]> git.koha-community.org Git - koha.git/log
koha.git
2 years agoBug 29495: Fix TestBuilder.t
Jonathan Druart [Tue, 18 Jan 2022 15:01:00 +0000 (16:01 +0100)]
Bug 29495: Fix TestBuilder.t

Value not allowed for auto_incr issue_id in Issue at /kohadevbox/koha/t/lib/TestBuilder.pm line 387.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29495: Update relationship methods
Martin Renvoize [Thu, 18 Nov 2021 07:43:44 +0000 (07:43 +0000)]
Bug 29495: Update relationship methods

This patch updates the relationship methods found in
Koha::Checkouts::ReturnClaim so that they are prefetchable and embeddable on
the API.

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29495: Add code level constraint replacement
Martin Renvoize [Wed, 17 Nov 2021 10:27:38 +0000 (10:27 +0000)]
Bug 29495: Add code level constraint replacement

This patch adds a check in Koha::Checkouts::ReturnClaim::store to
replace the database level foreign key check.

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29495: Add DBIC relationships back into Schema
Martin Renvoize [Wed, 17 Nov 2021 10:10:18 +0000 (10:10 +0000)]
Bug 29495: Add DBIC relationships back into Schema

This patch adds the relationship accessors back into the affected Schema
classes, now below the fold so they are retained during dbic rebuilds.

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29495: DBIC Schema Rebuild
Martin Renvoize [Wed, 17 Nov 2021 10:01:47 +0000 (10:01 +0000)]
Bug 29495: DBIC Schema Rebuild

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29495: Drop issue_id constraint from return_claims
Martin Renvoize [Wed, 17 Nov 2021 09:56:48 +0000 (09:56 +0000)]
Bug 29495: Drop issue_id constraint from return_claims

This patch removes the issue_id constraint from return_claims.

Due to the nature of our dual table approach to checkouts/old_checkouts
we can't safely hae this constraint and not lose data.  Prior to this
commit, when an item is checked in we move the checkout from checkouts
to old_checkouts.. this therefore triggers the delete of the issue_id
from the return_claims table as described by the foreign key constraint.

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29495: Unit Tests
Martin Renvoize [Mon, 22 Nov 2021 16:30:13 +0000 (16:30 +0000)]
Bug 29495: Unit Tests

Test plan
1. Run updated tests prior to applying new patches.. pass
2. Run updated tests after applying new patches.. pass

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29570: Simplify for loop
Jonathan Druart [Tue, 8 Feb 2022 16:35:27 +0000 (17:35 +0100)]
Bug 29570: Simplify for loop

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit dbf8c63cdd3eccc0490e014f46fe9d21646cca67)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29570: Enable sorting orders by summary
Tomas Cohen Arazi [Wed, 2 Feb 2022 20:10:36 +0000 (17:10 -0300)]
Bug 29570: Enable sorting orders by summary

This patch enables (on receiving) sorting orders by the summary column.
It needs the previous patches to work. Title is given more precedence as
expressed by users on the bug report. Which, by the way, makes sense.

To test:
1. Create a basket
2. Create orders
3. Close basket
4. Receive shipment
5. Enter invoice information
=> SUCCESS: You should see your pending orders
=> FAIL: Verify the 'Summary' column is not sortable
7. Apply this patches
8. Restart Plack
9. Reload the page
=> SUCCESS: Can sort by the summary column
10. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 69bd39f9ca492fa6db0ca056d2f15458eb5b2f1d)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29570: Fix sorting orders by biblioitems columns
Tomas Cohen Arazi [Wed, 2 Feb 2022 20:04:08 +0000 (17:04 -0300)]
Bug 29570: Fix sorting orders by biblioitems columns

The API representation of Koha::Biblio objects includes the
biblioitems.* columns too. This proved problematic as queries had to get
translated so they work (i.e. if a query passes q={"biblio.ean":"123%"}
then the query needs to be tweaked so biblio.ean is translated into
biblio.biblioitem.ean. This is solved, locally, in the controller.

But sorting needs the same kind of tweak, and it was missing. This patch
solves that by doing a similar conversion.

To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/acquisitions_orders.t
=> FAIL: Tests fail, searching on a 'biblioitems' column generates a 500
error.
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! We can sort on those fields
5. Sign off :-D

Note: you will notice the tests only cover sorting by ISBN. I consider
it enough as sorting is a DB problem, and we only want to know if the
generated ORDER BY is valid for the underlying query, and MySQL would
complain if it wasn't the case.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit d3dc05279cb5c3a38428aaf83d8645d38d2fe180)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29570: Regression tests
Tomas Cohen Arazi [Wed, 2 Feb 2022 19:29:00 +0000 (16:29 -0300)]
Bug 29570: Regression tests

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 8c269f09a840595c6312bb76c79605b4f520779f)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29840: Deal with non-existing biblionumber in opac-reserve
Jonathan Druart [Mon, 10 Jan 2022 13:02:49 +0000 (14:02 +0100)]
Bug 29840: Deal with non-existing biblionumber in opac-reserve

We should not explode if the biblionumber passed in not in DB.

Test plan:
Hit /cgi-bin/koha/opac-reserve.pl?biblionumber=42424
and notice the error message.

Without this patch you got
Can't call method "holds" on an undefined value at
/kohadevbox/koha/opac/opac-reserve.pl line 172

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 89be96b35d0556c54aece53cf4bc46956138150a)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29838: Fix string interpolation in ImportBatch.t
Jonathan Druart [Mon, 10 Jan 2022 10:34:27 +0000 (11:34 +0100)]
Bug 29838: Fix string interpolation in ImportBatch.t

Test plan:
Tests should return green

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 5525498eb390f3e2f238c856eeddef5ac8a5ad7b)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29646: (RM follow-up) Add space before colon
Fridolin Somers [Sat, 22 Jan 2022 00:58:42 +0000 (14:58 -1000)]
Bug 29646: (RM follow-up) Add space before colon

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 9eedc98d5579ea48282fd02b140b8e9f9e374748)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29646: Fix undefined category crash in opac-password-recovery
Marcel de Rooy [Mon, 6 Dec 2021 08:31:48 +0000 (08:31 +0000)]
Bug 29646: Fix undefined category crash in opac-password-recovery

The crash is a result of a not found borrower. This is typically
a bad or repeated recovery attempt.

Test plan:
Do a password recovery.
Use the mailed URL twice.
Without this patch, the second attempt crashes.
With this patch, the second attempt shows an error dialog.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 0c3cede046dd8cf68e238eb79aca3eea0925033a)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 11750: (QA follow-up) Remove unconditional warn
Katrin Fischer [Sat, 8 Jan 2022 23:05:00 +0000 (23:05 +0000)]
Bug 11750: (QA follow-up) Remove unconditional warn

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit aaa966c96de807386f99d6598c2cbe5dcb8bdd0f)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 11750: Hide patron's attributes on overdue list if needed
Jonathan Druart [Thu, 19 Aug 2021 12:01:17 +0000 (14:01 +0200)]
Bug 11750: Hide patron's attributes on overdue list if needed

If a patron's attributes is limited to some libraries, we must apply
this limit on the overdue list view.

Test plan:
1. Create the following patron attributes:
A that is not searchable
B is searchable and does not have library limitation
C is searchable and is limited to another library than yours
2. On the right part of the overdue list view you must see B only
Without this patch C is displayed as well.

Signed-off-by: The Minh Luong <the-minh.luong@inlibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 278b8b2d9783b5c0cf99ce5397fbd760e354c107)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29764: Fix incorrect EmbedItems RecordProcessor filter POD
Tomas Cohen Arazi [Thu, 23 Dec 2021 11:41:33 +0000 (08:41 -0300)]
Bug 29764: Fix incorrect EmbedItems RecordProcessor filter POD

This patch makes the usage POD for the EmbedItems filter actually be
usable. The filter is used in opac-ISBDdetail.pl and the POD is updated
to how it is used there.

Not much to test.

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 47c01f0b8a181a2d6f31478d08d9a3ee728e7fe4)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29806: (follow-up) Call ->as_list for ->pickup_locations on request.pl
Jonathan Druart [Fri, 7 Jan 2022 14:54:16 +0000 (15:54 +0100)]
Bug 29806: (follow-up) Call ->as_list for ->pickup_locations on request.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 07fdde5d98e5bf08280e523dbd3926811bcba325)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29806: Fix POST /holds use of pickup_locations
Tomas Cohen Arazi [Thu, 6 Jan 2022 12:27:45 +0000 (09:27 -0300)]
Bug 29806: Fix POST /holds use of pickup_locations

This patch makes Koha::Item->pickup_locations and
Koha::Biblio->pickup_locations explicitly call ->as_list in list
context. This way we workaround bug 28871.

To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Tests fail, the route gives a 500 (unhandled exception)
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass, the route correctly returns a 400 with a
message about the pickup location being invalid
5. Sign off :-D

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 78b5f207cbe8eeb41d6a7ce10944a6e56100bb83)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29806: Call ->as_list for ->pickup_locations on request.pl
Tomas Cohen Arazi [Thu, 6 Jan 2022 12:22:05 +0000 (09:22 -0300)]
Bug 29806: Call ->as_list for ->pickup_locations on request.pl

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 6812dd0b72a0ae8529f6191d15ba68e3707fffc5)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29806: Regression tests
Tomas Cohen Arazi [Thu, 6 Jan 2022 12:27:28 +0000 (09:27 -0300)]
Bug 29806: Regression tests

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 652ffefd451dac2e1ac0f69cb91879edb3b0eed6)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29807: Make Branches plugin handle empty pickup locations list
Tomas Cohen Arazi [Thu, 6 Jan 2022 11:53:30 +0000 (08:53 -0300)]
Bug 29807: Make Branches plugin handle empty pickup locations list

This patch makes the plugin handle empty Koha::Biblio->pickup_locations
and Koha::Item->pickup_locations correctly.

It does so by explicitly calling ->as_list. It also restores the logic
that was changed by 6cd1ffab4e491349c99769018a7df33dc8a8aabf so, now
that ->empty is handled correctly, it doesn't return ALL the pickup
locations when the item/biblio doesn't have valid pickup locations.

To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Template/Plugin/Branches.t
=> FAIL: Awful error
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit d1ea769c7988e40425a7bf5c05cafb1c0e35344c)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29807: Regression tests
Tomas Cohen Arazi [Thu, 6 Jan 2022 11:53:01 +0000 (08:53 -0300)]
Bug 29807: Regression tests

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit d315010594701d2b54de8926ad1d12360f29405f)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 18320: Remove patroncards/edit-layout.pl warnings
Tomas Cohen Arazi [Thu, 23 Mar 2017 12:51:09 +0000 (09:51 -0300)]
Bug 18320: Remove patroncards/edit-layout.pl warnings

This patch removes warnings generated by the script itself.

To test:
- Go to Tools › Patron card creator › Manage layouts and
        Tools › Patron card creator › New layout
- Add a new layout, adit existing.
=> FAIL: Warnings logged by edit-layout.pl
- Apply this patch
- Go to Tools › Patron card creator › Manage layouts and
        Tools › Patron card creator › New layout
- Add a new layout, adit existing.
=> SUCCESS: No warnings generated by edit-layout.pl
- Sign off :-D

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit b2a7b8f310fe617b8e19d3bfe14c440df8258d98)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29336: Update DBIC
Andrew Fuerste-Henry [Wed, 16 Feb 2022 16:58:51 +0000 (16:58 +0000)]
Bug 29336: Update DBIC

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29336: DBRev 21.05.10.001
Andrew Fuerste-Henry [Wed, 16 Feb 2022 16:50:09 +0000 (16:50 +0000)]
Bug 29336: DBRev 21.05.10.001

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29336: Database revision
Marcel de Rooy [Thu, 28 Oct 2021 12:11:07 +0000 (12:11 +0000)]
Bug 29336: Database revision

Resizes the six fields identified earlier:

additional_fields.authorised_value_category 16=>32
auth_subfield_structure.authorised_value 10=>32
auth_tag_structure.authorised_value 10=>32
club_template_enrollment_fields.authorised_value_category 16=>32
club_template_fields.authorised_value_category 16=>32
marc_tag_structure.authorised_value 10=>32

Test plan:
Run dbrev, check database.
Bonus: Connect an AV category with a long name to a authority subfield.
Check if you see its values in the authority editor.
(This was the way I found the problem.)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 2652f299987879c6a71d65bcaaf1a5101008ddfb)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29336: Remove TODOs
Jonathan Druart [Fri, 7 Jan 2022 15:04:28 +0000 (16:04 +0100)]
Bug 29336: Remove TODOs

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit c3fcce1bcdc0b08fbd56a257501e4e7dccb11067)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29336: Identify the fields with wrong length (or name) first
Marcel de Rooy [Thu, 28 Oct 2021 11:45:39 +0000 (11:45 +0000)]
Bug 29336: Identify the fields with wrong length (or name) first

This report will fix the bad lengths first.
And mark the 'bad' names with a TODO for follow-up.
Bad name means: refers to value, should be category.
Scanning kohastructure.sql.

Note: Bug 29347 has been opened to fix the names.

Test plan:
Search for another AV category field with length<>32.
Bonus: Reinstall and check database.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit e9f0123b6d5a4bf705ac6bf0971ae053a8ef81de)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 28832: (QA follow-up) Tiny comment spelling fix
Martin Renvoize [Mon, 31 Jan 2022 10:20:57 +0000 (10:20 +0000)]
Bug 28832: (QA follow-up) Tiny comment spelling fix

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 28832: (follow-up) Don't remove false values, only empty strings
Nick Clemens [Wed, 24 Nov 2021 16:05:23 +0000 (16:05 +0000)]
Bug 28832: (follow-up) Don't remove false values, only empty strings

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 28832: (follow-up) Handle regex fields too
Nick Clemens [Mon, 20 Sep 2021 17:22:46 +0000 (17:22 +0000)]
Bug 28832: (follow-up) Handle regex fields too

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 28832: Don't batch modify fields that we don't update
Nick Clemens [Mon, 9 Aug 2021 16:28:16 +0000 (16:28 +0000)]
Bug 28832: Don't batch modify fields that we don't update

In bug 27837 we made sure to always pass through the permanent_location if it was passed in unlike
other fields which are not passed if they have no value.
During batch mod, however, fields that aren't editied have no value, so forcing permanent_location
to pass through forces blanking it.

This patch alters the script to only pass thgouhr for edit the fields that have been updated or
cleared.

To test:
 1 - In frameworks add a new subfield to 952, "C" - make it editable in items tab and visible in intranet/editor
 2 - In mappings map that subfield to items.permanent_location
 3 - Set an item to have differing shelving location and permanent_location
 4 - This saves correctly for an individual item
 5 - Edit the item using Tools->batch item modification, updating the note field
 6 - Note the permanet_location is removed
 7 - Check the DB, the field is set to NULL
 8 - Apply patch
 9 - Repeat
10 - Permanent location is not cleared
11 - Verify that clearing fields works as before, including permanent_location

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Deb Stephenson <dstephen@dubuque.lib.ia.us>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29758: Get rid of warning in members/boraccount.pl
Tomas Cohen Arazi [Thu, 23 Dec 2021 18:51:52 +0000 (15:51 -0300)]
Bug 29758: Get rid of warning in members/boraccount.pl

This patch removes a noisy warning found in production logs.

To test:
1. Run:
   $ tail -f /var/log/koha/kohadev/plack-intranet-error.log
2. Open the 'Accounting' tab for a patron, then click on 'Transactions'
=> FAIL: You see this kind of warning in the logs:

[WARN] CGI::param called in list context from...
3. Apply this patch
4. Repeat 2 (change tab and go back)
=> SUCCESS: No more warning!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 990eccdec3bc655e716fb7e1206fc032b8eb037f)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 18540: (QA follow-up) Only mention index_sort_title if defined
Tomas Cohen Arazi [Fri, 7 Jan 2022 13:44:30 +0000 (10:44 -0300)]
Bug 18540: (QA follow-up) Only mention index_sort_title if defined

This patch makes the generated xslt not mention index_sort_title unless
the entry is defined on the xml file. Otherwise there's a call to

<xslo:apply-templates mode="index_sort_title"/>

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit af9081f9e12ac1a3165e425a7991604a39b917fb)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 18540: Handle indexing sort title only when needed
Nick Clemens [Thu, 13 May 2021 16:34:38 +0000 (16:34 +0000)]
Bug 18540: Handle indexing sort title only when needed

This patch moves the code that generates the xsl for MARC21 biblio sorting
to it's own template that is only called when specified in the xml

To test:
 1 - xsltproc etc/zebradb/xsl/koha-indexdefs-to-zebra.xsl etc/zebradb/marc_defs/marc21/authorities/authority-koha-indexdefs.xml > etc/zebradb/marc_defs/marc21/authorities/authority-zebra-indexdefs.xsl
 2 - git diff
 3 - Note that authority-zebra-indexdefs.xsl now has 245 Title:s info
 4 - Apply patch
 5 - xsltproc etc/zebradb/xsl/koha-indexdefs-to-zebra.xsl etc/zebradb/marc_defs/marc21/authorities/authority-koha-indexdefs.xml > etc/zebradb/marc_defs/marc21/authorities/authority-zebra-indexdefs.xsl
 6 - git diff
 7 - There are lines added about title sort, but no 245 block
 8 - xsltproc etc/zebradb/xsl/koha-indexdefs-to-zebra.xsl etc/zebradb/marc_defs/marc21/biblios/biblio-koha-indexdefs.xml > etc/zebradb/marc_defs/marc21/biblios/biblio-zebra-indexdefs.xsl
 9 - git diff
10 - Note lines changes to ...title_sort
11 - 245 block does not change

Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit be8f0d8d3f44bb54ccea7fc7d7ef3ed1a2228b04)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29812: Add missing use C4::Context in Koha::Token
Jonathan Druart [Fri, 7 Jan 2022 10:29:47 +0000 (11:29 +0100)]
Bug 29812: Add missing use C4::Context in Koha::Token

Caused by bug 18124.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit ac2befeee9c375ee5632ed3b22f0341fdb7715a5)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29884: Run missing test in api/v1/patrons.t
Jonathan Druart [Fri, 14 Jan 2022 14:17:56 +0000 (15:17 +0100)]
Bug 29884: Run missing test in api/v1/patrons.t

compare is not calling is() or ok(), it's caller job to do it.

Test plan:
  prove t/db_dependent/api/v1/patrons.t
should still return green

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 28a2ea3ec04c4d7a78cbd7ab59f0a611e6b6d2d4)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29808: Do not receive transfer for checked out items
Nick Clemens [Thu, 6 Jan 2022 12:38:05 +0000 (12:38 +0000)]
Bug 29808: Do not receive transfer for checked out items

This patch adds a check to StockRotationItem->advance to check if an
item is checked out from the destination branch. If so, we do not receive the transfer

To test:
 1 - Enable StockRotation system preference
 2 - Browse to Tools->Stock rotation->New Rota and create a new rota, set as cyclical
 3 - Manage->stages and add two stages, each with 0 day duration
 4 - Manage->items - add an item
 5 - Checkout the item from the first branch of rotation
 6 - Tools->Stock rotation->Manage->items->move to next stage
 7 - Error:
    [Transfer item is currently checked out] at /usr/share/perl5/Exception/Class/Base.pm line 88
 8 - Check in the item at first branch
 9 - Checkout the item from the second stage branch
10 - Apply patch
11 - Tools->Stock rotation->Manage->items->move to next stage
12 - No error!
13 - Check in item at second branch
14 - Checkout from first branch
15 - Tools->Stock rotation->Manage->items->move to next stage
16 - Still no error!

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 92a15ba56d21bf01cc0b65620465f86fe522e3d5)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29808: Unit tests
Nick Clemens [Thu, 6 Jan 2022 12:28:23 +0000 (12:28 +0000)]
Bug 29808: Unit tests

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit a704096cd5a8e7d2f030d3d90673328cdba3261b)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29804: Fix Koha::Hold->is_pickup_location_valid exploding
Tomas Cohen Arazi [Thu, 6 Jan 2022 10:13:57 +0000 (07:13 -0300)]
Bug 29804: Fix Koha::Hold->is_pickup_location_valid exploding

This trivial patch acknowledges the fact bug 28871 is probably not going
to be pushed, and changes the method so  it, internally, uses
Koha::Item->pickup_locations and Koha::Biblio->pickup_locations in
scalar context.

This is probably the correct solution as the discussion on bug 28883
points towards the future removal of the use of wantarray altogether,
eventually.

To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Hold.t
=> FAIL: It explodes as we see in production, with:
The method Koha::Libraries->branchcode is not covered by tests!
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit db9bfb9450939e4335cb53a8068e11693e4b13d6)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29804: Regression tests
Tomas Cohen Arazi [Thu, 6 Jan 2022 10:11:02 +0000 (07:11 -0300)]
Bug 29804: Regression tests

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit ea601ed692648b9a8f7db31c79b587b64ec1010c)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29786: Select only specific items for item level holds
Nick Clemens [Tue, 4 Jan 2022 13:37:53 +0000 (13:37 +0000)]
Bug 29786: Select only specific items for item level holds

This patch adjusts get_items_that_can_fill to make two requests:
first the list of items for item-level holds
second the list of biblionumbers for title-level holds

This stops the report from pulling more items for item-level hold

This patch also removes the aliases used in the code - while readability
is a bit harder, it allows for using 'me' in get_items_that_can_fill
Otherwise, this routine would need a parameter to know what we called the table.

To test:
1 - Find a record with many items available
2 - Place an item level hold for an item on the record, not the one with lowest itemnumber
3 - Run 'Hold to pull' report
4 - Note the barcode does not match
5 - Apply patch
6 - Reload report
7 - It matches!

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 0ce4a042c3774a5006ae8ada8f802b953fcc0c5f)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29786: Unit tests
Nick Clemens [Tue, 4 Jan 2022 13:33:07 +0000 (13:33 +0000)]
Bug 29786: Unit tests

I add a new test for the case of an item level hold, and additionally
adjust later tests to use a title level hold.

I also fix a typo where the comment says item 1 when it means item 2

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 631b3d6693f7d49a86ec9c9a2a06e2be7c30b3e7)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Add tests for item-level_itypes=0
Jonathan Druart [Fri, 8 Oct 2021 13:05:39 +0000 (15:05 +0200)]
Bug 3142: Add tests for item-level_itypes=0

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f2c7c9430bb4a38b80e954599bc090dfb04f3674)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Handle biblio level item type
Jonathan Druart [Fri, 8 Oct 2021 10:03:41 +0000 (12:03 +0200)]
Bug 3142: Handle biblio level item type

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 1aa70c9bb6d20034a53e981741bc1848641209f2)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: (QA follow-up) Include notforloan itemtypes
Marcel de Rooy [Fri, 8 Oct 2021 09:10:22 +0000 (09:10 +0000)]
Bug 3142: (QA follow-up) Include notforloan itemtypes

As was done in the code already.
Note that we are ignoring effective itemtype now.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 05ddd7eede98f30368ab4debf4ac389c4b3ad13d)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: (QA follow-up) Cosmetic changes
Marcel de Rooy [Fri, 8 Oct 2021 08:31:52 +0000 (08:31 +0000)]
Bug 3142: (QA follow-up) Cosmetic changes

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 10b971c08b2b0d39e61548540a339710afc0fa22)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Add note about imprecision of filter_by_for_hold
Jonathan Druart [Tue, 5 Oct 2021 12:32:47 +0000 (14:32 +0200)]
Bug 3142: Add note about imprecision of filter_by_for_hold

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 064500bc9670e5a96d41bbd9cafe0061afb26471)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Add test for the circ rule
Jonathan Druart [Tue, 5 Oct 2021 12:30:49 +0000 (14:30 +0200)]
Bug 3142: Add test for the circ rule

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit bd438ff99d593fd42f995229b36548beeefdfeba)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Add tests
Jonathan Druart [Tue, 5 Oct 2021 12:17:22 +0000 (14:17 +0200)]
Bug 3142: Add tests

And fix a bug!

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 70a303a5de4c8b351b6be1c7b7b9553a4f1c62a3)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Use filter_by_for_holds where holdability is calculated
Jonathan Druart [Tue, 22 Jun 2021 13:49:45 +0000 (15:49 +0200)]
Bug 3142: Use filter_by_for_holds where holdability is calculated

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 1ad0e172cddce560afcc23579948d0c4a1eca71c)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Add itype
Jonathan Druart [Tue, 22 Jun 2021 13:43:10 +0000 (15:43 +0200)]
Bug 3142: Add itype

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a9b306fa7c98de6d5f25d15c55fd1d387e954343)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Exclude damaged items
Jonathan Druart [Tue, 22 Jun 2021 13:39:55 +0000 (15:39 +0200)]
Bug 3142: Exclude damaged items

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4d63e9be1848a3bebcc73f21a238f3990e50cf6f)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 3142: Add itemlost, withdrawn and notforloan
Jonathan Druart [Tue, 22 Jun 2021 13:38:29 +0000 (15:38 +0200)]
Bug 3142: Add itemlost, withdrawn and notforloan

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 31392f5fc25d037637758d67034cc4d932b10963)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 28932: Fix duplicate next_action & prev_action
Andrew Isherwood [Wed, 5 Jan 2022 13:00:10 +0000 (10:00 -0300)]
Bug 28932: Fix duplicate next_action & prev_action

This patch fixes the duplicate buttons issue.
To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Illrequests.t
=> FAIL: Tests fail
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 692804a49a59208b6726f48523bfb82e73671ddc)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 28932: Regression tests
Andrew Isherwood [Wed, 5 Jan 2022 13:02:22 +0000 (10:02 -0300)]
Bug 28932: Regression tests

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit cbac005968752ce5c473e9efb481183531cb7ddf)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29670: Fix EDI for AcqCreateItem = 'placing on order'
Martin Renvoize [Thu, 9 Dec 2021 13:55:41 +0000 (13:55 +0000)]
Bug 29670: Fix EDI for AcqCreateItem = 'placing on order'

The AcqCreatItem at order time functionality was broken by bug 27708.
This patch resolves that.

Test plan.
1) Run the newly created unit tests that prove both settings work

Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
(cherry picked from commit 960372b76ca0b42d8e22dde445402f4c9ba523dc)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29670: Unit tests
Martin Renvoize [Thu, 9 Dec 2021 16:04:55 +0000 (16:04 +0000)]
Bug 29670: Unit tests

This patch adds unit tests for Koha::Edifact::Order->order_line. We now
check that the message segments are created as expected for both the
'ordering' and not 'ordering' case for acquisitions item creation time.

Signed-off-by: Jonathan Field <jonathan.field@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
JD amended patch: spelling segement ==> segment

(cherry picked from commit 67bb6f7b95e848075534127116ead9e8820ac90f)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoUpdate release notes for 21.05.10 release v21.05.10
Andrew Fuerste-Henry [Wed, 9 Feb 2022 18:00:36 +0000 (18:00 +0000)]
Update release notes for 21.05.10 release

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoIncrement version number for 21.05.10 release
Andrew Fuerste-Henry [Wed, 9 Feb 2022 17:51:28 +0000 (17:51 +0000)]
Increment version number for 21.05.10 release

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 30065: Correct errors in updatedatabase
Andrew Fuerste-Henry [Wed, 9 Feb 2022 17:17:25 +0000 (17:17 +0000)]
Bug 30065: Correct errors in updatedatabase

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoUpdate release notes for 21.05.09 release v21.05.09
Andrew Fuerste-Henry [Mon, 31 Jan 2022 17:42:28 +0000 (17:42 +0000)]
Update release notes for 21.05.09 release

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoIncrement version for 21.05.09 release
Andrew Fuerste-Henry [Mon, 31 Jan 2022 17:22:24 +0000 (17:22 +0000)]
Increment version for 21.05.09 release

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoFix translations for Koha 21.05.09
Andrew Fuerste-Henry [Mon, 31 Jan 2022 16:57:37 +0000 (16:57 +0000)]
Fix translations for Koha 21.05.09

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoMerge remote-tracking branch 'translations/21.05.09-translate-20220131' into rmain2105
Andrew Fuerste-Henry [Mon, 31 Jan 2022 15:44:15 +0000 (15:44 +0000)]
Merge remote-tracking branch 'translations/21.05.09-translate-20220131' into rmain2105

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoTranslation updates for Koha 21.05.09
Koha translators [Mon, 31 Jan 2022 15:38:03 +0000 (12:38 -0300)]
Translation updates for Koha 21.05.09

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29464: Make GET /acquisitions/orders honour sorting
Tomas Cohen Arazi [Fri, 10 Dec 2021 13:17:45 +0000 (10:17 -0300)]
Bug 29464: Make GET /acquisitions/orders honour sorting

When bug 20212 was pushed, we lost (didn't dig enough to find out how)
the sorting feature for this route.

This is mainly because biblio+biblioitems filtering prevents the route
to use plain $c->objects->search, so it has baked a custom version of
it. In this case, it missed the call to the dbic_merge_sorting helper,
that takes care of reading the query parameters and inject the sorting
attributes to the resultset.

To test:
1. Apply the regression tests patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/api/v1/acquisitions_orders.t
=> FAIL: Tests fail, sorting doesn't actually work
3. Apply this patch
4. Repeat 2
=> SUCCESS: Sorting works!
5. Test sorting the pending orders on parcel.tt
6. Sign off :-D

Sponsored-by: ByWater Solutions
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2 years agoBug 29464: Regression tests
Tomas Cohen Arazi [Fri, 10 Dec 2021 13:15:42 +0000 (10:15 -0300)]
Bug 29464: Regression tests

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2 years agoBug 29541: Restrict access to patron's image to borrowers => * and circulate => *
Jonathan Druart [Mon, 22 Nov 2021 14:29:58 +0000 (15:29 +0100)]
Bug 29541: Restrict access to patron's image to borrowers => * and circulate => *

The patron images is displayed on the 'circulation' and 'members'
modules.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 years agoBug 29903: Prevent messages to be deleted from unauthorised users
Jonathan Druart [Wed, 19 Jan 2022 10:21:54 +0000 (11:21 +0100)]
Bug 29903: Prevent messages to be deleted from unauthorised users

The "Delete" link is hidden but the controller does not do the necessary checks.

/cgi-bin/koha/circ/del_message.pl?message_id=1&borrowernumber=5&from=moremember

Test plan:
Create a message, see the "Delete" link, don't click it but copy it
Change logged in library and use the link
If AllowAllMessageDeletion is off you should be redirected to 403

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29542: Prevent access to private list to non authorized users
Jonathan Druart [Wed, 5 Jan 2022 14:56:24 +0000 (15:56 +0100)]
Bug 29542: Prevent access to private list to non authorized users

The catalogue permission is not enough.

Test plan:
Create a private list owned by user A
Login with user B and hit (with XX the shelfid)
  /cgi-bin/koha/virtualshelves/sendshelf.pl?shelfid=XX

You should get an error message "You do not have sufficient permission
to continue."

Login with user A
=> You should be able to send the list

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29914: Remove 'Use of uninitialized value ' warnings
Jonathan Druart [Tue, 25 Jan 2022 10:57:01 +0000 (11:57 +0100)]
Bug 29914: Remove 'Use of uninitialized value ' warnings

(cherry picked from commit 68c11c517907912dd27bc9bd1fd3bcf699bb6f82)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 7d4fb54aead7133cdfd7400d3d5c8c06ad3d7034)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29914: (QA follow-up) Add comment to explain last case
Nick Clemens [Mon, 24 Jan 2022 14:23:29 +0000 (14:23 +0000)]
Bug 29914: (QA follow-up) Add comment to explain last case

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
JD amended patch: remove ref to line number

(cherry picked from commit a866722ae620f435c3c5e1933a83f7b82927c108)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 0886a2f1e607272feb2fa101f7616343a02223be)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29914: (QA follow-up) Expand tests to cover failure case before patches
Nick Clemens [Mon, 24 Jan 2022 14:19:24 +0000 (14:19 +0000)]
Bug 29914: (QA follow-up) Expand tests to cover failure case before patches

When asking for permissions we get 'failed', without we get 'ok'
Adding explicit checks for not 'ok'

Add a FIXME:
We should cover the case where we return 'failed' after changes, but that is a larger undertaking

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
(cherry picked from commit e956130f8f57d6204637015e57f362563041f984)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 723928fbc84b1552814e8111372e5fb1f850364e)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29914: Remove warn on timeout
Marcel de Rooy [Fri, 21 Jan 2022 10:50:59 +0000 (10:50 +0000)]
Bug 29914: Remove warn on timeout

The value of the system preference 'timeout' is not correct, defaulting to 600.

Caused by previous test. Actually an omission in another sub that
does not seem to support 10x.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit eea32e6c5d39f5ec506b5c6cc81b390fcb6f8c52)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 5653dabab18ac8ef0029fc3e486b26ada2ca8bbd)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29914: Add tests
Jonathan Druart [Fri, 21 Jan 2022 08:23:38 +0000 (09:23 +0100)]
Bug 29914: Add tests

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 3af901ae645a380d167fbc7b4e96bea892318d49)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 86abecb3c2690745035c6703681505e825a8eb9a)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29914: Make check_cookie_auth compare the userid
Jonathan Druart [Thu, 20 Jan 2022 09:10:05 +0000 (10:10 +0100)]
Bug 29914: Make check_cookie_auth compare the userid

check_cookie_auth is assuming that the user is authenticated if a cookie exists
and that the login/username exists in the DB.

So basically if you hit the login page, fill the login input with a
valid username, click "login"
=> A cookie will be generated, and the sessions table will contain a
line with this session id.
On the second hit, if the username is in the DB, it will be enough to be
considered authenticated.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 7114dc2fb1a1440dd031ee771efee6e50bb86540)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit be18dc19b8e84919416eab5cd43f4ed345fc280a)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29544: (QA follow-up) Simplify code
Tomas Cohen Arazi [Wed, 12 Jan 2022 12:43:48 +0000 (09:43 -0300)]
Bug 29544: (QA follow-up) Simplify code

I think this is a better approach for the same thing. Posting it just in
case it helps.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 191cf52da7e2829cba1206612f2dcfc21366a986)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29544: Fix opac-issue-note.pl
Jonathan Druart [Thu, 2 Dec 2021 08:04:14 +0000 (09:04 +0100)]
Bug 29544: Fix opac-issue-note.pl

We must check if logged in user is trying to modify one of their
checkouts

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit b8b4328ffddfbb03a4a9f0647bd0df6a79c4badd)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29544: Ensure logged in user is allowed to modify checkout note
Jonathan Druart [Mon, 22 Nov 2021 13:56:58 +0000 (14:56 +0100)]
Bug 29544: Ensure logged in user is allowed to modify checkout note

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 22d733e277a82ee6e707a5dd023d0317b15322a3)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29541: Prevent users from another group to access patron's images
Jonathan Druart [Mon, 6 Dec 2021 12:58:25 +0000 (13:58 +0100)]
Bug 29541: Prevent users from another group to access patron's images

We should respect group restrictions here.

Test plan:
Create a patron from another group of libraries and don't let them
access info from patrons outside of this group.
Access the following link and confirm that you can see the image only
for patrons from their group
  /cgi-bin/koha/members/patronimage.pl?borrowernumber=XX

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 09cb5e02e6fad7b0dd3137d925646d714444a704)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29540: Raise flagsrequired in modrequest
Marcel de Rooy [Mon, 22 Nov 2021 07:55:47 +0000 (07:55 +0000)]
Bug 29540: Raise flagsrequired in modrequest

Test plan:
Try modrequest with a user having only 'catalogue' perms and the following URLs:
[1] /cgi-bin/koha/reserve/modrequest.pl?reserve_id=XX&CancelBorrowerNumber=XX&CancelItemnumber=XX&biblionumber=XX
    Fill the XXs with correct identifiers for some item level hold.
[2] /cgi-bin/koha/reserve/modrequest_suspendall.pl?suspend=1&suspend_until=2021-12-01&borrowernumber=XX
    Fill the XX with borrowernumber for borrower that has pending holds.
You should see: Error: You do not have permission to access this page.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[AMENDED] More consensus for using reserveforothers than circulate_remaining.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 28735: Self-checkout users can access opac-user.pl for sco user when not using...
David Cook [Thu, 22 Jul 2021 06:34:20 +0000 (06:34 +0000)]
Bug 28735: Self-checkout users can access opac-user.pl for sco user when not using AutoSelfCheckID

This patch makes the sandboxing of the selfcheckout more robust by
adding a "sco_user" session variable which is turned on when
logging into the self-checkout (either by AutoSelfCheckAllowed or manually).

If a user with this session variable turned on tries to access
other parts of the system (like the rest of the OPAC), it will
"kick out", so that the browser user will lose the authenticated session.

Test plan:
1) Apply the patch
2) koha-plack --restart kohadev
3) Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
4) Note that you are logged into the self-checkout
     So you see the login screen specific to the self-checkout.
     To log with the actual patron. It's a nested auth.
5) Go to http://localhost:8080/cgi-bin/koha/opac-main.pl
6) Note that you are not logged into the OPAC
7) Log into the staff interface and disable the
system preference AutoSelfCheckAllowed
8) Log out of the staff interface (this step is very important)
9) Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
10) Note that you are prompted to log into Koha
11) Login using the "koha" user (when using koha-testing-docker)
12) Note that you are logged into the self-checkout
13) Go to http://localhost:8080/cgi-bin/koha/opac-main.pl
14) Note that you are not logged into the OPAC
      Without the patch you would still be logged as "koha"
15) Go back to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
16) Note that you will need to log in again as you've lost your
session cookie
      Without the patch you will still be logged in the self-checkout
Voila!

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 6d022889a2fac79c9148dd5f20c36f926d66065c)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 197dd5672abd3e7d72a4f212b75775be5f2b1c31)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29543: Set autocomplete off for SCO login fields
Nick Clemens [Wed, 5 Jan 2022 16:06:15 +0000 (16:06 +0000)]
Bug 29543: Set autocomplete off for SCO login fields

Cardnumber already had it set, adding for username and password

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 25856b460e3041c2a825c83d1abf0f48c77a9448)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit ed957156ddfde8cf831273469954a749ad95883d)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29543: Add Mojo::JWT dependency
Jonathan Druart [Wed, 5 Jan 2022 15:37:49 +0000 (16:37 +0100)]
Bug 29543: Add Mojo::JWT dependency

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit f07a666c2eb6338f1b450db9dcdc75cfb0d76601)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit eaa4c1112386340bab246c779d0fba0bf428c0bc)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29543: (follow-up) Add a warning to SelfCheckoutByLogin
Nick Clemens [Wed, 5 Jan 2022 15:29:41 +0000 (15:29 +0000)]
Bug 29543: (follow-up) Add a warning to SelfCheckoutByLogin

This updates the language to warn users of risk if using cardnumber for login and auto-self-check is enabled

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit b32dbaa9cfc43ddd9404a094a2d82c85936c0ba2)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 1c0581ba9db486e7479216193654b881de9ac3b2)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29543: Prevent user to checkin or renew items they don't own
Jonathan Druart [Wed, 5 Jan 2022 14:25:48 +0000 (15:25 +0100)]
Bug 29543: Prevent user to checkin or renew items they don't own

Checkin or renew must be restricted to the items they own.

Test plan:
Create an item with barcode bc_1
Check it in to user A
Login to SCO with user B
Get the token using the browser dev tool, from the cookie
Hit (replace $JWT)
    /cgi-bin/koha/sco/sco-main.pl?jwt=$JWT&op=renew&barcode=bc_1
    /cgi-bin/koha/sco/sco-main.pl?jwt=$JWT&op=returnbook&barcode=bc_1

You should see an error message

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 839b7c4a5c8bdba62776fdb74c5f2125622a9ff0)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 1c8988377bbd7749a83c9d695419e1ac6f53441e)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29543: Enforce authentication for self-checkout
Jonathan Druart [Wed, 5 Jan 2022 11:47:10 +0000 (12:47 +0100)]
Bug 29543: Enforce authentication for self-checkout

The self-checkout feature is assuming a patron is logged in if patronid
is passed. It also assumes that "We're in a controlled environment; we
trust the user", which is terribly wrong!

This patch is suggesting to generate a JSON Web Token (JWT) to store in
a cookie and only allow action (renew, check in/out) is the token is
valid. The token is only generated once the user has been authenticated
And is removed when the user finish the session/logout.

Test plan:
You must know exactly how the self-checkout feature works to test this patch.
The 4 following sysprefs must be tested:
 SelfCheckoutByLogin, AutoSelfCheckAllowed, AutoSelfCheckID, AutoSelfCheckPass
Confirm that you can renew, checkin for the items you own, and checkout new items.
Confirm that you are not allowed to access other account's info.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 77e21f30062dc23edb2c79f609d854d553e67f7c)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit f57465ad024e461bb00b2c0aeebff4adb1a651b5)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29543: Add JWT token handling
Jonathan Druart [Wed, 5 Jan 2022 11:20:28 +0000 (12:20 +0100)]
Bug 29543: Add JWT token handling

Mojo::JWT is installed already, it's not a new dependency.
We need a way to send the patron a token when it's correctly logged in,
and not assumed it's logged in only if patronid is passed

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit d978bf1506d761a6962d949f35b71f1740d0052a)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit e7c1ed3ede83eef70135f96261169af57399962b)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29543: Remove inputfocus variable
Jonathan Druart [Wed, 5 Jan 2022 10:25:12 +0000 (11:25 +0100)]
Bug 29543: Remove inputfocus variable

It's not used in template

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 7ea2d7cd68bef8d59807f221a23a680361d24b1a)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 9108a00a4d1047c230e224b81a73b14ae7281f36)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 29543: Remove borrower variable
Jonathan Druart [Wed, 5 Jan 2022 10:24:12 +0000 (11:24 +0100)]
Bug 29543: Remove borrower variable

It's not needed, we have $patron

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
(cherry picked from commit 4c398daaf5df0522e8c302eb342c1ec30d6a17a9)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
(cherry picked from commit 10569aaff621970db4bf5eb226e568a778272add)

Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 26102: Prevent XSS when To.json is used: unimarc_field_4XX.tt
Owen Leonard [Tue, 11 Aug 2020 17:26:18 +0000 (17:26 +0000)]
Bug 26102: Prevent XSS when To.json is used: unimarc_field_4XX.tt

To test, edit a MARC framework to link a subfield to the
unimarc_field_4XX.tt. The process of triggering the plugin and selecting
a search result from the plugin popup should work correctly.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 26102: Prevent XSS when To.json is used: subscription-add.tt
Owen Leonard [Tue, 11 Aug 2020 15:22:33 +0000 (15:22 +0000)]
Bug 26102: Prevent XSS when To.json is used: subscription-add.tt

Test the process of adding a subscription, entering both a valid vendor
ID and a non-existent vendor ID. The non-existent vendor ID should
trigger a validation alert.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 26102: Prevent XSS when To.json is used: guarantor_search.tt
Owen Leonard [Tue, 11 Aug 2020 15:05:59 +0000 (15:05 +0000)]
Bug 26102: Prevent XSS when To.json is used: guarantor_search.tt

To test, edit a patron record and go through the process of adding a
guarantor. In the guarantor search results table the address should be
displayed correctly.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 26102: Prevent XSS when To.json is used: catalogue/results.tt
Owen Leonard [Tue, 11 Aug 2020 12:57:48 +0000 (12:57 +0000)]
Bug 26102: Prevent XSS when To.json is used: catalogue/results.tt

To test, perform a search in the catalogue and verify that search term
highlighting works correctly.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 26102: Prevent XSS when To.json is used: authorities/blinddetail-biblio-search.tt
Owen Leonard [Tue, 11 Aug 2020 12:41:13 +0000 (12:41 +0000)]
Bug 26102: Prevent XSS when To.json is used: authorities/blinddetail-biblio-search.tt

Test the process of searching for and selecting an authority record for
use in the basic MARC editor.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 26102: Prevent XSS when To.json is used: authorities/authorities.tt
Owen Leonard [Tue, 11 Aug 2020 12:34:18 +0000 (12:34 +0000)]
Bug 26102: Prevent XSS when To.json is used: authorities/authorities.tt

Check that mandatory tags and subfields are correctly required when
editing an authority record.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>
2 years agoBug 26102: Prevent XSS when To.json is used: admin/preferences.tt
Owen Leonard [Tue, 11 Aug 2020 12:31:26 +0000 (12:31 +0000)]
Bug 26102: Prevent XSS when To.json is used: admin/preferences.tt

Test that preference search term highlighting works correctly.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com>