This patch tweaks the OpacPublic system preference description so users
don't expect, incorrectly, this syspref to disable the public API
anonymous access.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3d3a07c5ee0098c3fe504009144b5c0545c0e75f)
Bug 25045: Allow restricting anonymous requests on the public API
This patch introduces a check on the authenticate_api_request method for
the RESTPublicAnonymousRequests system preference. If disabled,
anonymous requests get rejected.
The idea is to replicate the homologous OpacPublic system preference
behaviour.
To test:
1. Apply the Unit tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail, 200 is answered instead of 401 on the route.
3. Apply this patch
4. Repeat 2.
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit ec99043a2ede2f994dae72ee2f68884174f94d4c)
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 78cb447c7cd13bd37a48f7b3e2d2aa47b5d7b4d9)
Bug 25045: Add the RESTPublicAnonymousRequests syspref
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5394e8443fcba3e307c4add97bef1216fcaa2b11)
This patch introduces code to detect (cookie) annonymous sessions and
act as expected.
Right now, as check_cookie_auth is not passed the required permissions
(because there aren't always required permissions, and the code to check
permissions is shared with other authentication mechanisms) it returns
'ok' and the session id. This use case was overlooked when this was
coded, and yeilds unexpected error codes (500) when the user logs out
and the annonymous session cookie is used to hit the API. The end result
doesn't pose any security issue (i.e. the resource access is rejected)
but the returned error code is not correct and should be fixed.
This patch verifies for an anonymous session (and avoids querying the
corresponding patron) and then verifies if there is an authorization
config on the route and if the patron object is defined.
To test:
1. Apply the tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail, 500 instead of the expected 401
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Repeat the original 'steps to reproduce' from the bug report using
the browser
=> SUCCESS: Problem solved!
6. Sign off :-D
Sponsored-by: ByWater Solutions Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit de07356028d5b98af3a7cd7cbae02a7ad6402a43)
This patch introduces tests for the expected behaviour on API routes
that expect a logged in user, but the request is made with an anonymous
session cookie.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail because the situation is not handled correctly in
the code
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0547ad34dfe01ca7d7660df59e29bc30fdf3cf1d)
Katrin Fischer [Fri, 22 May 2020 23:22:53 +0000 (01:22 +0200)]
Bug 25507: Fix table in basket group PDF German 2-pages
A variable was doubled up which made the columns in the
table of orders no longer line up (different number of headers
to columns).
To test:
- Create at least one basket with one or more orders
- Close the basket
- Add the basket to a basket group manually or let Koha do it
on closing
- Change the OrderPdfFormat system preference to 'German 2-page'
- Go to the basket group page and print the PDF of the basket
- Verify the table of orders doesn't look right and runs outside
the page
- Apply patch
- Repeat the PDF print - now table should look right
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7de78ab092f7355a15de60e9a2842d9577777581)
Bug 25521: Remove cart_to_shelf note from NewItemsDefaultLocation syspref
To test:
1- find the NewItemsDefaultLocation syspref
2- confirm it says "NOTE: This system preference requires the misc/cronjobs/cart_to_shelf.pl cronjob. Ask your system administrator to schedule it."
3- apply patch
4- restart all
5- reload syspref, it doesn't say that anymore!
Signed-off-by: Holly Cooper <hc@interleaf.ie> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d21ad9fe11bdbd8c49eb3d64bb24c414bea8a1f7)
Katrin Fischer [Sat, 30 May 2020 00:56:04 +0000 (00:56 +0000)]
Bug 25545: (follow-up) Fix capitalization
Total + Adjustments + Shipment cost ($)
changed to:
Total + adjustments + shipment cost ($)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f98f2edf0a1515ce727e670ecaecd4f9295f34cb)
Nick Clemens [Wed, 27 May 2020 10:38:03 +0000 (10:38 +0000)]
Bug 25545: Add adjustments to total tax included
Adjustments are not affected by tax, they are meant as a way to alter invoice
values after receiving (damaged items, refuneds, extra charges, etc)
When adjustments were added the tax included column was missed
To test:
- Add a basket with at least one order
- Close it
- Receive shipment
- Receive the order
- Finish receiving
- Add an adjustment of any amount
- Verify in the invoice details table:
- Total tax exc. is showing including the adjustmnt
- Total tax inc. is missing the adjustment
- Apply patch
- Reload
- Total tax exc. is showing including the adjustmnt
- Total tax inc. is showing including the adjustment
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 286a739b5cd906a55b2dc97e6ab1ef9ffb00a6f7)
David Cook [Mon, 25 May 2020 06:25:06 +0000 (16:25 +1000)]
Bug 25597: Add missing Javascript libraries to sco printslip
This patch adds missing Javascript libraries to the self-checkout
print slip. These missing libraries were preventing the auto print
prompt and close. There was also a font error.
To Test:
0) Apply patch
1) Turn on system preference SelfCheckReceiptPrompt
2) Check out item via /cgi-bin/koha/sco/sco-main.pl
3) Click "Finish"
4) Press F12 on keyboard and choose Console
5) Note no Javascript errors
6) Note that print dialog appears and closes after
a print option is chosen
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 8e00a96cf17f9c429050ce2ce5e3095fe566121a)
Nick Clemens [Wed, 10 Jun 2020 10:58:25 +0000 (10:58 +0000)]
Bug 25701: Remove sort on removed field
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 35bb41dfc14603d85a6ddb85fec9b4de8d1a4001)
Jonathan Druart [Wed, 10 Jun 2020 10:03:20 +0000 (12:03 +0200)]
Bug 25701: (bug 14419 follow-up) Always display facet groups in the same order
It seems that this regression comes from bug 14419, but I have not found
a logic reason behind that.
This patch restores the behaviour we always had: facet groups must be
displayed in a given order: the Zebra index (au, ccode, holdingbranch,
etc.)
Test plan:
Apply this patch, restart all and confirm that the facets are not moving
up and down when you refresh your search result page.
QA note:
I think the following line must be removed
@facets_loop = sort {defined $a->{expand} && defined $b->{expand} && $a->{expand} cmp $b->{expand}} @facets_loop;
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d6696944267ca1afd7682193ddf3680a905a773d)
Owen Leonard [Sat, 23 May 2020 14:35:45 +0000 (14:35 +0000)]
Bug 25492: Your Account Menu button does nothing on mobile devices
This patch removes some redundant code from the OPAC JavaScript which
was causing problems with the show/hide action on two controls which are
shown only at narrower browser widths: The "Your account" menu shown
when the user is on a user-related page, and the "Refine your search"
menu shown on the search results page.
To test, apply the patch and go to the OPAC. Narrow your browser width
to below 768 pixels.
- Perform a search.
- On the search results page you should see a "Refine your search"
link at the top of the results. Clicking it should expand and
collapse the facets menu.
- Log in to the OPAC.
- On the "Your summary" page there should be a "Your account menu" link
at the top of the main part of the page. Clicking it should expand
and collapse the account menu.
- Verify that these menus display correctly when you widen and narrow
the browser window.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 9ac43fd97b58120560a33e26509d5acc712c97fb)
Martin Renvoize [Mon, 8 Jun 2020 09:23:53 +0000 (10:23 +0100)]
Bug 25526: Equality matching is case sensative
TEST PLAN:
1. Have a fine on a Patron's account.
2. Choose the "Write off Selected" button
3. Enter an amount less than the amount owed by the patron.
4. Koha will give a yellow box with a note "You must collect a value
greater than or equal to 2.00." The $2.00 is the amount that is
attempted to write off (the amount less than the amount owed).
5. Apply patch
6. Again try to writeoff an amount less than the amount owed.
7. You should be able to write it off.
8. Try paying an amount more than owed, you should still get an
error. You shouldn't be able to write off more than the amount.
9. Follow the above steps via 'Pay selected' as aposed to 'Writeoff
selected'.
10. You should not be able to 'Tender' less than the amount you have
'Paid'.
11. Disable Javascript and run through all the above steps. You should
still be blocked where relevant.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit bbac95d9fbbcc0b586a7bc094f421c35a7d71011)
Jonathan Druart [Tue, 2 Jun 2020 09:05:12 +0000 (11:05 +0200)]
Bug 17842: Simplify the code
There is no need for all the conditions.
From Encode::encode POD:
"If the $string is undef, then undef is returned."
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 74c7530e3dacd7a1df9ed72d031bc1a5b7063142)
David Cook [Tue, 26 May 2020 02:30:53 +0000 (12:30 +1000)]
Bug 17842: UTF-8 encode ISO2709 MARC download from cart
The cart was outputing ISO2709 MARC records with Latin-1
encoding. Records containing non-latin1 characters were
automatically re-encoded as UTF-8 by browsers, which led to
inconsistent character encodings for downloaded MARC files.
This patch explicitly encodes ISO2709 MARC characters from
the cart download as UTF-8 encoded bytes, which resolves the problem.
Test Plan:
0) Don't apply patch
1) Create bib record with only ASCII characters
2) Add a ü character to the title
3) Save bib record
4) Download bib record from cart (opac and staff client)
5) Using xxd or some other program, note that the ü is
represented by a FC byte (latin-1 encoded)
6) Apply the patch
7) Download bib record from cart (opac and staff client)
8) Using xxd or some other program, note that the ü is
represented by C3 BC bytes (utf-8 encoded)
9) Success
(Note that you could potentially use Notepad++ or some other
program to open the downloaded file and just note the encoding
that it finds. You could also try "chardetect" instead. Lots
of options for figuring out the encoding.)
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 13ec430eccd52413e756c88f90a370787842cbc2)
Nick Clemens [Tue, 2 Jun 2020 14:00:25 +0000 (14:00 +0000)]
Bug 25653: Update tab selector to use 'active' and include all options
It looks like the functionality was broken when ui tabs were upgraded
and mainmainentry was added
To test:
1 - Browse to Authorities
2 - Search in each tab
3 - Note all search results revert to 'Search main heading a only'
4 - Apply patch
5 - Note selection is retained after search
Signed-off-by: Claire Gravely <claire_gravely@hotmail.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4365b64403ba9492650e2e1733ccad8772dcdfc2)
Martin Renvoize [Mon, 8 Jun 2020 10:12:07 +0000 (11:12 +0100)]
Bug 14543: (QA follow-up) Add missing filter
This patch adds a missing `| html` filter to the tax_rate value option
that the patchset adds
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 369a4e39b48456be4376292f724a787ef0b6667e)
Kyle M Hall [Thu, 16 Jul 2015 16:14:42 +0000 (12:14 -0400)]
Bug 14543: Order lines updated that have a tax rate not in gist will have tax rate set to 0!
If the tax rate for a given order line has been removed from the system
preference gist, that tax rate will show in the pulldown as 0. If a
librarian then saves the order line the original tax rate will be
overwritten with 0%!
Test Plan:
1) Find an order line
2) Remove the tax rate set for that order line from the syspref gist
3) Edit the order line
4) Note the tax rate is 0
5) Apply this patch
6) Edit the order line
7) Note the tax rate now displays with a warning
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 5ae7554667a209962a169f3a3b1d4b5b4beb398c)
Mason James [Sun, 24 May 2020 03:16:20 +0000 (15:16 +1200)]
Bug 25591: Update list-deps for Debian 10 and Ubuntu 20.04
This patch removes version-specific packages from the debian/control file,
which fixes a bug where koha-common can only be installed on the debian
version that the package was built on
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 5d9a51332d0cc932a4f23d757bbd6f5c38282df6)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 0639627c3234aad5ee2d45b933c43d9a10ed20c2) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
David Cook [Mon, 1 Jun 2020 23:53:06 +0000 (09:53 +1000)]
Bug 25634: Warn if koha-shell returns non-zero in koha-foreach
By putting koha-shell in an if statement, "set -e" will no longer
cause the entire koha-foreach program to exit, if koha-shell
returns a non-zero status.
If a non-zero status is returned, we warn on it, and the caller
of koha-foreach can interpret that command visually.
To Test:
1) Write a shell script that says "Hello" and then exits with a 1
status
2) Run koha-foreach against that shell script with multiple instances
available to koha-foreach
3) Before the patch, koha-foreach will die after the first "Hello"
4) After the patch, koha-foreach will continue, through all the
instances, and report which instances returned non-zero statuses
by which command.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4c548cb08f3f3013778da71d47745f48b6adffd8)
Jonathan Druart [Mon, 8 Jun 2020 12:14:22 +0000 (14:14 +0200)]
Bug 25693: Set correct permissions on logdir after an upgrade
Since bug 25172 we are failing loudly if the permissions are not correct
and that the logger cannot init successfully.
We must set the correct permission on upgrading.
koha-create deals with new installs
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 88cd45b0903ae7cfd8939045e60ffc7b0361e16c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit ff26937f5035cc41d5b3b1b17cfc3336d73d1b5c) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Kyle M Hall [Thu, 4 Jun 2020 18:43:58 +0000 (14:43 -0400)]
Bug 25677: Checkbox options for EDI accounts cannot be enabled
Checking any of the checkboxes in the EDI Account editor does nothing.
They always remain set to "off".
Test Plan:
1) Browse to edi_accounts.pl
2) Create a new EDI account, check all the checkboxes
3) Edit the account, note none of the checkboxes are checked
4) Apply this patch
5) Repeat steps 1-2
6) Note the checkboxes remain checked
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4714b08f7270b86c62d9e32ce8f14d3afb08f37e)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit bfdd12d7c1c5df21a633b68b36af9043dc931395) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Lucas Gass [Thu, 21 May 2020 23:42:01 +0000 (23:42 +0000)]
Bug 25557: Correct basket.pl column config
This patch corrects the column configuration tool for basket.pl
TO TEST:
1. Go to Acquisitions and look at basket.pl
2. Open another tab and go to column configuration and try to hide some columns like Quantity.
3. See that the wrong columns are being hidden.
4. Apply patch
5. Trying hiding each column in the table and make sure the correct one is being hidden.
6. Rejoice!
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 79f7879303724aa1ae69db8c3f2ea5aa34148dc5)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit e63e40d6d42454eeef2dbe47a3f32d33d5e7950f) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Bug 25707: (QA follow-up) Clearer message about what's going on
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f32825ae26aa443a1fde2c8884852e4298d96916)
Kyle M Hall [Tue, 9 Jun 2020 16:49:54 +0000 (12:49 -0400)]
Bug 25707: (bug 11529 follow-up) Do not update marc mappings, print old mappings to upgrade log
This patch removes the update of marc frameworks from the updatedatabase script and warns the
"MARC to Keyword" (fieldmappings ) to the upgrade log so they can be replaced manually
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit e239e13bc9663dc3d4a43f125761165875b08876)
Jonathan Druart [Wed, 10 Jun 2020 11:21:42 +0000 (13:21 +0200)]
Bug 25538: Default to --login|-i if no command passed
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit c9be26ad5ac7615f2f723900dfd16d83d71b66fe)
Jonathan Druart [Wed, 10 Jun 2020 09:17:34 +0000 (11:17 +0200)]
Bug 25538: Use sudo -i in koha-shell
See man sudo, -i parameter.
Should we expect regressions?
Test plan:
0. Use D11 or U18.
Don't apply this patch
1.
$ echo $KOHA_INTRANET_URL
$ sudo koha-shell kohadev
$ echo $KOHA_INTRANET_URL
2. Apply this patch
$ cp debian/scripts/koha-shell /usr/sbin/koha-shell
3. Repeat 1.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit e5ffbb4dd4c3b616f715b74a9091e73e48ff0715)
Jonathan Druart [Wed, 10 Jun 2020 08:50:05 +0000 (10:50 +0200)]
Bug 25538: Don't run search_utf8.t if KOHA_*_URL empty
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7c4d2444057dd2f8ae613ad73328f880258810c7)
Alex Buckley [Tue, 17 Mar 2020 04:50:32 +0000 (04:50 +0000)]
Bug 23808: [19.11.x] Pre-fill guarantor fields when adding guarantee to guarantor
Bug 14570 removed the guarantor pre-fill functionality when selecting
'Add guarantee' to an Adult patron. This is because guarantor
information would now only display if (1) the patron record exists
(which it won't when first adding guarantee to guarantor record) and (2)
if there is already a guarantor added to a guarantee
This patchfix will pre-fill guarantor fields and address fields (so the guarantee
has the same address as the guarantor) if no relationship (existing
guarantor data exists) and a guarantor_id is handed to memberenty.pl in
URL when clicking 'Add guarantee' button on Adults patron record.
Test plan:
1. Add adult patron make sure to fill in their 'Main address' details
2. Select 'Add guarantee'
3. Observe no details of the adult patron
are displaying in the 'Guarantor information' section or 'Main address'
sections of memberentry.pl
4. Select 'Search to add', search for your adult patron and choose
'Select' to add them as guarantor
5. Fill out rest of memberentry.pl and 'Save'
6. Observe adult is showing as the guarantor
7. Apply patch
8. Run tests:
sudo koha-shell <instancename>
prove xt
prove t
9. Confirm tests pass
10. Return to your adult patron
11. Select 'Add guarantee'
12. Observe in 'Guarantor information' and 'Main address' sections of memberentry.pl
are pre-filled with the 'patron #' (borrowernumber), surname, firstname
and street number, address, address2 (if you filled that in on adults
account), city
13. Fill out the rest of memberenty.pl and save and confirm your adult
patron is showing as the guarantor and the pre-filled address details
have been saved and are showing
14. Repeat steps 10,11 and 12 and in the 'Guarantor information' select
'Search to add' and add another adult as guarantor
15. Fill out the rest of memberentry.pl and 'Save' and notice with this
patch applied you can still add multiple guarantors successfully
Sponsored-By: South Taranaki District Council, NZ Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: George Veranis <gveranis@dataly.gr>
Followed the test plan, works as expected. The only failure was
t/DateUtils.t test which will be fixed by Bug 24850.
Also corrected a small typo in the sponsored-by trailer.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 23808: (follow-up) Display card number in 'Guarantor information' in memberentry.pl
Instead of displaying 'Patron #' and displaying the guarantor's borrowernumber
in 'Guarantor information' we should display 'Patron card number:' with
the cardnumber displayed as that value is more meaningful to librarians.
The hyperlink containing the borrowernumber should stay the same so that
librarians can easily visit the patron record of existing guarantor
patrons.
Test plan:
1. Apply first patch and follow it's test plan
2. On an Adult patrons record select 'Add guarantee'
3. In 'Guarantor information' section of memberentry.pl observe in the
pre-filled guarantor information there is
a line 'Patron #:' with a link displaying a borrowernumber (not card number) and when you click on the link it takes you to the adult/guarantors patron account
4. Select 'Search to add' and search and add another guarantor
5. Observe in the added guarantor 'Patron #:' is displayed along with
the borrowernumber (not card number). The borrowernumber displayed in
not a link.
6. Apply this patch
7. On a adults patron select 'Add guarantee'
8. Observe in 'Guarantor information' section the pre-filled guarantor
now has 'Patron card number:' displayed (instead of 'Patron #:', and it's link now displays the guarantors cardnumber.
Clicking on the link still takes you to the guarantors patron account
9. Repeat step 4
10. Observe in the added guarantor they also have 'Patron card number:'
(instead of 'Patron #:'). A cardnumber rather than borrowernumber is
displayed. The cardnumber is not a link.
11. Confirm tests still pass:
sudo koha-shell <instancename>
prove xt
prove t
Sponsored-by: South Taranaki District Council, NZ Signed-off-by: Andreas Roussos <a.roussos@dataly.gr> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 23808: (follow-up) Pre-fill guarantee's contact details from guarantor patron in memberentry.pl
Pre-fill guarantee contact details (email, phone) from guarantor record
when adding a gurantee to a guarantor's record
Test plan:
1. Apply first two patches and follow test plans
2. On an adult's patron record (which has an primary phone
number, secondary phone, other phone, primary email, secondary email and
fax set) select 'Add a guarantee' and observe the guarantee's 'Contact'
section is not pre-filled with that information from the guarantor
3. Apply this patch
4. On the same adult's record select 'Add a guarantee' and observe that
the 'Primary phone', 'Secondary phone', 'Other phone', 'Primary email',
'Secondary email', 'Fax' have been pre-filled from the guarantor's
record
5. Fill out the rest of the memberentry.pl and 'Save' and observe that those contact
details are successfully saved
6. Repeat step 4 and alter the 'Primary phone' and 'Primary email'
fields and save and observe that those altered values are saved
7. Run tests and confirm they pass:
sudo koha-shell <instancename>
prove xt
prove t
Sponsored-by: South Taranaki District Council, NZ Signed-off-by: Andreas Roussos <a.roussos@dataly.gr> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 23808: (follow-up) Object methods can be used directly, no need for unblessed
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
fix tabs
Bug 24909: Add unprivileged route to get a bibliographic record
This patch adds a route to get bibliographic records without privileged
access. This needs to match the OPAC expected behaviour.
Some things were considered on the implementation:
- The ViewPolicy filter that hides/shows things based on the frameworks
needded to be used, as in the OPAC.
- OpacHiddenItems and OpacHiddenItemsExceptions need to be considered
for hiding records the same way the OPAC is expected to.
- Avoid using OpacHiddenItemsExceptions, but rely on the patron category
instead (use Koha::Patron::Category->override_hidden_items abstraction
is used instead so it should keep working once 22547 is moved
forward).
- Tests should cover all the use cases:
* logged in user
* anonymous user
* logged in with category that overrides
* logged in with category that doesn't override
This is all implemented on the tests.
To test:
1. Apply the tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/biblios.t
=> FAIL: Route not implemented
3. Apply the rest of the patches
4. Repeat 2
=> SUCCESS: Tests pass!
5. Try it with your favourite API tool (Postman?)
6. Sign off :-D
Note: please notice there isn't a default fallback behaviour for when
you don't specify the Accept header, so testing this on a regular
browser will just print the accepted mime types instead of the record
itself.
To test this with a tool (like Postman) you should enable
RESTBasicAuthe and make the tool use Basic authentication with valid
credentials. And you need to specify any of the following strings on the
Accept header:
- application/marcxml+xml
- application/marc-in-json
- application/marc
- text/plain
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit b97158dd1342ea060a29297df3d691f05065c227)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 572f486697c18337ea6bb804a0b624e9c8912744)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 9c66f9f320eab62cb7a0440fc6fc02142558eb1d)
Jonathan Druart [Thu, 28 May 2020 13:30:02 +0000 (15:30 +0200)]
Bug 25618: Fix wrong package install path for misc dir
root@koha-debian9:/# koha-z3950-responder --start d9
[....] Starting Z39.50/SRU daemon for d9:Can't open perl script "/usr/share/koha/bin/z3950_responder.pl/z3950_responder.pl": Not a directory
failed!
Test plan:
On a dev install, copy the debian script and run it
Same on a package install
Signed-off-by: Joonas Kylmälä <joonas.kylmala@helsinki.fi> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7b1e8c59fe0edc2faab878c6bd9d45de9f720e81) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Nick Clemens [Thu, 28 May 2020 17:37:20 +0000 (17:37 +0000)]
Bug 25617: (QA follow-up) Add responses to tests
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 46e23b3a035e9c326c50aaa2dfba62667a9aca4b)
Jonathan Druart [Thu, 28 May 2020 14:12:57 +0000 (16:12 +0200)]
Bug 25617: (bug 25133 follow-up) 12 PM is not 24 but 0
There was an error in the precedent code, in 12hr format, 12PM is
actually 00:00
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit dd0c7c55fc2b5f0a312055d0c051b166d75ea82d)
Jonathan Druart [Tue, 26 May 2020 08:10:52 +0000 (10:10 +0200)]
Bug 25601: (bug 18928 follow-up) Fix "Unset" for "return policy for $branch"
returnbranch has to pass an itemtype key when setting the rule (here
setting it to unlimited for any item types)
Test plan:
1. Go the "Circulation and fine rules" admin page
2. Set a rule for "Default checkout, hold and return policy"
3. Unset it
4. Select a library
5. Set a rule for "Default checkout, hold and return policy"
6. Unset it
Display should be consistent with what you selected
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f1cc9d6b599ae423d8024fb11f3f601d57ab9963) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Julian Maurice [Fri, 22 May 2020 14:45:02 +0000 (16:45 +0200)]
Bug 25517: Look in all possible places for MO files
On a 'dev' install, MO files will be installed in
<intranetdir>/misc/translator/po
On 'standard' and 'single' installs, they will be installed in
<intranetdir>/../../misc/translator/po
This patch makes Koha::I18N try to use the "dev" directory first, and
fallback to the "standard" directory.
If none of these directories exist, it dies.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6028c92c7b299b85d871605cd46d5bb97b760f7b)
I'm not sure what we need to test here, besides we get results. I'm
pretty sure we shouldn't allow a plain GET return all objects because it
could cause a DOS very easily. But it certainly belongs to a separate
bug/discussion.
In this case, I put a constraint on the items domain (by using
_per_page=10 in the query params) so it won't happen that under certain
conditions the user agent used by Test::Mojo time outs.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 85ab68c07f9240eba08d74b232be8434e65e9afb) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Owen Leonard [Thu, 14 May 2020 11:47:51 +0000 (11:47 +0000)]
Bug 25473: Move JavaScript out of the footer of addorderiso2709.tt
This patch undoes the move of the JavaScript block to the footer made in
Bug 22734. The item information tab can include embedded JavaScript for
cataloging plugins, and these don't currently work with JS in the
footer.
To test, apply the patch and test the JavaScript driven features of the
"Add to basket from a staged file" page:
- Acquisitions -> Vendor -> Basket -> Add to basket from a staged file
- MARC and Card previews, select all/clear all
- Item information tab: Cataloging plugins for fields like
date acquired, barcode
- Default accounting details tab: Show inactive control
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 9e665fb9a753032fed711959f1d8cc5780655b8c)
Jonathan Druart [Thu, 21 May 2020 13:35:33 +0000 (15:35 +0200)]
Bug 25567: Fix typo categorycode vs category_code
Well, this is actually the real root of the error!
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 4e945dff87a8bc4badb605361c1db63f71b04a07) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Jonathan Druart [Thu, 21 May 2020 13:30:35 +0000 (15:30 +0200)]
Bug 25567: Prevent patron category type's categorycode to be created with ""
It must be NULL/undef, the default from the DB.
The method Koha::Patron::Attribute::Type->categorycode is not covered by tests!
To recreate:
Create a new patron attribute type, don't select a patron's category (and not repeatable or unique)
Go to the batch patron modification tool, enter a cardnumber, next.
=> boom!
Apply the patch, edit the patron attribute, save
Go to the batch patron modification tool, enter a cardnumber, next.
=> success!
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7ce6f7895610913f35fb1531faa1a40cefcd5f88) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Jonathan Druart [Fri, 21 Feb 2020 11:37:44 +0000 (12:37 +0100)]
Bug 24413: Do not remove the restrictions from AddReturn
As we are now removing them from MarkIssueReturned they should not be
removed from AddReturn as well.
Also I think this will fix a regression, if $doreturn is not set (in
case the item is withdrawn and BlockReturnOfWithdrawnItems or the item
is lost and BlockReturnOfLostItems, and other specific cases).
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 10af741387a75d29c6b7782c6ce3d2c07cad9517) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Jonathan Druart [Mon, 17 Feb 2020 15:27:57 +0000 (16:27 +0100)]
Bug 24413: Apply AutoRemoveOverduesRestrictions for lost items
It's quite hard to know where this need to be fixed.
it can be either MarkIssueReturned or LostItem, depending on the
different cases we want to handle.
This patch picked MarkIssueReturned, but maybe the similar code in
AddReturn needs to be removed then.
== Test plan ==
1. Set MarkLostItemsAsReturned to 'from items tab of the catalog module'
2. Set AutoRemoveOverduesRestrictions to 'Do'
3. Set up an overdues restriction in the notice triggers
4. Check out an item and let the overdues process restrict the account
5. Navigate to the moredetail.pl page (items tab) for the overdue item
6. Mark the item lost
7. Return to the account in question - notice the item has been returned, but the restriction remains
8. Clean state: remove restriction + remove item lost status
9. Apply patch
10. Redo the test but this time in addition to the item being returned,
the restriction will be lifted.
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 70ae2eaf9cdc7708f85b1724e5bc89623355b585) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
2. Add 2 holds for 1 patron to a single record
3. Check the reserve IDs in the reserves table - on a clean sandbox, they will be 1 and 2
4. Check in one of the items from the record and print the slip
5. Note that the reserve ID on the slip is 2 and the expiration date is blank
6. Repeated check ins do not change this
7. Check in a second item from the record
8. Note that the reserve ID for this hold is also 2, but this time the expiration date is filled in
9. Check in the first item again - the reserve ID stays as 2, but this time the expiration date is filled in
10. Apply patch
11. cancel the holds to come back to a clean state
(and maybe ensure items aren't in transit)
12. redo the test and see the following differences
13. 1st checkin:
1. expiration date ok
2. the reserve ID is the one of the first hold
14. 2nd checkin:
1. expiration date ok
2. the reserve ID is the one of the second hold
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit d864c5640a3e3b02cbb64bde034935fa746a09ce) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Ere Maijala [Wed, 29 Jan 2020 11:24:15 +0000 (13:24 +0200)]
[SIGNED-OFF] Bug 22522: [19.11.x] Add support for current Mojolicious and related packages
This patch allows tests to succeed with the following versions:
JSON::Validator 3.18
Mojolicious 8.32
Mojolicious::Plugin::OpenAPI 2.21
Also Mojolicious::Plugin::OpenAPI version 1.17 and later 1.x versions now work.
Calling valid_input in under() would cause ' Use of uninitialized value $_[2] ' in more recent OpenAPI plugins, so that was changed too. As far as I can see this does not affect authorization.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Owen Leonard [Fri, 8 May 2020 16:13:40 +0000 (16:13 +0000)]
Bug 25428: Correctly encode link if authority subfield is a URL
This patch modifies the script and template for showing the details of
an authority record so that if the authority subfield is configured to
be a link the link is correctly output in the template.
To test you must have an authority type configured with at least one
subfield designated as a URL:
- Go to Administration -> Authority types
- Select "MARC structure" from the actions menu for the authority type
you want to modify.
- Select "Subfields" from the actions menu for the tag containing
the subfield you want to modify (for instance 856).
- Edit the subfield you want to display as a link (e.g. subfield u).
- In the subfield configuration form under "Advanced constraints" check
the "Is a URL" checkbox and save your changes.
- Apply the patch and go to Authorities in the staff interface.
- Search for or create an authority record which contains URL
information in the right subfield (for instance 856$u).
- View the details for the record. Using the 856 example, the "8" tab
should contain an active link pointing to the correct URL.
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 1bcc45be621b19dc602d675ca10d844301496b06) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Test plan:
Create or modify a patron, fill the "email" field of the "alternate
address" block (B_email)
Go to the detail view of the patron
=> Without this patch the email is not display
=> With this patch applied you see it!
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 635242a69a5ed049801d018a6be712d8dcbabb07) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Slava Shishkin [Thu, 14 May 2020 14:53:47 +0000 (17:53 +0300)]
Bug 25506: Fix for "Use of uninitialized value" in about.pl
Perl warning on the "About Koha" page:
Use of uninitialized value in string eq
at /home/vagrant/kohaclone/about.pl line 220.
Fixed by adding additional precheck for
C4::Context->config('zebra_auth_index_mode') being Perl's "true".
To test:
1) Ensure you don't have "<zebra_auth_index_mode>...
</zebra_auth_index_mode>" in your koha-conf.xml so you will have
"C4::Context->config" returning "undef"
2) Go to the "About Koha" page.
3) Observe the warning in the log file.
4) Apply patch.
5) Repeat step 2.
6) Check that previous warning was suppressed.
Signed-off-by: Andreas Roussos <a.roussos@dataly.gr> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 67ff0f72854d4dabdda8cb59696f15e7b5d88c2a) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Jonathan Druart [Thu, 21 May 2020 10:00:34 +0000 (12:00 +0200)]
Bug 25563: (bug 24386 follow-up) Don't disable submit button if form has not been submitted yet
On bug 24386 we prevent double form submission using the our own preventDoubleFormSubmit JS function.
The problem is that we are checking some conditions, and prevent the
form submission if something is not filled (for instance no checkbox
checked, or no fund selected).
Technically it means that:
- click the submit button
- it submits the form
- we disable the submit button
- we prevent the form to be submitted before something is wrong
At this stage the button is disabled and the form cannot be longer be
submitted.
This patch replaces the "on submit" event of the form with the "on click" event of the submit button.
Which means we are going to:
- click the submit button
- we prevent the form to be submitted before something is wrong
=> The button will only be disabled if the form is really submitted
Test plan:
- stage a marc record
- acquisitions: have a basket
- click on "Add to basket"
- "From a staged file"
- Don't tick the record
- Save
- You should see an expected error message
- Tick the record
- Save
- You should see an expected error message
- Choose a fund
- Click the "Save" button as many times as you can, to try double submit
it.
=> The order is saved
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 37370c415ab5e59422aff46be14ccfec0cf8c373) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Jonathan Druart [Mon, 18 May 2020 15:50:11 +0000 (17:50 +0200)]
Bug 25531: Debar patron if needed when checkin is backdated
If think this case does not apply to real-life, but the logic needs to
be fixed.
If an item is due now, and AddReturn is called now with a return date in
the future, the issue is overdue and the patron must be debarred.
However it is not as we compare with now and not the return date
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Jonathan Druart [Mon, 18 May 2020 15:49:37 +0000 (17:49 +0200)]
Bug 25531: Add tests
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Jonathan Druart [Thu, 14 May 2020 14:04:20 +0000 (16:04 +0200)]
Bug 25481: Pass --user to start-stop-daemon when a pidfile is used
Since D10, the behaviour of start-stop-daemon changed, see from its
manual:
"""
Warning: using this match option with a world-writable pidfile or using it alone with a daemon that writes the pidfile as an unprivileged (non-root) user will be refused with an error (since
version 1.19.3) as this is a security risk, because either any user can write to it, or if the daemon gets compromised, the contents of the pidfile cannot be trusted, and then a privileged
runner (such as an init script executed as root) would end up acting on any system process. Using /dev/null is exempt from these checks.
"""
Test plan:
koha-plack --restart kohadev
should success with this patch.
Without this patch you get:
start-stop-daemon: matching only on non-root pidfile /var/run/koha/kohadev/plack.pid is insecure
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Nick Clemens [Mon, 13 Apr 2020 15:51:36 +0000 (15:51 +0000)]
Bug 23403: Catch other cases of ->{patron}
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Jonathan Druart [Mon, 23 Mar 2020 14:57:14 +0000 (15:57 +0100)]
Bug 23403: List borrowernumber in the ILS::Patron fields
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Kyle M Hall [Mon, 23 Mar 2020 12:52:58 +0000 (08:52 -0400)]
Bug 23403: Fix whitespace
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Jonathan Druart [Thu, 21 Nov 2019 17:39:15 +0000 (18:39 +0100)]
Bug 23403: Remove cardnumber from SIP
== Test plan ==
1 - Have two patrons with userids and no cardnumber
2 - Note which of these has the higher borrower number
3 - Use the SIP cli emulator to connect and checkout a book to the patron with higher borrowernumber
See example after
4 - Note the book may checkout to the wrong patron!
5 - Apply patch
6 - Checkout to both patrons via sip
7 - The patrons get the correct checkouts
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
David Cook [Mon, 18 May 2020 05:41:34 +0000 (05:41 +0000)]
Bug 25485: Remove tiny_mce symlink during pre install of deb package
This patch removes the tiny_mce symlink before Koha package installation
using the same method that we used when we removed the YUI symlink
in 2015.
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
David Cook [Mon, 18 May 2020 03:28:56 +0000 (03:28 +0000)]
Bug 25485: Remove all mention of tiny_mce in debian/rules
This patch removes the removal of the following during the
build process:
/usr/share/koha/intranet/htdocs/intranet-tmpl/lib/tiny_mce
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Kyle M Hall [Tue, 12 May 2020 18:19:53 +0000 (14:19 -0400)]
Bug 25485: TinyMCE broken in Debian package installs
When installing the Debian package of Koha, we install the Debian tinymce package and symlink over our own tinymce libs that are in the Koha codebase. This version of tinymce does not have the same files and because of this, tinymce does not get loaded.
We should remove the use of the tinymce Debian package, and just use our own version of TinyMCE.
Test Plan:
1) Install Koha 19.11 from package
2) Browse to the news editor
4) Note the WYSIWYG editor is missing
5) Build a new Koha package with this patch applied, install it
6) Reload the news editor
7) Note the WYSIWYG editor is back!
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
David Cook [Mon, 18 May 2020 07:08:18 +0000 (07:08 +0000)]
Bug 25524: Remove --line-regexp option in log4perl_component()
The current grep expression uses -x|--line-regexp, but that causes
the regexp to fail to match since we're not specifying a regexp
that can match a whole line. We can either provide a better regexp,
or remove that --line-regexp option.
This patch removes the --line-regexp (ie -x) option from the grep
in log4perl_component, so that it detects logger components correctly.
To Test:
0) Apply patch
1) Build Koha package
2) Look at /etc/koha/sites/kohadev/log4perl.conf in an existing
Koha instance (e.g. on koha-testing-docker), and note it has
components for z3950, api, and sip
3) Install package
4) Note that /etc/koha/sites/kohadev/log4perl.conf is the same as before
5) Remove the "log4perl.logger.sip and log4perl.appender.SIP lines from
/etc/koha/sites/kohadev/log4perl.conf
6) Reinstall package
7) Note that the missing lines have been appended to the file at
/etc/koha/sites/kohadev/log4perl.conf
Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Kyle M Hall [Mon, 18 May 2020 18:14:42 +0000 (14:14 -0400)]
Bug 25535: Hold API mapping maps cancellationdate to cancelation_date, but it should be cancellation_date
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Bug 24458: Use the ViewPolicy filter on search results
This patch implements the use of the ViewPolicy record processor filter
inside C4::Search::searchResults. The idea is that the $record_processor
is instantiated once and reused inside the loop. This leaves options for
further optimizations I will do on a follow-up bug.
The filter is applied to the MARC data before it is passed to the XSLT
processor.
To test:
1. Apply the regression tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/Search.t
=> FAIL: This is not implemented, tests fail
3. Apply this patch
4. Repeat 2
5. Feel the joy in your body from a long standing bug being solved
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
This patch introduces tests for searchResults. The idea is to set a
subfield as hidden in OPAC and another on the staff interface, and see
if searchResults honours this on the XSLTResultsRecord contents.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Search.t
=> FAIL: This is not really implemented
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
This patch adds tests for the new 'feature': i.e. searchResults passes
the added $xslt_variables to the XSLTParse4Display method.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Bug 25416: Let OPAC XSLTs know if the context is an anonymous session
This patch makes use of the 'variables' parameter in XSLTParse4Display
method in the different places that it is used in the OPAC. It does by
passing this parameter with
anonymous_session => 1|0
The value will depend on the output from get_template_and_user (i.e. if
there's a returned borrowernumber).
A special case takes place in search results, as the call to
XSLTParse4Display happens in C4::Search::searchResults. So a new
parameter 'xslt_variables' is added to it.
To test:
1. Apply the [DO NOT PUSH] patch
2. Open the OPAC in your browser
3. Try detail pages, search results, tags and lists/shelves pages with
or without an active session
=> FAIL: It always says (somewhere) 'Anonymous session: Yes'
4. Apply this patch, restart_all
5. Repeat 3
=> SUCCESS: It will tell the Yes/No correctly regarding anonymous
sessions!
6. Sign off :-D
Sponsored-by: Universidad ORT Uruguay Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
David Cook [Mon, 18 May 2020 06:23:07 +0000 (06:23 +0000)]
Bug 25510: Put space between negation operator and function name
This patch puts a space between the negation operator ! and
the function name (ie log4perl_component).
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Jonathan Druart [Fri, 15 May 2020 08:12:46 +0000 (10:12 +0200)]
Bug 25510: Fix syntax error in koha-common.postinst
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Jonathan Druart [Wed, 29 Apr 2020 12:57:57 +0000 (14:57 +0200)]
Bug 25309: Limit size of streetnumber field to 10
It's its size in DB (varchar(10))
Test plan:
Create or editing a patron and confirm that you fill in more than 10
characters in the streetnumber field
Save
=> The patron has been correctly created/updated
Signed-off-by: David Roberts <david@koha-ptfs.co.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Jonathan Druart [Wed, 29 Apr 2020 12:48:38 +0000 (14:48 +0200)]
Bug 25311: Better error handling when updating a patron
Same as the precedent patch for patron's modification
Test plan is identical but with an existing patron
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
Jonathan Druart [Wed, 29 Apr 2020 12:38:41 +0000 (14:38 +0200)]
Bug 25311: Better error handling when creating a patron
This is still not ideal but brings a bit of enhancement.
One possible problem is that the patron creation will fail if the
streetnumber field is too long (borrowers.streetnumber is varchar(10).
Test plan:
0. Don't apply this patch
1. Create a new patron with a streetnumber longer than 10 characters
2. Save
=> The patron has not been created and the app explodes
The error is about extended_attributes and not meaningful
Can't call method "extended_attributes" on an undefined value at /kohadevbox/koha/members/memberentry.pl line 560
3. Apply the patch
4. Repeat 1. and 2
=> You get a warning on the interface and you still see the creation
form
5. Check the logs
=> The error is meaningful
"Data too long for column 'streetnumber'"
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
projects / koha.git / log