]> git.koha-community.org Git - koha.git/log
koha.git
7 years agoBug 19130: (followup) Add t/db_dependent/Koha/Acquisition/Booksellers.t
Tomas Cohen Arazi [Tue, 22 Aug 2017 15:03:37 +0000 (12:03 -0300)]
Bug 19130: (followup) Add t/db_dependent/Koha/Acquisition/Booksellers.t

This followup patch adds a proper file in which add tests for
Koha::Acquisition::Bookseller(s) methods.

All current methods are covered.

To test:
- Run:
  $ sudo koha-shell kohadev
 k$ cd kohaclone
 k$ prove t/db_dependent/Koha/Acquisition/Booksellers.t
 => SUCCESS: Test pass!
 - Sign off :-D

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 3481b7b9dac8935befe631131570591ec2c84cce)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19130: Remove ->search() overloading and adjust tests
Tomas Cohen Arazi [Tue, 22 Aug 2017 15:01:24 +0000 (12:01 -0300)]
Bug 19130: Remove ->search() overloading and adjust tests

This patch removes the custom ->search() function. Tests are adjusted
so the results from ->search() calls are not expected to return in the
previously hardcoded order.

To test:
- Apply this patch
- Run:
  $ sudo koha-shell kohadev
 k$ cd kohaclone
 k$ prove t/db_dependent/Bookseller.t
=> SUCCESS: Tests pass
- Sign off :-D

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7e4ce56b27025b05ee572100529eaa4f28e0933c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19134: C4::SMS falils on long driver name
Magnus Enger [Thu, 17 Aug 2017 20:48:07 +0000 (22:48 +0200)]
Bug 19134: C4::SMS falils on long driver name

Code in C4::SMS takes the part of the SMS::Send-driver that comes after
SMS::Send and tries to turn it into part of a path to a YAML file
that can contain additional parameters to SMS::Send. The current
code works for e.g. SMS::Send::A::B, but if there is one or more
extra names, it fails to turn :: into /. So we have:
SMS::Send::A::B    -> SMS/Send/A/B
SMS::Send::A::B::C -> SMS/Send/A/B::C
This patch makes sure all occurrences of :: are turned into /, by
adding a "g" modifier at the end of the regex.

Testing:
Testing this preperly would take a whole lot of setup for a very
small change. I would suggest that the following two oneliners
are enough to demonstrate that the change makes sense:
$ perl -e '$x = "a::b::c"; $x =~ s|::|/|; print $x, "\n";'
$ perl -e '$x = "a::b::c"; $x =~ s|::|/|g; print $x, "\n";'

So:
- Check that the output of these oneliners make sense
- Check that the patch changes the code in a similar way to the
  change from the first oneliner to the second.

Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a4237785d9a2bf2bbf4cf988bc98ac4935842e91)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18817: Update links manually
Jonathan Druart [Mon, 14 Aug 2017 19:19:15 +0000 (16:19 -0300)]
Bug 18817: Update links manually

Without the anchor it is not possible to retrieve the html page, so
these occurrences have been updated manually (and yes it was painful)

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b08913370f77fcc1c574d9c0264f0523b6e2a53b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18817: Update links with anchor automatically
Jonathan Druart [Mon, 14 Aug 2017 18:38:05 +0000 (15:38 -0300)]
Bug 18817: Update links with anchor automatically

I generate a mapping files (old anchor > new anchor) from the doc files.
Here are the links that have been updated automatically

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 674c32a094f0545f54d1d0240a642cc1d5587bc6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18817 Correct Manual URL
Joy Nelson [Mon, 19 Jun 2017 14:45:16 +0000 (07:45 -0700)]
Bug 18817 Correct Manual URL

Corrected the manual url in the help screen for 17.05 onward.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0250fb7b7681aa72ed3d5607c0c896cd5fd6659e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 9409: (QA followup) Add --dbhost help to koha-create man page
Tomas Cohen Arazi [Fri, 11 Aug 2017 18:09:00 +0000 (15:09 -0300)]
Bug 9409: (QA followup) Add --dbhost help to koha-create man page

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7efb871fa31869044045ccef0b37be438ba704ff)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 9409: Add --dbhost parameter and dbhost field
Mark Tompsett [Fri, 23 Jun 2017 01:46:50 +0000 (01:46 +0000)]
Bug 9409: Add --dbhost parameter and dbhost field

This allows setting the remote db host correctly for
request-db either with a command-line or passwd file.

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit e4573d709936bbd7f454a26f073e2131aa9c8df3)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18469: QA Follow-up
Nick Clemens [Fri, 7 Jul 2017 11:25:24 +0000 (11:25 +0000)]
Bug 18469: QA Follow-up

Restore datepicker class
Use Koha.Preference
Copy changes to moremember

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a66c0b1dd76a2fe08ed7ac189ad8a564372ab3a9)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18469: Suspend all holds when specifying a date to resume hold does not keep...
Nick Clemens [Fri, 21 Apr 2017 14:08:27 +0000 (10:08 -0400)]
Bug 18469: Suspend all holds when specifying a date to resume hold does not keep date

Name of field had 'datepicker' embedded, this caused variable issue

To test:
 1 - Place several holds for a patron
 2 - Go to holds tab in circulation
 3 - Select a date for suspend all holds until
 4 - Suspend all holds
 5 - Note date is not used, suspended indefinitely
 6 - Apply patch
 7 - Resume all suspended holds
 8 - Select a date for suspend all holds until
 9 - Suspend all holds
10 - Note date is used

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a58745d9dbbf98c79f4c1a3e7cd40fb45425fc91)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18292: Tests do not need to return 1 - xt
Jonathan Druart [Wed, 9 Aug 2017 16:01:37 +0000 (13:01 -0300)]
Bug 18292: Tests do not need to return 1 - xt

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit e03f590fa1080b1c3fbe25c91af08094620609d6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18292: Remove return 1 statements in tests
Jonathan Druart [Fri, 9 Jun 2017 11:59:41 +0000 (08:59 -0300)]
Bug 18292: Remove return 1 statements in tests

The test files do not need to return 1

Patch generated with:
perl -p -i -e "s/^1;\n//xsm" t/**/*.t

Test plan:
  git grep '^1;$' t/**/*.t
should not return any results

NOTE: does not fix C4/SIP/t, nor xt tests.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b1ba7fac2c246c2dd52aa4d35884a03d542a26f4)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18292 - t/db_dependent/Circulation.t doesn't need to return 1;
Olli-Antti Kivilahti [Fri, 17 Mar 2017 07:05:47 +0000 (09:05 +0200)]
Bug 18292 - t/db_dependent/Circulation.t doesn't need to return 1;

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b57d682edd5040eb342047aefa95b84402f4c3ae)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19027 - Circulation rules: Better wording for standard rules for all libraries
Marc Véron [Wed, 2 Aug 2017 16:01:06 +0000 (18:01 +0200)]
Bug 19027 - Circulation rules: Better wording for standard rules for all libraries

In Home > Administration > Circulation and fine rules, the standard value for
"Select a library: All libraries" is confusing and leads to support cases.

Change wording to "Standard rules for all libraries".

To test:
- Apply patch
- Go to Home > Administration > Circulation and fine rules
- Verfiy that text in drop down 'Select a library' makes sense.

Followed test plan which works as intended. I agree with the wording it
is significantly clearer than previously
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit c140b9129124262db27c9ba17f47134ec3232ada)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18985 - SQL reports 'Last edit' and 'Last run' columns sort alphabetically, not...
Owen Leonard [Tue, 1 Aug 2017 17:07:33 +0000 (17:07 +0000)]
Bug 18985 - SQL reports 'Last edit' and 'Last run' columns sort alphabetically, not chronologically

This patch alters the DataTables configuration of the SQL reports list
so that date columns are identified via class rather than position.

To test, apply the patch and go to Reports -> Use saved.

Test the re-ordering of the creation date, last edit, and last run
columns. Each should sort correctly based on the date.

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 3304c7c4ca49db1b95aa564b3550bacf260b9b4f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18941 - C4::Budgets GetBudgetByCode should return active budgets over inactive...
Nick Clemens [Fri, 14 Jul 2017 11:25:42 +0000 (11:25 +0000)]
Bug 18941 - C4::Budgets GetBudgetByCode should return active budgets over inactive budgets

To test:
1 - Create an active budget
2 - Create an inactive budget
3 - Ensure they each have a fund with the same code
4 - Set MarcFieldsToOrder to get the budget_code from a marc field
5 - Stage a file using the duplicated code
6 - Add to a basket from the staged file
7 - Add the items
8 - Note funds are encumbered from the inactive budget
9 - Apply patch
10 - Repeat 5-8 with a new basket
11 - Note the active budget is now used

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0e2c823e8806c35673505d0e2a03081cac00190a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18941 - Unit tests
Nick Clemens [Fri, 14 Jul 2017 11:06:16 +0000 (11:06 +0000)]
Bug 18941 - Unit tests

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 22944fb61241239124b4db218d098b8510327276)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 13012: Add more tests
Jonathan Druart [Thu, 10 Aug 2017 18:52:35 +0000 (15:52 -0300)]
Bug 13012: Add more tests

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 28a979487f3d8c4a5887c484ae71c7c63e7ee03d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 13012 - suggestion.suggesteddate should be set to NOW if not defined
Kyle M Hall [Wed, 19 Jul 2017 18:57:26 +0000 (14:57 -0400)]
Bug 13012 - suggestion.suggesteddate should be set to NOW if not defined

Test Plan:
1) Apply this patch
2) prove t/db_dependent/Koha/Suggestions.t

Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b2a8e726fe32d4aae3f279f4142af240c60d7fe5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19071: Fix Members/IssueSlip.t
Marcel de Rooy [Thu, 10 Aug 2017 07:24:08 +0000 (09:24 +0200)]
Bug 19071: Fix Members/IssueSlip.t

Resolve:
DBD::mysql::db do failed: Cannot delete or update a parent row: a foreign key constraint fails (`koha_master`.`clubs`, CONSTRAINT `clubs_ibfk_2` FOREIGN KEY (`branchcode`) REFERENCES `branches` (`branchcode`)) [for Statement "DELETE FROM branches"] at t/db_dependent/Members/IssueSlip.t line 44.

We do not need to delete all branches here.

Note: The test still needs attention for noisy userenv warns, but it should
pass now.

Test plan:
Run t/db_dependent/Members/IssueSlip.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 8651016ce8e959b5b6ca19ccddbb3f5342b5d456)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19071: Fix Circulation/issue.t
Marcel de Rooy [Thu, 10 Aug 2017 07:13:44 +0000 (09:13 +0200)]
Bug 19071: Fix Circulation/issue.t

Resolve:
DBD::mysql::db do failed: Cannot delete or update a parent row: a foreign key constraint fails (`koha_master`.`clubs`, CONSTRAINT `clubs_ibfk_2` FOREIGN KEY (`branchcode`) REFERENCES `branches` (`branchcode`)) [for Statement "DELETE FROM branches"] at t/db_dependent/Circulation/issue.t line 65.

Cause:
See also bug 19070.
We do not need to delete all branches here.

Test plan:
Run t/db_dependent/Circulation/issue.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b80704aa1b763c7a29c3b95c162dfb12ded8faa2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19070: Fix Circulation/Branch.t
Marcel de Rooy [Thu, 10 Aug 2017 07:04:16 +0000 (09:04 +0200)]
Bug 19070: Fix Circulation/Branch.t

Resolve:
DBD::mysql::db do failed: Cannot delete or update a parent row: a foreign key constraint fails (`koha_master`.`clubs`, CONSTRAINT `clubs_ibfk_2` FOREIGN KEY (`branchcode`) REFERENCES `branches` (`branchcode`)) [for Statement "DELETE FROM branches"] at t/db_dependent/Circulation/Branch.t line 49.

Resolve:
not ok 14 - AddReturn respects branch item return policy - noreturn
   Failed test 'AddReturn respects branch item return policy - noreturn'
   at t/db_dependent/Circulation/Branch.t line 279.
          got: 'yqiKrIkX'
     expected: undef

Cause:
There is a record in clubs. The constraint in clubs on branchcode does not
include a cascaded delete. The test deletes all branches.
Test 14 depends on item-level_itypes==1. When you set it to Biblio, it fails.

Test plan:
Run t/db_dependent/Circulation/Branch.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d2cceb95b47983b28242819c95e57439958b0da5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19047: Fix AddBiblio call in ShelfBrowser.t
Jonathan Druart [Thu, 10 Aug 2017 18:06:39 +0000 (15:06 -0300)]
Bug 19047: Fix AddBiblio call in ShelfBrowser.t

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b4ce1feb1bc6b4f20cf71bd545e018917cf518db)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19047: Fix AddBiblio call in Reserves.t
Marcel de Rooy [Mon, 7 Aug 2017 06:44:43 +0000 (08:44 +0200)]
Bug 19047: Fix AddBiblio call in Reserves.t

AddBiblio does not return a title; the biblioitemnumber is stored in the
title variable.
The variables for biblioitemnumber are not used and can be removed.

Test plan:
Run t/db_dependent/Reserves.t

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit c6f8cf69d3943599fa6a0c250ae0e8221ead44ff)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19042: Add mock IndependentBranches=0 for the other test
Jonathan Druart [Thu, 10 Aug 2017 18:02:23 +0000 (15:02 -0300)]
Bug 19042: Add mock IndependentBranches=0 for the other test

These tests do not cover correctly getletter, but it is not the goal of
this patch. Superlibrarian behaviour must be tested as well.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit e3dafbfccd06af8fca45fada449e93e3d0616cd6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19042: Silence warnings t/db_dependent/Letters.t
Mark Tompsett [Fri, 4 Aug 2017 18:24:38 +0000 (14:24 -0400)]
Bug 19042: Silence warnings t/db_dependent/Letters.t

TEST PLAN
---------
prove t/db_dependent/Letters.t
-- there will be a message: "C4::Context->userenv not defined!"
apply this patch
prove t/db_dependent/Letters.t
-- there will no longer be that message.
run qa test tools

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d01ce104a7711814152e4f8228064f79c8a7f68c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 5471: Use uri_escape_utf8 to handle utf8 chars correctly
Jonathan Druart [Thu, 10 Aug 2017 16:15:27 +0000 (13:15 -0300)]
Bug 5471: Use uri_escape_utf8 to handle utf8 chars correctly

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 04966a6203646cae79a48a00ef0873c1f6c64b06)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 5471 - Quotes in tags fail
Owen Leonard [Fri, 9 Jun 2017 12:29:58 +0000 (12:29 +0000)]
Bug 5471 - Quotes in tags fail

This patch makes changes to the tag moderation template and JavaScript
to fix handling of tags with double or single quotes. This patch also
moves the tags moderation JavaScript out of the template and into a
separate JS file.

To test you should have multiple tags awaiting moderation, including
tags which contain double and single quotes.

- Go to Tools -> Tags.
- In the list of tags pending approval, test approving and rejecting
  tags, including those containing single or double quotes.
  - The state of the "Approve" or "Reject" buttons should correctly
    change according to the action you chose.
  - The label in the status column should update correctly.
- In the "Check lists" form, submitting approved, rejected, and
  unclassified terms should result in the correct message.

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Works correctly based on test plan. Tested using single- and
double-quoted tags. Passes QA Tools.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit ee6f8e186bc93df9d7943ea38f05615b2e8a813f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19003: Add a TestBuilder default for borrowers.login_attempts
Marcel de Rooy [Sat, 29 Jul 2017 15:06:52 +0000 (17:06 +0200)]
Bug 19003: Add a TestBuilder default for borrowers.login_attempts

Bug 18314 causes t/db/SIP/Message.t to fail (quite often) since
TestBuilder fills login_attempts with a random number. (Note: Only
when FailedLoginAttempts is non-zero.)
Trivial fix: TestBuilder should have a zero default for login_attempts.

Test plan:
Do not yet apply this patch.
Set pref FailedLoginAttempts to say 3.
Run t/db_dependent/SIP/Message.t. Might fail on the password test (CQ).
Apply this patch.
Run t/db_dependent/SIP/Message.t again. Does not fail anymore.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 5bb56bf336187cde38e1a3b89c792ee6dc231acf)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 17699: Reset time simulation
Jonathan Druart [Tue, 1 Aug 2017 14:44:29 +0000 (11:44 -0300)]
Bug 17699: Reset time simulation

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0853c4e2b4366a235077a24a873fc81a754afecb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 17699: Add test descriptions
Jonathan Druart [Mon, 31 Jul 2017 14:30:00 +0000 (11:30 -0300)]
Bug 17699: Add test descriptions

Test plan:
  prove -v t/db_dependent/Koha/Patrons.t

 Subtest: renew_account
    1..30
    ok 1 - 2016-02-29T00:00:00 + 12 months must be 2017-02-28T00:00:00
    ok 2 - 2016-02-29T00:00:00 + 12 months must be 2017-02-28T00:00:00
    ok 3 - With BorrowerLogs, Koha::Patron->renew_account should have logged
    ok 4 - today + 12 months must be 2017-03-31T00:00:00
    ok 5 - today + 12 months must be 2017-03-31T00:00:00
    ok 6 - Without BorrowerLogs, Koha::Patron->renew_account should not have logged
    ok 7 - today + 12 months must be 2017-03-31T00:00:00
    ok 8 - today + 12 months must be 2017-03-31T00:00:00
    ok 9 - 2016-04-30T00:00:00 + 12 months must be 2017-04-30T00:00:00
    ok 10 - 2016-04-30T00:00:00 + 12 months must be 2017-04-30T00:00:00
    ok 11 - 2016-10-30T00:00:00 + 12 months must be 2017-10-30T00:00:00
    ok 12 - 2016-10-30T00:00:00 + 12 months must be 2017-10-30T00:00:00
    ok 13 - With BorrowerLogs, Koha::Patron->renew_account should have logged
    ok 14 - today + 12 months must be 2017-11-30T00:00:00
    ok 15 - today + 12 months must be 2017-11-30T00:00:00
    ok 16 - Without BorrowerLogs, Koha::Patron->renew_account should not have logged
    ok 17 - today + 12 months must be 2017-11-30T00:00:00
    ok 18 - today + 12 months must be 2017-11-30T00:00:00
    ok 19 - 2016-12-30T00:00:00 + 12 months must be 2017-12-30T00:00:00
    ok 20 - 2016-12-30T00:00:00 + 12 months must be 2017-12-30T00:00:00
    ok 21 - 2017-06-30T00:00:00 + 12 months must be 2018-06-30T00:00:00
    ok 22 - 2017-06-30T00:00:00 + 12 months must be 2018-06-30T00:00:00
    ok 23 - With BorrowerLogs, Koha::Patron->renew_account should have logged
    ok 24 - today + 12 months must be 2018-07-31T00:00:00
    ok 25 - today + 12 months must be 2018-07-31T00:00:00
    ok 26 - Without BorrowerLogs, Koha::Patron->renew_account should not have logged
    ok 27 - today + 12 months must be 2018-07-31T00:00:00
    ok 28 - today + 12 months must be 2018-07-31T00:00:00
    ok 29 - 2017-08-31T00:00:00 + 12 months must be 2018-08-31T00:00:00
    ok 30 - 2017-08-31T00:00:00 + 12 months must be 2018-08-31T00:00:00

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit ec9b691de934f82c50057c15fb7d3a1b32717b72)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 17699: Use limit as end_of_month
Jonathan Druart [Mon, 31 Jul 2017 14:03:37 +0000 (11:03 -0300)]
Bug 17699: Use limit as end_of_month

From DateTime::Duration pod:
""
For positive durations, the "end_of_month" parameter defaults to wrap.
For negative durations, the default is "limit". This should match how
most people "intuitively" expect datetime math to work.
""""

We need end_of_month => limit for  positive durations as well.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 24b4006ecbc0a258b09500bdd8f639c7018067c0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 17699: Add more tests to highlight the problem
Jonathan Druart [Mon, 31 Jul 2017 14:02:42 +0000 (11:02 -0300)]
Bug 17699: Add more tests to highlight the problem

Add problematic cases to highlight the problem.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 9512b015662f8ec56d8b8884b4e4bb14d5e563f1)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19009: Fix random failures from Circulation.t
Jonathan Druart [Mon, 31 Jul 2017 14:18:23 +0000 (11:18 -0300)]
Bug 19009: Fix random failures from Circulation.t

From jenkins output:
 Subtest: CanBookBeIssued + Koha::Patron->is_debarred<7c>has_overdues
1..8
not ok 1
[SKIP]

I executed it several times and display the different $error, $alerts and question keys.
GNA and RESTRICTED were sometimes set, which block the issue.
Reading the code it seems that some patron's attributes must be removed to avoid the checkin rejection.

Test plan:
Execute the tests several times and notice that it fails randomly
With this patch they should always pass.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4bbec5c382590f881e6d2af62b2608fe9cf9e051)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18802: Fix Circulation.t if finesMode ne 'production'
Jonathan Druart [Wed, 14 Jun 2017 14:32:30 +0000 (11:32 -0300)]
Bug 18802: Fix Circulation.t if finesMode ne 'production'

If finesMode is not set to production, only 1 fine will be created (the renewal
one will not). This is what assumes the tests.
If set to 'production', the tests will fail because the fines will not
be deleted (because of the DBIx::Class) warning.
Now we mock the value before charging.

prove t/db_dependent/Circulation.t
t/db_dependent/Circulation.t .. 16/95 DBIx::Class::Storage::DBI::select_single(): Query returned more than one row.  SQL that returns multiple rows is DEPRECATED for ->find and ->single at t/db_dependent/Circulation.t line 491
t/db_dependent/Circulation.t .. 56/95
    #   Failed test 'Can auto renew, OPACFineNoRenewals=10, patron has 10'
    #   at t/db_dependent/Circulation.t line 670.
    #          got: 'auto_too_much_oweing'
    #     expected: 'auto_renew'
    # Looks like you failed 1 test of 6.

Test plan:
  prove t/db_dependent/Circulation.t
should return green whatever the value of finesMode

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit ae5f5c479929cbfad3193c6ce9471a406a2a41f3)

7 years agoBug 19013: (QA followup) Set guarantorid to NULL patron sample data
Tomas Cohen Arazi [Mon, 7 Aug 2017 14:04:51 +0000 (11:04 -0300)]
Bug 19013: (QA followup) Set guarantorid to NULL patron sample data

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0bcf6a79427297c332588317dde749e923c7bbdc)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19013: Fix borrowers.guarantorid in sammple_patrons.sql
Jonathan Druart [Mon, 31 Jul 2017 19:12:16 +0000 (16:12 -0300)]
Bug 19013: Fix borrowers.guarantorid in sammple_patrons.sql

That breaks randomly tests on Jenkins (Koha/Patrons.t)

It certainly affects data in other languages but I did not find a quick
and easy way to modify this file (replace all guarantorid values with
NULL)

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Easy fix

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b7d291a1ee692d6de71503683a3e61c9311c33d8)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoIncrement version for 17.05.04 release v17.05.04
Fridolin Somers [Wed, 20 Sep 2017 13:58:03 +0000 (15:58 +0200)]
Increment version for 17.05.04 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoMerge remote-tracking branch 'translate/17.05.04-translate-20170920' into rm_170504
Fridolin Somers [Wed, 20 Sep 2017 14:04:42 +0000 (16:04 +0200)]
Merge remote-tracking branch 'translate/17.05.04-translate-20170920' into rm_170504

7 years agoTranslation updates for Koha 17.05.04
root [Wed, 20 Sep 2017 14:00:06 +0000 (11:00 -0300)]
Translation updates for Koha 17.05.04

7 years agoUpdate release notes for 17.05.04 release
Koha User [Wed, 20 Sep 2017 13:55:56 +0000 (15:55 +0200)]
Update release notes for 17.05.04 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19235: Password entry visible in OPAC Self-registration
Mark Tompsett [Fri, 1 Sep 2017 17:16:43 +0000 (13:16 -0400)]
Bug 19235: Password entry visible in OPAC Self-registration

The HTML code was "text" instead of "password".

TEST PLAN
----------
1) 'Allow' PatronSelfRegistration system preference
2) Define the PatronSelfRegistrationDefaultCategory system preference (e.g. PT)
3) Open OPAC
4) Click 'Register here' on the right.  (/cgi-bin/koha/opac-memberentry.pl)
5) Scroll to bottom
6) enter some passwords
   -- visible
7) apply this patch
8) refresh page
9) repeat 5-6 as needed
   -- passwords should not be visible while entering
10) run koha qa test tools

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 99e691feee5ef29bbc9d24a916fc4aa2fab6bba6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 15438: [QA Follow-up] Moving POD statement for CanBookBeIssued
Marcel de Rooy [Fri, 8 Sep 2017 08:14:10 +0000 (10:14 +0200)]
Bug 15438: [QA Follow-up] Moving POD statement for CanBookBeIssued

The statement for head3 NB ('nota bene'?) looks like a hash key
in the list of possible return values for $needsconfirmation.
Moved it up and prefixed it with IMPORTANT.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 133e25c56ac79e0b88b89e3b749df338e63a93d0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 15438 - Checking out an on-hold item sends holder's borrowernumber in AF (screen...
Colin Campbell [Wed, 24 Aug 2016 12:52:52 +0000 (13:52 +0100)]
Bug 15438 - Checking out an on-hold item sends holder's borrowernumber in AF (screen message) field.

The returns from C4::Circulation::CanBookBeIssued used
to be structured as a hashref of entries like
   REASON => {
       data => 'foo',
       moredata => 'bar',
   };
Some entries still are. But many are now
   REASON => 1,
   data   => 'foo',
   moredata => 'bar',

The sip Checkout routine still assumed the former, as it
reports any causes it was not aware of (to maintain support for
a changing api) The data fields could leak into the screen message
field of the response. e.g. the borrowernumber or surname of the
borrower who has a hold on an issued title. Some real messages were
getting obscured by this

This patch sanatizes the return from from CanBookBeIssued
by removing keys which are not all uppercase
It also fixes a case where the key's data element was used
for the screen message when we should use the key itself

Updated the documentation of CanBookBeIssued to flag up
the assumption re case and the fact that 3 elements rather
than two may be returned

The loop through the returned keys was a bit bogus
so we now explicitly jump out if noerror is unset

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested quite extensively. Test results put on Bugzilla.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4d223bdc6156fab0667867f3990854fddfab5684)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19332 - Basket grouping PDF and CSV exports empty
Dobrica Pavlinusic [Mon, 18 Sep 2017 15:37:21 +0000 (17:37 +0200)]
Bug 19332 - Basket grouping PDF and CSV exports empty

This bug was introduced in commit 2bf3ce268de6bc8b2386cfb5d768f60b05d75f44
Bug 17196: [QA Follow-up] Additional fix on acqui/basketgroup

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19127: (follow-up) Stored XSS in csv-profiles.pl
Jonathan Druart [Tue, 12 Sep 2017 14:21:27 +0000 (11:21 -0300)]
Bug 19127: (follow-up) Stored XSS in csv-profiles.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 52b41dfdf0ec03c24dd970b80e4f153f64702e30)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19127 - Stored XSS in csv-profiles.pl
Amit Gupta [Wed, 16 Aug 2017 12:26:17 +0000 (17:56 +0530)]
Bug 19127 - Stored XSS in csv-profiles.pl

To Test
1. Hit the page /cgi-bin/koha/tools/csv-profiles.pl?op=add_form
2. Add a text in the field Profile name, Profile description
   and Profile MARC fields that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7a3ee2dd8cb233d083d8a7b8636eca7c6d518b8b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19108: (follow-up) Stored XSS in biblio_framework.pl
Jonathan Druart [Tue, 12 Sep 2017 14:06:11 +0000 (11:06 -0300)]
Bug 19108: (follow-up) Stored XSS in biblio_framework.pl

Prevent software error
Template process failed: undef error - text: filter not found at
/home/vagrant/kohaclone/C4/Templates.pm line 121.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f904b019f77cd19ca0373f9635811a634ac73321)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19108 - Follow-up - fieldmapping.tt and items_search_fields.tt
Katrin Fischer [Wed, 16 Aug 2017 11:52:07 +0000 (13:52 +0200)]
Bug 19108 - Follow-up - fieldmapping.tt and items_search_fields.tt

To test:
- Add a framework with script in the description
- Access the Keywords to MARC mapping page
- Add an item search field where both name and label are script
- Try to edit/delete the added mapping

With the patch no script should be executed and everything
should still work ok.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 1649be1e9f510543f85b9e3a22af88ae8c6bfb9c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19108 - Stored XSS in biblio_framework.pl and marctagstructure.pl
Amit Gupta [Tue, 15 Aug 2017 09:07:50 +0000 (14:37 +0530)]
Bug 19108 - Stored XSS in biblio_framework.pl and marctagstructure.pl

To Test
1. Hit the page /cgi-bin/koha/admin/biblio_framework.pl?op=add_form
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Click on Actions -> MARC structure
6. Apply patch and reload, the js is escaped

Fixed for both the pages biblio_framework.pl and marctagstructure.pl

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 29ab5517f5c8cfbc86b98c3197846d005007cc12)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19108 - Stored XSS in fieldmapping.pl
Amit Gupta [Tue, 15 Aug 2017 08:40:43 +0000 (14:10 +0530)]
Bug 19108 - Stored XSS in fieldmapping.pl

To Test
1. Hit the page /cgi-bin/koha/admin/fieldmapping.pl
2. Add a text in the field Field name that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 77ddae74d661fb589d74bd85f5561fdd4131af70)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19108 - Stored XSS in authtypes.pl
Amit Gupta [Tue, 15 Aug 2017 08:36:47 +0000 (14:06 +0530)]
Bug 19108 - Stored XSS in authtypes.pl

To Test
1. Hit the page /cgi-bin/koha/admin/authtypes.pl?op=add_form
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit bc780f588bc908f8b1d0da8987b20914996d942c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19108 - Stored XSS in classsources.pl
Amit Gupta [Tue, 15 Aug 2017 08:25:45 +0000 (13:55 +0530)]
Bug 19108 - Stored XSS in classsources.pl

Fixed for both Classification sources & Classification filing rules

To Test
1. first case classification source: Hit the page
   /cgi-bin/koha/admin/classsources.pl?op=add_source
   second case classification filing rules:
   Hit the page /cgi-bin/koha/admin/classsources.pl?op=add_sort_rule
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 940c8634914b50940cfaf73af3611e6282d5803f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19108 - Stored XSS in items_search_fields.pl
Amit Gupta [Tue, 15 Aug 2017 08:19:10 +0000 (13:49 +0530)]
Bug 19108 - Stored XSS in items_search_fields.pl

To Test
1. Hit the page /cgi-bin/koha/admin/items_search_fields.pl
2. Add a text in the field Name and Label that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped

Fixed for new and edit page

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 063fd5e1b9e086c57987fae408b4ce6e51fec2b9)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19108 - Stored XSS in oai_sets.pl
Amit Gupta [Tue, 15 Aug 2017 08:03:57 +0000 (13:33 +0530)]
Bug 19108 - Stored XSS in oai_sets.pl

To Test
1. Hit the page /cgi-bin/koha/admin/oai_sets.pl
2. Click on New set
3. Add a text in the field setSpec, setName that contains js
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 10d3a8c212f8a45e40cd2644f94d555566a10018)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19103 - Stored XSS in matching-rules.pl
Amit Gupta [Tue, 15 Aug 2017 04:45:54 +0000 (10:15 +0530)]
Bug 19103 - Stored XSS in matching-rules.pl

To Test
1. Hit the page /cgi-bin/koha/admin/matching-rules.pl
2. Click on new record matching rule
3. Add a text in the field Description that contain js.
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 9222cd77d282affffba43a40a9ff2f768647501e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19103 - Stored XSS in patron-attr-types.pl
Amit Gupta [Tue, 15 Aug 2017 04:37:45 +0000 (10:07 +0530)]
Bug 19103 - Stored XSS in patron-attr-types.pl

To Test
1. Hit the page /cgi-bin/koha/admin/patron-attr-types.pl
2. Click on new patron attribute type
2. Add a text in the field Description that contain js.
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit cb0c3da4b6cec991194ce91e6412cf9d50562044)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19103: (follow-up) Stored XSS in itemtypes.pl
Jonathan Druart [Tue, 12 Sep 2017 13:58:24 +0000 (10:58 -0300)]
Bug 19103: (follow-up) Stored XSS in itemtypes.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit c221bc40a330a25d59097e94e962a4afcea011af)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19103 - Stored XSS in itemtypes.pl
Amit Gupta [Tue, 15 Aug 2017 03:22:40 +0000 (08:52 +0530)]
Bug 19103 - Stored XSS in itemtypes.pl

To Test
1. Hit the page /cgi-bin/koha/admin/itemtypes.pl
2. Add a text in the field Description, Checkin message that contains js
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 18b5d4f1ababf560ff02a258de389f8c34cff9e4)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19128: XSS - admin/authorised_values.tt
Jonathan Druart [Tue, 12 Sep 2017 13:35:10 +0000 (10:35 -0300)]
Bug 19128: XSS - admin/authorised_values.tt

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit ad230cdcb5ad69541a89a4edaedcadde9d25b88a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19128 - XSS - patron-attr-types.tt, authorised_values.tt and categories.tt
Katrin Fischer [Wed, 16 Aug 2017 12:34:17 +0000 (14:34 +0200)]
Bug 19128 - XSS - patron-attr-types.tt, authorised_values.tt and categories.tt

Preparation:
- Add a branch with script in the branch name
- Add a patron category with script in the category name
- Add a new authorised value cateogory with script
- Add a new authroised value for this category with script
  in all possible fields

- Test editing patron categories
- Test editing patron attribute types
- Test viewing and editing authorised values

Verify that with this script there is no more script executed
and everything works fine.

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 6b7ad77fffd7a6c4b69bce5bf666c6ff4be76c5b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19125 - XSS - members.pl
Katrin Fischer [Wed, 16 Aug 2017 10:05:50 +0000 (12:05 +0200)]
Bug 19125 - XSS - members.pl

In preparation to test this patch:
- Add a patron list named <script>alert("patron list")</script>
- Add a library named <script>alert("library")</script>
- Add a patron category named <script>alert("patron category")</script>

To test:
- Access patron search page and do a search
- Verify that the alerts added above are executed
- Apply patch
- Verify that no alerts are displayed

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 849eaf73fc419b9a635a1ba4b69ef46a7544e55a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19086 - Follow-up - subscription-detail.pl
Katrin Fischer [Wed, 16 Aug 2017 11:07:18 +0000 (13:07 +0200)]
Bug 19086 - Follow-up - subscription-detail.pl

Add script to the callnumber field on adding a subscription.

Verify script is executed without this patch, but not with it.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 3ebcd2475dd35db47c33bcc59d5e75968667b518)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19086 - Follow-up - XSS in supplier.tt
Katrin Fischer [Wed, 16 Aug 2017 10:59:13 +0000 (12:59 +0200)]
Bug 19086 - Follow-up - XSS in supplier.tt

In preparation:
Make sure you enter <script>alert("sth")</script>
in all fields of a new vendor that are not validated
and save.

1) Access vendor summary page.
2) Verify scripts are executed
3) Apply patch
4) Verify scripts are on longer executed

This works in combination with the other patches for XSS
on this bug.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 14a1aba57cc091a70c527a0d6bd495d21bd87345)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19086 Stored XSS in subscription-add.pl
Amit Gupta [Mon, 14 Aug 2017 21:14:11 +0000 (02:44 +0530)]
Bug 19086 Stored XSS in subscription-add.pl

To Test
1. Hit the page /cgi-bin/koha/serials/subscription-add.pl
2. Add a text in the field Public note and Nonpublic note
   that contains js (Internalnotes, notes)
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit ebf781afc133508eddcb8dc8fb6d7429a72db99b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19086 Stored XSS in supplier.pl
Amit Gupta [Mon, 14 Aug 2017 21:03:59 +0000 (02:33 +0530)]
Bug 19086 Stored XSS in supplier.pl

1. Hit the page /cgi-bin/koha/acqui/supplier.pl?op=enter
2. Add a text in the field company_postal, physical, company_fax,
   accountnumber, contactposition, contact_fax, contact_notes, notes that contains java script
3. Save the page.
4. Notice js is execute
5. Apply patch and reload the js is escaped

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 9d0bbf5fa7455e0eb64288652802b0836cf22690)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19086 Stored XSS in circulation.pl
Chris Cormack [Fri, 11 Aug 2017 19:54:34 +0000 (19:54 +0000)]
Bug 19086 Stored XSS in circulation.pl

1/ To test add a message to a borrower that contains js
2/ hit /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number]
  where number is the borrowernumber of the borrower you set the message
  for
3/ Notice js is execute
4/ Apply patch, reload, js is escaped

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 80c93d3499b11f3574fbafe756f94c534b746d5a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19086 XSS in members/member.pl
Chris Cormack [Fri, 11 Aug 2017 19:36:43 +0000 (19:36 +0000)]
Bug 19086 XSS in members/member.pl

To test
1/ hit /cgi-bin/koha/members/member.pl?&searchmember=<script>alert('XSS Payload')</script>
2/ Notice js is executed
3/ Apply patch, reload
4/ js is now escaped

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 5ae18484b5a47e8a00ce8f1a0fd8b3db471947eb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18654 - Translatability: Get rid of tt directives starting with [%% in translatio...
Fridolin Somers [Tue, 12 Sep 2017 12:57:25 +0000 (14:57 +0200)]
Bug 18654 - Translatability: Get rid of tt directives starting with [%% in translation for itemsearch.tt

Followup correcting a typo of previous patch :
  name="holdingbranch" options = branche
it is branche[s]

Test plan :
- Look at 'Current location' in item search
=> Without patch you see only 'All libraries'
=> With patch you see 'All libraries' and each existing library, like in 'Home library'

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 889fabe9f28f3b6ef35fc36e73b12652f258510c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18654 - Translatability: Get rid of tt directives starting with [%% in translatio...
Marc Véron [Thu, 29 Jun 2017 13:22:54 +0000 (15:22 +0200)]
Bug 18654 - Translatability: Get rid of tt directives starting with [%% in translation for itemsearch.tt

This patch removes entries like the following in translations of itemsearch.tt:
"[%% INCLUDE form_field_select name=\"homebranch\" options = branches "
"empty_option = \"All libraries\" %%] [%% INCLUDE form_field_select name="
"\"holdingbranch\" options = branches empty_option = \"All libraries\" %%] %s "
"[%% INCLUDE form_field_select name=\"location\" options = locations "
"empty_option = \"All locations\" %%] %s "

New patch on top of Bug 18633 that resolves parts of initial comment.

To test:
- Verify that in itemsearch.tt no tt directives are splitted by new lines
  (search for [% INCLUDE )
- Verify that itemsearch.tt works as before

Followed test plan and verified that tt directives are not split by new
lines, the changes to the fieldset tags in comment 3 have been removed
and itemtype.tt still works correctly as before

Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 25fa02272d16c98d49a6020e867f60bc0510d960)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19023 - inventory tool performance
Fridolin Somers [Wed, 2 Aug 2017 09:21:58 +0000 (11:21 +0200)]
Bug 19023 - inventory tool performance

Inventory tool performance seems to be worst since 16.11.
I think it is because of authorized values computing changed by Bug 17249.

For each subfield of each item, we try to get the authorized value description with Koha::AuthorisedValues->search_by_marc_field.
But this method does not use cache like Koha::AuthorisedValues->get_description_by_koha_field.

I propose to use Koha::AuthorisedValues->get_description_by_koha_field and also to look for authorized value description only for item fields used in TT : location, notforloan, itemlost, damaged, withdrawn.

I have experimented inventory time on 100 items from 5s to 1s.

Test plan :
- Without patch
- Perform inventory with barcode file
- Check results and mesure execution time
- Apply patch
- Reperform inventory with same barcode file
- Check results is the same
- Compare execution time
- Run prove t/db_dependent/Items/GetItemsForInventory.t

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 95f1844e6c46ff51de9f95f99fcdf3369c756fd4)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19214: prevent crash if club_template_field is called in list context
Jonathan Druart [Thu, 7 Sep 2017 17:15:20 +0000 (14:15 -0300)]
Bug 19214: prevent crash if club_template_field is called in list context

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 6a9fafe3090333647244db99ccd39d53e51b781c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19214: Prevent crash if ->club or ->patron is called in list context
Aleisha Amohia [Wed, 30 Aug 2017 23:54:56 +0000 (23:54 +0000)]
Bug 19214: Prevent crash if ->club or ->patron is called in list context

To test:
1) Create a club template and a club.
2) Add a user to the club
3) Log in to the OPAC as that user
4) Go to 'your summary' and click the Clubs tab
5) Notice clubs do not load and a warn shows:
Template process failed: undef error - Cannot use "->find" in list
context at /home/vagrant/kohaclone/Koha/Club/Enrollment.pm line 62.
6) Go to the staff side and go to the member page of that user
7) Go to 'details' and click the Clubs tab
8) Notice clubs do not load and a warn shows:
Template process failed: undef error - Cannot use "->find" in list
context at /home/vagrant/kohaclone/Koha/Club/Enrollment.pm line 71.
9) Apply patch
1) Repeat steps 4-7, confirming the errors do not show and clubs info
loads correctly

Sponsored-by: Catalyst IT
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 594c48fb5b2c03f5d638d7115e42820294e32343)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18927: Use fully qualified subroutine names in C4::Items
Jonathan Druart [Mon, 4 Sep 2017 15:06:56 +0000 (12:06 -0300)]
Bug 18927: Use fully qualified subroutine names in C4::Items

rebuild_zebra.pl fails in some conditions (perl version?)
I do not recreate but it has been reported that reindex fails with:
  error retrieving biblio 94540 at /usr/share/koha/bin/migration_tools/rebuild_zebra.pl line 683, <DATA> line 751.

To fix it we can use fully qualified subroutine names for:
  GetMarcFromKohaField
  GetMarcBiblio
  GetBiblionumberFromItemnumber
  TransformKohaToMarc
  GetFrameworkCode

Test plan:
Confirm the rebuild_zebra script still works correctly after this patch

Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 2671eb2f93340e8fb3c794cff918d86c526cc47f)

7 years agoBug 19073: (bug 15758 follow-up) Dereference correct value from Koha::Object.
Alex Sassmannshausen [Thu, 10 Aug 2017 11:00:19 +0000 (13:00 +0200)]
Bug 19073: (bug 15758 follow-up) Dereference correct value from Koha::Object.

* tools/modborrowers.pl: Dereference 'branchcode' rather than
  'value'.

Test Plan:
- Carry out "Batch patron modification" with any number of patrons.
  + Change the library.
  + Hit Save.
- The library will not have been updated.
- Apply patch.
- Run same modification.
- The library will have been updated

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 8a328a20bf3a74268346104281688b2a81be80e6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19208 - Pay select option doesn't pay the selected fine
Kyle M Hall [Wed, 30 Aug 2017 14:35:03 +0000 (10:35 -0400)]
Bug 19208 - Pay select option doesn't pay the selected fine

The "Pay selected" option on the Fines tab in the borrower account page doesn't work as intended.
The fine on top of the list gets the amount deducted, even if another fine is choosen from the list.

Test Plan:
1) Create two or three fines, using the Create manual invoice function.
2) Choose one of the fines (not the one on the top) and click Pay selected
3) Pay a partial amount
4) Go back to the Pay fines tab an notice that the fine you selected has not changed. Instead, either the top fine or the total (see attachment) has ben affected.
5) Apply this patch
6) Repeat steps 1-3
7) Note the correct fine is paid

Signed-off-by: Andreas Hedström Mace <andreas.hedstrom.mace@sub.su.se>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 831d75d09c276f25f919cbdc16c8e4105fe8ddc9)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19194: Check itemtype is defined when receiving an order
Aleisha Amohia [Tue, 29 Aug 2017 04:51:40 +0000 (04:51 +0000)]
Bug 19194: Check itemtype is defined when receiving an order

To test:
1) Find a record with an item that has no itemtype (or remove the
itemtype of an item)
2) Go to Acquisitions -> Find a vendor or make a new one -> create a new
basket
3) Add the record from Step 1 to your basket
4) Close the basket
5) Go back to the vendor and click 'Receive shipments'
6) Put in an invoice number, click Next
7) Click the Receive link for your item
8) Confirm you see an internal server error
9) Apply the patch and refresh the page
10) The error should be gone and behaviour should continue as expected

Sponsored-by: Catalyst IT
Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 51a65731c0fa15c37351ce6bc478fa6dc63fc64f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19205 - Pay selected fine generates 500 error
Kyle M Hall [Wed, 30 Aug 2017 13:37:48 +0000 (09:37 -0400)]
Bug 19205 - Pay selected fine generates 500 error

Using the pay selected option from the borrowers account, to pay for one specific fine among other gives a 500 error, despite the payment going through.

Test Plan:
1) Add two fines using the Create manual invoice function.
2) Select one fine and "pay selected".
3) Pay a part of the amount.
4) Note error
5) Apply this patch
6) Repeat steps 1-3
7) No error!

Signed-off-by: Andreas Hedström Mace <andreas.hedstrom.mace@sub.su.se>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 86e8612c020cea44be123be45f2e503af38ef98b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18046: CAS logout infinite redirect
Chris Cormack [Tue, 1 Aug 2017 22:15:10 +0000 (10:15 +1200)]
Bug 18046: CAS logout infinite redirect

To test (You need a CAS server and CAS configured in Koha)

1/ Login using CAS in Koha
2/ Logout in Koha
3/ Notice you get redirected again and again
4/ Apply patch
5/ Login with CAS, then logout
6/ Notice logout works, but no longer infinitely redirected

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Patch has been in production use for several months
on several instances. Fixes a critical bug.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Looks like a typical workaround, but evidently works.
Not tested with CAS.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 13ca4962068b184f803b6588e53e39209a77f2b6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19163: Critical typo in stage-marc-import process
Marcel de Rooy [Tue, 22 Aug 2017 14:41:46 +0000 (16:41 +0200)]
Bug 19163: Critical typo in stage-marc-import process

Template says ISO2709 but script wants MARC or MARCXML..
Slipped in with bug 19049.
Trivial but critical fix.

Test plan:
Import a MARC file.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
I picked this fix because I think MARC is always ambiguous. ISO2709
clearly denotes the serialization format used.

Signed-off-by: Liz Rea <liz@catalyst.net.nz>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit af791d83e435587494fa04a45375f48a3e2ad236)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19067: Test Makefile.PL mapping
Jonathan Druart [Wed, 9 Aug 2017 15:59:20 +0000 (12:59 -0300)]
Bug 19067: Test Makefile.PL mapping

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 19eb17c7894c4d2d53ecfc1ad4e417aa86ab9410)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19067: Map clubs/ into INTRANET_CGI_DIR in Makefile.PL
Tomas Cohen Arazi [Wed, 9 Aug 2017 15:27:00 +0000 (12:27 -0300)]
Bug 19067: Map clubs/ into INTRANET_CGI_DIR in Makefile.PL

This patch adds the required entry in Makefile.PL so the clubs/ dir is correctly installed
during the make install step.

To test:
- Run:
  $ cd kohaclone
  $ perl Makefile.PL
- Follow any install method and options
- Run
  $ make
  $ ls blib/INTRANET_CGI_DIR/ | grep clubs
=> FAIL: No clubs dir
- Run:
  $ make clean
- Apply this patch
- Run:
   $ perl Makefile.PL
- Follow any install method and options
- Run
  $ make
  $ ls blib/INTRANET_CGI_DIR/ | grep clubs
=> SUCCESS: The clubs/ dir is correctly picked for inclussion in the intranet cgi dir
- Sign off :-D

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit e57b3a6c4d9bb6319f038909832281dd4a9e39e5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18900: wrong number format in receiving order
Fridolin Somers [Thu, 6 Jul 2017 06:48:18 +0000 (08:48 +0200)]
Bug 18900: wrong number format in receiving order

Bug 18471 added number formating in order receive.

I found a bug generated by this.
Koha::Number::Price defines methods to (un)format price depending on CurrencyFormat syspref.
The bug is that for CurrencyFormat US, some params are not defined in this module so there are retrieved from system locale. If system locale is not en_US, the params will be wrong. For example fr_FR will define ',' as decimal and so saved unit price is divided by 1000.

To recreate:
- On a server with locale 'fr_FR'
- With Plack mode
- Set CurrencyFormat on 'US'
- Open a basket
- Place an order for an item
- Close basket
- Receive order with changing 'Actual Cost' to '1,234'
- Note the 'Actual Cost' is now '1.23'
- Run unit test t/Number/Price.t without and with patch

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit e35903574ce666bca32eb4676f311b99bb268ec2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18900: (QA followup) Make tests conditional to locale existence
Tomas Cohen Arazi [Wed, 9 Aug 2017 15:01:17 +0000 (12:01 -0300)]
Bug 18900: (QA followup) Make tests conditional to locale existence

It is important to highlight that tests have been skipped instead of having them pass
on the absence of the required fr_FR.UTF-8 locale installed on the system.

This patch does that check and effectively skips them.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 61f2ec769073709be3b688654ec355b3f4fbe522)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18900: add UT to Number/Price.t
Fridolin Somers [Thu, 6 Jul 2017 06:44:51 +0000 (08:44 +0200)]
Bug 18900: add UT to Number/Price.t

This patch adds unit tests to t/Number/Price.t in order to valid the problem.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 91dee226cdd089353dc71e559aa9e0b34fddf72e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18906: Display all funds the logged in user can use
Jonathan Druart [Thu, 6 Jul 2017 21:10:10 +0000 (18:10 -0300)]
Bug 18906: Display all funds the logged in user can use

There are complex conditions to know if a librarian can use a fund, we
cannot do that with a SQL query, we need to use C4::Budgets::CanUserUseBudget

When this patch is applied then all funds are visible to both
superlibrarian patrons and patrons with all acq permissions

Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 19a7b498e1f4355ab1e4ee0adb5db299613f3f5c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18898 - Some permissions for Reports can be bypassed
David Cook [Thu, 27 Jul 2017 01:58:28 +0000 (11:58 +1000)]
Bug 18898 - Some permissions for Reports can be bypassed

If you manually visit the following links when you only have
permission to run reports, you'll still be able to access the ability
to create and edit reports:

/cgi-bin/koha/reports/guided_reports.pl?phase=Create%20report%20from%20SQL
/cgi-bin/koha/reports/guided_reports.pl?phase=Edit%20SQL

This patch ties these 2 unaccounted for phases to the create_reports
permission.

With patch, issue no longer can be reproduced.
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 2fdfbaf0ddbf214c0efb9a3a3c2595a54517f795)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 17827 - Untranslatable "by" in MARC21slim2intranetResults.xsl
Serhij Dubyk {Сергій Дубик} [Tue, 22 Aug 2017 14:19:32 +0000 (17:19 +0300)]
Bug 17827 - Untranslatable "by" in MARC21slim2intranetResults.xsl

Signed-off-by: Serhij Dubyk {Сергій Дубик} <serhijdubyk@gmail.com>
The "by" after the title was not translatable in the result
lists of the intranet. This patch fixes it by removing
a comment, that caused a problem with the translation
scripts.

To test:
Test:

Before this patch in file en-GB-marc-MARC21.po present next paragraph:

msgid "by "
msgstr " by "

According string "by " in the file MARC21slim2intranetResults.xsl can not be translated (in other languages).

After applying this patch performed next command:
cd /usr/share/koha/misc/translator
sudo env KOHA_CONF=/etc/koha/sites/mykohainstance/koha-conf.xml PERL5LIB=/usr/share/koha/lib perl -I /usr/share/koha/lib "./translate" update

Now in the file en-GB-marc-MARC21.po present the following (modified) paragraph:

msgid "by "
msgstr " by "

https://bugs.koha-community.org/show_bug.cgi?id=17827
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d5ea914f4dc41f78dbb3a59f894f6ecbb9a1afa4)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18778 - Translatability: Get rid of tt directive in translation for item-status.inc
Marc Véron [Mon, 12 Jun 2017 05:48:57 +0000 (07:48 +0200)]
Bug 18778 - Translatability: Get rid of tt directive in translation for item-status.inc

The file opac-tmpl/bootstrap/en/includes/item-status.inc exposes a template directive where translators should not be confronted with.

"%s %s [%%#- This include takes two parameters: an item structure and an "
"optional loan (issue) structure. The issue structure is used by course "
"reserves pages, which do not use an API to fetch items that populates item."
"datedue. -%%] %s %s %s %s "

This patch fixes new lines inside a tt directive (comment).
It is merely a string patch.

To test:
Verify that the code changes make sense.
(Bonus test: create a new language 'aa-AA', verify that line above does not
show up in aa-AA-opac-bootstrap.po)

NOTE: Followed test plan similar to bug 18776 comment 3.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit c8551645d5bdd3e6fb5b7e03280521a2fbaef636)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18660: Translatability: Get rid of template directives [%% in translation for...
Marc Véron [Tue, 23 May 2017 15:09:49 +0000 (17:09 +0200)]
Bug 18660: Translatability: Get rid of template directives [%% in translation for patroncards-errors.inc

Translation for koha-tmpl/intranet-tmpl/prog/en/includes/patroncards-errors.inc
contains a lot of (partial) template directives like:
%%]%s %sLayout: [%%

This patch fixes it

To test:
- Verify that code changes make sense
- Apply patch
- Create a translation (cd misc/translator , then: perl translate create aa-AA
- Verify that in po/aa-AA-staff-prog.po contains no fragments like %%] or [%%
  for patroncards-errors.inc
- Try to get an error: Try a link like
  http://[YOUR SERVER]/cgi-bin/koha/patroncards/create-pdf.pl?batch_id=1&template_id=999&layout_id=999&start_card=1
  ...where template_id and layout_id do not exist

(Amended for comment #2 2017-06-05 mv)
(Amended for comment #6 2017-08-02 mv)

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7e39bbc61aedd6383f4d6a1b4728711c6922e877)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18652: Get rid of tt directive in translation for uncertainprice.tt
Marc Véron [Mon, 22 May 2017 19:09:06 +0000 (21:09 +0200)]
Bug 18652: Get rid of tt directive in translation for uncertainprice.tt

Translation tool shows toe following for ncertainprice.tt
0; url=[% scriptname %]?booksellerid=[% booksellerid %]

This patch fixes it.

To test:
- Apply patch
- Verify that code change makes sense
- Verify that Home > Acquisitions > [vendor] > Uncertain prices for [vendor]
  works as before

- Additional test (for a langunage 'aa-AA')
  perl translate create aa-AA
  verify that line 41 no longer appears in aa-AA-staff-prog.po

Amended to switch from BLOCK to a template variable, see comment #5

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 2ee82801c7a8686523f9c5e95b0f43d44e52e4ab)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18649: Translatability: Get rid of tt directive in translation for admin/categori...
Marc Véron [Fri, 4 Aug 2017 08:52:13 +0000 (10:52 +0200)]
Bug 18649: Translatability: Get rid of tt directive in translation for admin/categories.tt and onboardingstep2.tt

New patch without trailing IF construction in tt directives as
requested in comment #28

To test: Verify that translation tool no longer shows tt directives as
described in comment #1

New patch, needs SO.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 79338bde3e01708fe331a54745f45c620c121805)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18921: Resolve a few warnings in C4/XSLT.pm
Marcel de Rooy [Mon, 10 Jul 2017 12:15:09 +0000 (14:15 +0200)]
Bug 18921: Resolve a few warnings in C4/XSLT.pm

Resolves warnings like:

Use of uninitialized value in hash element at C4/XSLT.pm line 262.
Use of uninitialized value in numeric eq (==) at C4/XSLT.pm line 267.
Use of uninitialized value $status in concatenation (.) or string at C4/XSLT.pm line 300.

Note: Line numbers are not exactly the same anymore.

Test plan:
[1] Enable XSLT view in OPAC
[2] Without this patch, you will probably have some of these warnings when
    doing some opac searches.
[3] Apply this patch. Check the logs again.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 5f989a81dff29db78620057d70ed864b32486bc0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 18919: Repair "Transaction branch" in cash_register_stats.pl
Baptiste Wojtkowski [Mon, 10 Jul 2017 08:11:33 +0000 (08:11 +0000)]
Bug 18919: Repair "Transaction branch" in cash_register_stats.pl

- values of the option fields are now correctly loaded

TEST PLAN:
go to domain/cgi-bin/koha/reports/cash_register_stats.pl
1 - Make a report for all branches => it works
2 - Make a report for any branch => you will get the same or no result
3 - apply patch
4 - Repeat 2 => it should work

Followed test plan worked as intended
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7b5457cd0f17173ae9ebca2e71696cc09709a910)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19049: [QA Follow-up] Mock config, default format
Marcel de Rooy [Fri, 11 Aug 2017 06:34:45 +0000 (08:34 +0200)]
Bug 19049: [QA Follow-up] Mock config, default format

As requested by QA:
[1] Mock_config enable_plugins in the test.
[2] Fallback to MARC when format is empty. Remove die statement.
Added:
[3] Remove $marc. This variable got obsolete during development.
[4] Add test on $input_file and $plugin_class. Test $text before calling
    Handler or processing $text. No need to split undef if somehow Handler
    returned undef, etc. If the routine returns an empty arrayref,
    stage-marc-import will do fine.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a423fcff42da05e9ebf9f2b4a2f192023346e93e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19049 [QA Followup] - Make plugin name first item in description
Kyle M Hall [Thu, 10 Aug 2017 13:02:37 +0000 (09:02 -0400)]
Bug 19049 [QA Followup] - Make plugin name first item in description

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d8f6315b6d9b1c7145f6036b55b7927f6d6e6e48)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19049: [Follow-up] Make sure that GetPlugins finds the plugin
Marcel de Rooy [Thu, 10 Aug 2017 11:02:23 +0000 (13:02 +0200)]
Bug 19049: [Follow-up] Make sure that GetPlugins finds the plugin

We have to mock_config the pluginsdir before Plugins is loaded, and
we should pass an absolute path (not a relative one).
If you did not install the test to_marc plugin, this test would fail.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Verified patch is compatible with original KitchenSink to_marc plugin

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0987b135ea0bb8fbd4fc39643b19715dc6e3a1c8)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19049: Testing RecordsFromMarcPlugin with a to_marc plugin
Marcel de Rooy [Tue, 8 Aug 2017 12:51:41 +0000 (14:51 +0200)]
Bug 19049: Testing RecordsFromMarcPlugin with a to_marc plugin

This patch adds a simple to_marc plugin in t/Koha/Plugin that is used
in the added subtest in ImportBatch.t.

Test plan:
[1] Run t/db_dependent/ImportBatch.t
[2] Copy the to_marc test plugin from t to your plugin directory.
    Under Debian packages, you should do something like:
    mkdir -p /var/lib/koha/master/plugins/Koha/Plugin/
    cp [yourclone]/t/Koha/Plugin/MarcFieldValues.pm /var/lib/koha/master/plugins/Koha/Plugin/
[3] Check if you see this plugin on plugins/plugins-home.pl
[4] Create a text file with some fields like:
    (Note: The plugin needs an empty line between both "records".)
    100,a = Test Author 1
    245,a = Title One

    100,a = Author 2
    245,a = Title Two
[5] Go to stage-marc-import.pl. Upload the created file. Select the plugin
    in the format combo and proceed. Did you create two records ?

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 83f60adbab8e96f0f14ec547029582623ac3a068)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19049: Fix regression on stage-marc-import with to_marc plugin
Marcel de Rooy [Mon, 7 Aug 2017 19:24:48 +0000 (21:24 +0200)]
Bug 19049: Fix regression on stage-marc-import with to_marc plugin

Bug 12412 added the use of to_marc plugins allowing arbitrary file formats
in stage-marc-import (as long as the plugins can handle them). The feature
was not very visible in the code, and when bug 10407 added the marcxml
format, it made some changes that broke the use of to_marc.

This patch restores the functionality by:
[1] Adding a sub RecordsFromMarcPlugin to ImportBatch.pm, specifically
    addressing the conversion from arbitrary formats to MARC::Record.
    The original to_marc interface is used: pass it the file contents,
    and it returns a string consisting of a number of MARC blobs separated
    by \x1D.
    Consequently, the call of to_marc is removed from routine
    BatchStageMarcRecords where it did not belong. The to_marc_plugin
    parameter is removed and two calls are adjusted accordingly.
[2] Instead of a separate combo with plugins, the format combo contains
    MARC, MARCXML and optionally some plugin formats.
[3] The code in stage-marc-import.pl now clearly shows the three main
    format types: MARC, MARCXML or plugin based.

Note: This patch restores more or less the situation after bug 12412, but
I would actually recommend to have the to_marc plugins return MARC::Record
objects instead of large text strings. In the second example I added a
to_marc plugin that actually converts MARC record objects to string format,
while RecordsFromMarcPlugin reconverts them to MARC::Records.

Test plan:
See second patch.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d24568b67256fab79b42ead54302c76d1c9653d7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
7 years agoBug 19053: Keep auto_renew flag if a confirmation is needed
Jonathan Druart [Mon, 7 Aug 2017 16:50:32 +0000 (13:50 -0300)]
Bug 19053: Keep auto_renew flag if a confirmation is needed

If an item is checked out with the auto renewal flag and a confirmation
is needed (holds exist, past due date, etc.) the auto renewal flag will
get lost.

Test plan:
- Check an item out and specify a past due date
- Confirm the checkout on the confirmation screen
=> Without this patch the checkout is not marked as auto renewal
=> With this patch applied the auto renewal flag will be set to the
checkout

Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 3808dbc1d22b3adc43a09ba7ce00aaca01f95f5a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>