From c360d5e3a2caee5c60963e68ac9e8fb41ea57cef Mon Sep 17 00:00:00 2001 From: Martin Renvoize Date: Thu, 23 May 2024 10:47:33 +0100 Subject: [PATCH] Bug 26176: (QA follow-up) Branch -> Library Signed-off-by: Martin Renvoize Signed-off-by: Katrin Fischer (cherry picked from commit f8915dc6e70516476b860be7a5703080e059b8c1) Signed-off-by: Fridolin Somers --- C4/Auth.pm | 12 +++++----- C4/UsageStats.pm | 2 +- .../data/mysql/atomicupdate/bug_26176.pl | 12 ++++++---- installer/data/mysql/mandatory/sysprefs.sql | 2 +- .../intranet-tmpl/prog/en/includes/header.inc | 4 ++-- .../en/modules/admin/preferences/admin.pref | 4 ++-- t/db_dependent/Auth.t | 24 +++++++++---------- 7 files changed, 31 insertions(+), 29 deletions(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index 77917a871b..ea766c1a04 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -480,7 +480,7 @@ sub get_template_and_user { advancedMARCEditor => C4::Context->preference("advancedMARCEditor"), AllowMultipleCovers => C4::Context->preference('AllowMultipleCovers'), AmazonCoverImages => C4::Context->preference("AmazonCoverImages"), - StaffLoginRestrictBranchByIP => C4::Context->preference("StaffLoginRestrictBranchByIP"), + StaffLoginRestrictLibraryByIP => C4::Context->preference("StaffLoginRestrictLibraryByIP"), can_see_cataloguing_module => haspermission( $user, get_cataloguing_page_permissions() ) ? 1 : 0, canreservefromotherbranches => C4::Context->preference('canreservefromotherbranches'), EasyAnalyticalRecords => C4::Context->preference('EasyAnalyticalRecords'), @@ -1196,7 +1196,7 @@ sub checkauth { } if ( $type ne 'opac' ) { my $branches = { map { $_->branchcode => $_->unblessed } Koha::Libraries->search->as_list }; - if ( C4::Context->preference('StaffLoginRestrictBranchByIP') ) { + if ( C4::Context->preference('StaffLoginRestrictLibraryByIP') ) { # we have to check they are coming from the right ip range my $domain = $branches->{$branchcode}->{'branchip'}; $domain =~ s|\.\*||g; @@ -1218,12 +1218,12 @@ sub checkauth { # If StaffLoginBranchBasedOnIP is enabled we will try to find a branch # matching your ip, regardless of the choice you have passed in ( - !C4::Context->preference('StaffLoginRestrictBranchByIP') + !C4::Context->preference('StaffLoginRestrictLibraryByIP') && C4::Context->preference('StaffLoginBranchBasedOnIP') ) - # When StaffLoginRestrictBranchByIP is enabled we will not choose a branch matching IP + # When StaffLoginRestrictLibraryByIP is enabled we will not choose a branch matching IP # if your selected branch has no IP set - || ( C4::Context->preference('StaffLoginRestrictBranchByIP') + || ( C4::Context->preference('StaffLoginRestrictLibraryByIP') && $auth_state ne 'failed' && $branches->{$branchcode}->{'branchip'} ) ) @@ -1410,7 +1410,7 @@ sub checkauth { IntranetUserCSS => C4::Context->preference("IntranetUserCSS"), IntranetUserJS => C4::Context->preference("IntranetUserJS"), IndependentBranches => C4::Context->preference("IndependentBranches"), - StaffLoginRestrictBranchByIP => C4::Context->preference("StaffLoginRestrictBranchByIP"), + StaffLoginRestrictLibraryByIP => C4::Context->preference("StaffLoginRestrictLibraryByIP"), wrongip => $info{'wrongip'}, PatronSelfRegistration => C4::Context->preference("PatronSelfRegistration"), PatronSelfRegistrationDefaultCategory => C4::Context->preference("PatronSelfRegistrationDefaultCategory"), diff --git a/C4/UsageStats.pm b/C4/UsageStats.pm index f45a3d4a85..fe3b092da2 100644 --- a/C4/UsageStats.pm +++ b/C4/UsageStats.pm @@ -146,7 +146,7 @@ sub _shared_preferences { noItemTypeImages OpacNoItemTypeImages virtualshelves - StaffLoginRestrictBranchByIP + StaffLoginRestrictLibraryByIP IndependentBranches SessionStorage Persona diff --git a/installer/data/mysql/atomicupdate/bug_26176.pl b/installer/data/mysql/atomicupdate/bug_26176.pl index fb675cfe38..784c569351 100755 --- a/installer/data/mysql/atomicupdate/bug_26176.pl +++ b/installer/data/mysql/atomicupdate/bug_26176.pl @@ -3,16 +3,18 @@ use Koha::Installer::Output qw(say_warning say_failure say_success say_info); return { bug_number => "26176", - description => "Rename AutoLocation to StaffLoginRestrictBranchByIP", + description => "Rename AutoLocation to StaffLoginRestrictLibraryByIP", up => sub { my ($args) = @_; my ( $dbh, $out ) = @$args{qw(dbh out)}; - $dbh->do(q{ - UPDATE systempreferences SET variable = "StaffLoginRestrictBranchByIP" + $dbh->do( + q{ + UPDATE systempreferences SET variable = "StaffLoginRestrictLibraryByIP" WHERE variable = "AutoLocation" - }); + } + ); - say $out "Renamed system preference 'AutoLocation' to 'StaffLoginRestrictBranchByIP'"; + say $out "Renamed system preference 'AutoLocation' to 'StaffLoginRestrictLibraryByIP'"; }, }; diff --git a/installer/data/mysql/mandatory/sysprefs.sql b/installer/data/mysql/mandatory/sysprefs.sql index fded76e277..eb8862d273 100644 --- a/installer/data/mysql/mandatory/sysprefs.sql +++ b/installer/data/mysql/mandatory/sysprefs.sql @@ -724,7 +724,7 @@ INSERT INTO systempreferences ( `variable`, `value`, `options`, `explanation`, ` ('StaffLangSelectorMode','footer','top|both|footer','Select the location to display the language selector in staff interface','Choice'), ('StaffLoginInstructions', '', NULL, 'HTML to go into the login box for the staff interface','Free'), ('StaffLoginBranchBasedOnIP', '1','', 'Set the logged in library for the user based on their current IP','YesNo'), -('StaffLoginRestrictBranchByIP','0',NULL,'If ON, IP authentication is enabled, blocking access to the staff interface from unauthorized IP addresses based on branch','YesNo'), +('StaffLoginRestrictLibraryByIP','0',NULL,'If ON, IP authentication is enabled, blocking access to the staff interface from unauthorized IP addresses based on branch','YesNo'), ('StaffSearchResultsDisplayBranch','holdingbranch','holdingbranch|homebranch','Controls the display of the home or holding branch for staff search results','Choice'), ('StaffSerialIssueDisplayCount','3','','Number of serial issues to display per subscription in the staff interface','Integer'), ('staffShibOnly','0','','If ON enables shibboleth only authentication for the staff client','YesNo'), diff --git a/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc b/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc index 06ed5fb431..1fe069d0b7 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc +++ b/koha-tmpl/intranet-tmpl/prog/en/includes/header.inc @@ -94,7 +94,7 @@ [% SET is_superlibrarian = CAN_user_superlibrarian ? 'is_superlibrarian' : '' %] [% logged_in_user.userid | html %] [% logged_in_user.categorycode | html %] - [% IF ( StaffLoginRestrictBranchByIP ) %] + [% IF ( StaffLoginRestrictLibraryByIP ) %] [% Branches.GetLoggedInBranchname | html %] @@ -132,7 +132,7 @@ [% logged_in_user.userid | html %]
  • - [% IF ( StaffLoginRestrictBranchByIP ) %] + [% IF ( StaffLoginRestrictLibraryByIP ) %] [% Branches.GetLoggedInBranchname | html %] diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref index 8cafeeed50..2d3e6d5cd0 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/admin.pref @@ -92,7 +92,7 @@ Administration: - Adding d will specify it in days, e.g. 1d is timeout of one day. - - "Limit the libraries staff can select at login to those where their computer's IP address is within the library's specified range or to libraries without an IP restriction: " - - pref: StaffLoginRestrictBranchByIP + - pref: StaffLoginRestrictLibraryByIP default: 0 choices: 1: "Yes" @@ -115,7 +115,7 @@ Administration: 1: "Yes" 0: "No" - "Note: If IPs overlap, the first found match will be used." - - 'This setting will be overridden by StaffLoginRestrictBranchByIP system preference. In the event of multiple branches with matching IPs, branchcode (alphabetically) will be the tie breaker.' + - 'This setting will be overridden by StaffLoginRestrictLibraryByIP system preference. In the event of multiple branches with matching IPs, branchcode (alphabetically) will be the tie breaker.' # PostgreSQL is supported by CGI::Session but not by Koha. - - "Storage of login session information: " diff --git a/t/db_dependent/Auth.t b/t/db_dependent/Auth.t index b4dc69fb2a..2faf3e5f8e 100755 --- a/t/db_dependent/Auth.t +++ b/t/db_dependent/Auth.t @@ -1298,8 +1298,8 @@ subtest 'StaffLoginBranchBasedOnIP' => sub { $schema->storage->txn_begin; - t::lib::Mocks::mock_preference( 'StaffLoginRestrictBranchByIP', 0 ); - t::lib::Mocks::mock_preference( 'StaffLoginBranchBasedOnIP', 0 ); + t::lib::Mocks::mock_preference( 'StaffLoginRestrictLibraryByIP', 0 ); + t::lib::Mocks::mock_preference( 'StaffLoginBranchBasedOnIP', 0 ); my $patron = $builder->build_object( { class => 'Koha::Patrons', value => { flags => 1 } } ); my $branch = $builder->build_object( { class => 'Koha::Libraries', value => { branchip => "127.0.0.1" } } ); @@ -1331,16 +1331,16 @@ subtest 'StaffLoginBranchBasedOnIP' => sub { $session = C4::Auth::get_session($sessionID); is( $session->param('branch'), $branch->branchcode, "Logged in branch is set based on the IP from REMOTE_ADDR " ); - # StaffLoginRestrictBranchByIP overrides StaffLoginBranchBasedOnIP - t::lib::Mocks::mock_preference( 'StaffLoginRestrictBranchByIP', 1 ); + # StaffLoginRestrictLibraryByIP overrides StaffLoginBranchBasedOnIP + t::lib::Mocks::mock_preference( 'StaffLoginRestrictLibraryByIP', 1 ); ( $userid, $cookie, $sessionID, $flags, $template ) = C4::Auth::checkauth( $cgi, 0, { catalogue => 1 }, 'intranet', undef, undef, { do_not_print => 1 } ); is( $template->{VARS}->{wrongip}, 1, - "StaffLoginRestrictBranchByIP prevents StaffLoginBranchBasedOnIP from logging user in to another branch" + "StaffLoginRestrictLibraryByIP prevents StaffLoginBranchBasedOnIP from logging user in to another branch" ); - t::lib::Mocks::mock_preference( 'StaffLoginRestrictBranchByIP', 0 ); + t::lib::Mocks::mock_preference( 'StaffLoginRestrictLibraryByIP', 0 ); my $other_branch = $builder->build_object( { class => 'Koha::Libraries', @@ -1357,13 +1357,13 @@ subtest 'StaffLoginBranchBasedOnIP' => sub { }; -subtest 'StaffLoginRestrictBranchByIP' => sub { +subtest 'StaffLoginRestrictLibraryByIP' => sub { plan tests => 12; $schema->storage->txn_begin; - t::lib::Mocks::mock_preference( 'StaffLoginRestrictBranchByIP', 0 ); + t::lib::Mocks::mock_preference( 'StaffLoginRestrictLibraryByIP', 0 ); my $patron = $builder->build_object( { class => 'Koha::Patrons', value => { flags => 1 } } ); my $password = 'password'; @@ -1381,12 +1381,12 @@ subtest 'StaffLoginRestrictBranchByIP' => sub { $ENV{REMOTE_ADDR} = '127.0.0.1'; my ( $userid, $cookie, $sessionID, $flags ) = C4::Auth::checkauth( $cgi, 0, { catalogue => 1 }, 'intranet' ); - is( $userid, $patron->userid, "Standard login without StaffLoginRestrictBranchByIP" ); + is( $userid, $patron->userid, "Standard login without StaffLoginRestrictLibraryByIP" ); my $template; - t::lib::Mocks::mock_preference( 'StaffLoginRestrictBranchByIP', 1 ); + t::lib::Mocks::mock_preference( 'StaffLoginRestrictLibraryByIP', 1 ); - # StaffLoginRestrictBranchByIP: "Require staff to log in from a computer in the IP address range specified by their library (if any)" + # StaffLoginRestrictLibraryByIP: "Require staff to log in from a computer in the IP address range specified by their library (if any)" $patron->library->branchip('')->store; # There is none, allow access from anywhere ( $userid, $cookie, $sessionID, $flags, $template ) = C4::Auth::checkauth( $cgi, 0, { catalogue => 1 }, 'intranet' ); @@ -1423,7 +1423,7 @@ subtest 'StaffLoginRestrictBranchByIP' => sub { $session = C4::Auth::get_session($sessionID); is( $session->param('branch'), $other_library->branchcode, - "StaffLoginRestrictBranchByIP allows specifying a branch as long as the IP matches" + "StaffLoginRestrictLibraryByIP allows specifying a branch as long as the IP matches" ); $other_library->branchip('129.0.0.1')->store; -- 2.39.5