to find this record
=> Check you see content_warning: <a href="$u">$a</a> $b
5) Click on details page
=> Check you see content_warning: <a href="$u">$a</a> $b

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36373: Show existing bookings in the datepicker

This patch exposes existing bookings as info dots in the flatpickr

Signed-off-by: Esther <esther@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36325: Add --exclude-logs option to koha-run-backups

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36325: Add option to koha-run-backups/koha-dump, to exclude logs

Written patch to add flag to both koha-dump and koha-run-backups.

Test plan:
1. do a sudo koha-dump and sudo koha-run-backups and check the contents of the .tar.gz backup in /var/spool/koha/instance/ and verify logs are in there
2. apply this patch
3. this time do sudo koha-dump --exclude-logs and sudo koha-run-backups --exclude-logs and check the contents of the .tar.gz backup in /var/spool/koha/instance and verify nothing from /var/log/koha is in there.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35813: Migrate 'transient_result' to 'messages.inc'

This patch DRY's out the code by migrating the transient_result div into
the now widely included messages.inc include.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35813: (follow-up) Correct dialog class and clean up whitespace

This patch changes the class of the success message from "success"
(which is a Bootstrap class) to "message" which is the class we use
elsewhere in Koha for this kind of informational message.

The patch adds the same dialog markup to labeledMARCdetail.tt.

The patch also trims trailing whitespace from place_booking_modal.js

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35813: Add success feedback after placing/editing bookings

This patch restores the lost behaviour that a successful add/edit of a
booking via the 'Place booking' modal should notify the end user that
the submission was sucessful.

Test plan
1) Set an item as bookable to expose the 'Place booking' button
2) Place a new booking from the following pages and confirm that you
   now recieve feedback.
   * Catalog > Title > Details
   * Catalog > Title > MARC details
   * Catalog > Title > ISBD details
   * Catalog > Title > Item details
   * Catalog > Title > Bookings
3) Edit a booking on the 'Catalog > Title > Bookings' page and confirm
   you now recieve feedback.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36794: Illegitimate modification of biblionumber subfield content (999 $c)

It happens that librarians, by mistake, open a biblio editor putting in the
URL, by hand, the biblionumber prefixed with a blank (e.g.
.../addbiblio.pl?biblionumber= 123 -- mind the space before 123).
In such a case the editor opens with the right biblio record (i.e. 123)
but, after saving the record, the content of the biblionumber MARC
field (999 $c for a standard MARC 21 installation) results modified and
contains additional initial blanks.

Moreover, while using ES and making a search for the record (with title,
author etc.) we get two records on the result list (instead of one).

This is because in the addbiblio.pl script $biblionumber is taken (and
continuously used) directly from CGI parameter, without any
validation and/or correction.

Test plan:
==========
0. Have a test installation with ES.
1. Open a biblio record in the editor with an added space before
   biblionumber value, e.g.:
   http://ktd:8081/cgi-bin/koha/cataloguing/addbiblio.pl?biblionumber= 123
   Save the record.
2. From the Normal view choose Save -> MARCXML.  Open the saved file in
   your favourite editor.  You should see, at the end, something like:
   <datafield tag="999" ind1=" " ind2=" ">
     <subfield code="c"> 123</subfield>
   (mind the space before 123).
   This is not right.
3. Make a search with the title or author's name from the record (e.g.
   Henning Mankell for the record 123 from the default ktd data set).
   You should get two records instead of one (while using ES).
4. Apply the patch, restart_all.  Repeat p. 1 and 2 with a different
   biblionumber.  Notice the unchanged (i.e. without spaces) value
   of 999 $c subfield in the exported record and only one record
   as a result of a search.

WNC amended patch - rebased, added conditional in case no bib, moved comments to their own lines

Sponsored-by: Ignatianum University in Cracow
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36799: Illegitimate modification of MARC authid field content (001)

It happens that librarians to save time open an authority editor by putting
in the URL, by hand, the authid prefixed, by mistake, with a blank (e.g.
.../authorities.pl?authid= 100 -- mind the space before 100).  In
such a case the editor opens with the right auth record (i.e. 100) but,
after saving the record, the content of the authid MARC field (001 for
a standard MARC 21 installation) results modified and contains
additional initial blanks.

Moreover, if the heading (1XX field) was modified in the authority record
during such an edit, the changes will not propagate to the linked
bibliographic records.  And won't in the future.

This is because in the authorities.pl script $authid is taken (and
continuously used) directly from CGI parameter, without any
validation and/or correction (line 540 in the current main branch).

Test plan:
==========
1. Open an auth record in the editor with an added space before
   authid value, e.g.:
   http://ktd:8081/cgi-bin/koha/authorities/detail.pl?authid= 100
   Modify the heading field -- in the ktd data set:
       150 Computerized typesetting
   Save the record.
2. a) Open the record for editing again--see the space added before
   the authid in field 001.  Close the editor (with Cancel).
   b) Try to go to the linked biblio records with Used in X records.
   Note no results, if using ES.
   c) Remove the space before authid (after an:) in the URL.
   Go to the linked biblio records.  See that the content of
   the field controlled by the modified auth record did not
   update.
3. Apply the patch; restart_all.
4. Repeat p. 1 and 2 with a different authid.  Everything should
   be OK now.

Sponsored-by: Ignatianum University in Cracow
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 33849: Do not reset new patrons home library when error occurs

While adding new patron, if patron is flagged as duplicate
or another error occurs and their home library differs from
library user is logged in, patrons home library resets as
logged in users library. This happens with all patrons
expect those with category type C. This patch removes checking
if patrons category type is C from code so that all category
types use previously chosen home library even if error occurs.

To test:
1. Add new patron and set their library to a different
library than the one you're logged in.
2. Cause an error (wrong age, duplicate etc) while saving.
3. Attempt to save.
=> Note that patrons home library is set as one you're
logged in.
4. Apply this patch.
5. Repeat steps 1 to 3.
=> Note that patrons home library hasn't changed.

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Esther <esther@bywatersolutions.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35149: DBRev 23.12.00.056

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35149: Change CircAutoPrintQuickSlip syspref explanation

Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35149: Add Option to ignore submit of checkout field when empty

1) Apply patch
2) Set CircAutoPrintQuickSlip to "do nothing"
3) Go to the checkouts form for a specific patron
4) Submit the form with empty value
5) Verify that no action is taken and you stay on the current page

Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36797: Change WHILE loop into FOREACH

To test:
1. Find a record that has 1000 non-waiting holds with different priorities.
2. Try loading the reserve page for that record ( /reserve/request.pl?biblionumber=X )
3. Error: Template process failed: undef error - WHILE loop terminated (> 1000 iterations)
4. APPLY PATCH
5. Try again, this time the page should load.
6. Try testing on a record with less than 1000 holds, making sure the priorities are still set right.
7. Make sure you can change your priorities and everything works right.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 36832: (bug 36791 follow-up) Allow authid=0

To test:
1. Go to the Authorities module and do a Z39.50 search that will return
results (e.g. a general subject heading)
2. Import an authority record from the results
--> Confirm that the record is imported into the editor
3. Authorities > New, replace it via Z39.50, confirm it's imported
4. Authorities > New, fill the required fields, confirm it saves
5. Edit an existing authority, replace it via Z39.50, confirm it saves
6. Edit an existing authority, replace authid=nn in the URL with a
number that doesn't exist like 1000000, confirm you get a 404 page

Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Janusz Kaczmarek <januszop@gmail.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Bug 35927: Selecting MARC framework again doesn't work when adding to basket from an external source

Like Bug 19372, selecting MARC framework currently doesn't work when adding to basket from an external source.
Strangly I can reproduce on koha-testing-docker, but we have this issue with a Ubuntu Focal install.
Looks like it comes from a bad syntaxe than needs to be replaced in any case.

Test plan:
1) Add an order to a basket from an external source
2) Select another framework than the default one on the search result
view. Before doing 'add order' on choosen search result line.
3) Chek the framework code you will pick will be used in the created biblio record

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>