]> git.koha-community.org Git - koha.git/log
koha.git
7 months agoBug 36234: Fix 'languages' prefs selection
Jonathan Druart [Tue, 5 Mar 2024 15:04:04 +0000 (16:04 +0100)]
Bug 36234: Fix 'languages' prefs selection

Test plan:
Edit and save several types of sysprefs, reload the page to confirm they
are correctly saved, or check their values in DB

Signed-off-by: Christian Stelzenmüller <christian.stelzenmueller@bsz-bw.de>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36140: Correct label for attribute invoice.tt
Lucas Gass [Tue, 20 Feb 2024 23:19:01 +0000 (23:19 +0000)]
Bug 36140: Correct label for attribute invoice.tt

To test:
1. Go to /cgi-bin/koha/acqui/invoice.pl?invoiceid=X  where X is the invoice number.
2. Look at the Invoice number with your dev tools, the for attribute is wrong. ( shippingdate )
3. Apply patch and look again, the attribute should correctly be invoicenumber.

Alternatively, just look at the diff of this trivial change. :)

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36076: paycollect.tt add permission checks for manual credit and invoice
Fridolin Somers [Tue, 13 Feb 2024 09:49:17 +0000 (10:49 +0100)]
Bug 36076: paycollect.tt add permission checks for manual credit and invoice

In members/pay.tt one can see permission checks for manual credit and invoice :
CAN_user_updatecharges_manual_invoice
CAN_user_updatecharges_manual_credit

This is missing from members/paycollect.tt.
HTML is also missing classes manualcredit and manualinvoice.

Test plan :
1) Create a user with permissions to manage accounting
   (remaining_permissions under updatecharges) but without
   manual_invoice and manual_credit
2) Go to a patron account with an invoice
3) Click on "Make a payment", you dont see tabs manual credit/invoice
4) Click on "Pay" in "Actions" column
=> Without patch you see tabs manual credit/invoice
=> With patch you do not see them

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35963: (QA follow-up): tidy up code and fix exec permission
Victor Grousset/tuxayo [Wed, 28 Feb 2024 04:52:41 +0000 (05:52 +0100)]
Bug 35963: (QA follow-up): tidy up code and fix exec permission

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35963: Fix bundled items table ordering and filtering
Julian Maurice [Wed, 7 Feb 2024 13:36:01 +0000 (14:36 +0100)]
Bug 35963: Fix bundled items table ordering and filtering

Using the many-to-many relationship results in the table alias `me` to
be used for table `item_bundles` instead of the expected table `items`.
This causes ordering and filtering to fail for columns Callnumber and
Barcode.
Using Koha::Items->search does not have this problem.

This patch also disables ordering by status because it does not work
(error message is: "Cannot find Koha::Object class for return_claim'")

Test plan:
1. Create an item bundle
   https://koha-community.org/manual/23.11/en/html/circulation.html#circulating-bundles
2. Add at least 2 items to this bundle
3. Verify that ordering/filtering by callnumber or barcode works
4. Run `prove t/db_dependent/api/v1/items/bundled_items.t`

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35963: Add tests
Julian Maurice [Wed, 7 Feb 2024 13:36:01 +0000 (14:36 +0100)]
Bug 35963: Add tests

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35952: Remove unnecessary line for OpacSuppressionMessage
Lucas Gass [Tue, 30 Jan 2024 20:38:15 +0000 (20:38 +0000)]
Bug 35952: Remove unnecessary line for OpacSuppressionMessage

To test:
1. Apply patch and restart all
2. Add an additional contetn entry for `OpacSuppressionMessage`, make
   sure it has a publication date in the past.
3. Make sure  OpacSuppression is set to 'hide'.
4. Suppress a record in the OPAC, ( 942$n )
5. Visit the detail page for that record and make sure you
   OpacSuppressionMessage customization displays.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35554: Authority search popup width 800px
Fridolin Somers [Tue, 12 Dec 2023 19:57:36 +0000 (09:57 -1000)]
Bug 35554: Authority search popup width 800px

Authority search popup is only 700 pixels width.
Most popups use 800 pixels, like the z3950 one.

Test plan :
1) Edit a biblio record
2) Click on value builder in a field linked to authority (ie 700)
3) Check popup is 800 pixels wide
4) Same with advanced editor

Signed-off-by: Anneli Österman <anneli.osterman@koha-suomi.fi>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36009: Document background_jobs_worker.pl --queue elastic_index
Julian Maurice [Fri, 23 Feb 2024 09:59:45 +0000 (10:59 +0100)]
Bug 36009: Document background_jobs_worker.pl --queue elastic_index

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36009: Document koha-worker --queue elastic_index
Magnus Enger [Wed, 7 Feb 2024 07:51:36 +0000 (07:51 +0000)]
Bug 36009: Document koha-worker --queue elastic_index

To test:
- Copy the koha-worker script to the standard location:
  $ sudo cp debian/scripts/koha-worker /usr/sbin/koha-worker
- Check "sudo koha-worker --help" and verify elastic_index is
  mentioned in the list of "current queues"
- See https://wiki.koha-community.org/wiki/Testing_man_pages for
  how to check the "man" page. There should be a new paragraph
  about "Current queues" under "--queue"

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36150: Update circulation-home.tt layout
Pedro Amorim [Thu, 22 Feb 2024 12:10:31 +0000 (12:10 +0000)]
Bug 36150: Update circulation-home.tt layout

Test plan:
Compare both pages:
<staff_url>/cgi-bin/koha/cataloguing/cataloging-home.pl
<staff_url>/cgi-bin/koha/circ/circulation-home.pl

Apply patch
Compare both pages again

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35398: (QA follow-up) Tidy code
Kyle M Hall [Tue, 2 Jan 2024 13:58:04 +0000 (08:58 -0500)]
Bug 35398: (QA follow-up) Tidy code

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35398: Fix LRP support for EDI orders with single items
Martin Renvoize [Fri, 24 Nov 2023 13:06:37 +0000 (13:06 +0000)]
Bug 35398: Fix LRP support for EDI orders with single items

This patch corrects a mistake in the original implementaiton of bug
20595 where we introduced support for the LRP segments being used to
automatically assign items ordered via EDI to stock rotation plans.

Signed-off-by: Sophie Halden <sophie.halden@cheshiresharedservices.gov.uk>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35398: Unit test
Martin Renvoize [Wed, 28 Feb 2024 16:40:39 +0000 (16:40 +0000)]
Bug 35398: Unit test

This patch adds the begginings of unit tests for Koha::EDI.  Right now
we only test that a simple QUOTE message creates a basket, adds the item
to said basket and assigns that single item to a corresponding stock
rotation rota as defined by the LRP segment in the QUOTE message.

It lays the foundations for much more rigorous tests to be written to
cover the whole of EDI.pm however.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35398: Add unit test for extraction of library_rotation_plan
Martin Renvoize [Tue, 27 Feb 2024 13:45:53 +0000 (13:45 +0000)]
Bug 35398: Add unit test for extraction of library_rotation_plan

This unit test addition adds an LRP segment to the test EDI message file
and adds the corresponding test to confirm is it extracted into the
field as expected.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35351: Adjust basket details template to avoid showing empty page-section
Owen Leonard [Thu, 16 Nov 2023 14:12:17 +0000 (14:12 +0000)]
Bug 35351: Adjust basket details template to avoid showing empty page-section

This patch makes a minor change to the markup of the basket details page
so that we don't display an empty div.page-section when there are no
orders.

Note: This patch includes whitespace changes, so please ignore
whitespace when viewing the diff.

To test, apply the patch and go to Acquisitions.

- Search for a vendor and add a basket if necessary.
- View the details of an empty basket.
- Under the "General information" or "Settings" sections there should be
  no empty white box.
- View the details of a basket which has orders (using the "Add to
  basket" process if necessary).
  - Orders should be displayed correctly.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35422: Fix translation of suggestions title tag
Owen Leonard [Tue, 28 Nov 2023 15:54:38 +0000 (15:54 +0000)]
Bug 35422: Fix translation of suggestions title tag

This patch corrects a missed instance of a string in the title tag which
should have been wrapped in the translation function [% t() %]

To test, apply the patch and go to Suggestions.

- Click "New purchase suggestion"
- The title of the page should be correct: "Add suggestion"
- Confirm that translation is improved:
  - Update and reinstall active translations (for instance fr-FR):
    perl misc/translator/translate update fr-FR
  - Check the corresponding po file, in this case fr-FR-messages.po
  - There should be an entry for the string "Add suggestion"

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35397: Fix SIP2AddOpacMessagesToScreenMessage system preference description
Tomas Cohen Arazi [Fri, 24 Nov 2023 13:06:35 +0000 (10:06 -0300)]
Bug 35397: Fix SIP2AddOpacMessagesToScreenMessage system preference description

The original syspref description contained an extra  '- Use' and reads
weird.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36000: Fix CGI::param warning in catalogue search
Marcel de Rooy [Tue, 6 Feb 2024 12:31:28 +0000 (12:31 +0000)]
Bug 36000: Fix CGI::param warning in catalogue search

Speaks for itself.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36088: Remove useless code form opac-account-pay.pl
Kyle M Hall [Tue, 13 Feb 2024 20:04:53 +0000 (15:04 -0500)]
Bug 36088: Remove useless code form opac-account-pay.pl

The script opac-account-pay.pl sums the selected accountlines, formats the amount, pulls the currently active currency, and does nothing with any of this data.

Test Plan:
1) Apply this patch
2) Restart all the things!
3) Note there is no change in behavior

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
PA amended title (missing 'Bug ####:'

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36091: Spelling: Use "card number" instead of cardnumber in text
Owen Leonard [Wed, 14 Feb 2024 14:11:22 +0000 (14:11 +0000)]
Bug 36091: Spelling: Use "card number" instead of cardnumber in text

This patch replaces the term "cardnumber" with "card number" in labels
and text where the patron's library card number is referred to. Where
the database column is referenced "cardnumber" is kept.

A full test plan would be very time-consuming and I think examining the
patch should be verification enough for changes which are limited to
adding a space.

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Verified that the patch only changes "visible" text, and not
references to the database column.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36099: count and holdcount template vars into JS vars should default to 0 if...
Pedro Amorim [Mon, 26 Feb 2024 10:03:22 +0000 (10:03 +0000)]
Bug 36099: count and holdcount template vars into JS vars should default to 0 if empty

Visit:
http://localhost:8081/cgi-bin/koha/catalogue/detail.pl?biblionumber=4321
Notice you have 2 console errors:
1) Uncaught SyntaxError: Unexpected token ';'
2) Uncaught ReferenceError: biblionumber is not defined

Apply patch. Repeat. Notice no error shows.
Visit an existing biblionumber. Confirm all is well.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36157: Remove class from anchor link
Pedro Amorim [Fri, 23 Feb 2024 16:23:38 +0000 (16:23 +0000)]
Bug 36157: Remove class from anchor link

Test plan:
- Create a notice with the module of "Reports" -- add something to the "Print" section. Example from bug 34136:
[% FOREACH b IN data %]
<div class="panel panel-default">
  <div class="panel-heading">[% b.surname %], [% b.firstname %]</div>
  <div class="panel-body">Expiration: [% b.dateexpiry %]</div>
  <div class="panel-footer">ID: [% b.borrowernumber %]</div>
</div>
[% END %]

- Create and run a saved report. Example from the other bug:
SELECT * FROM borrowers

- Click on the "Run with template" dropdown and hover the template title.

- Notice it the styling of the hover. Apply patch. Repeat.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36158: Update t iterator variable
Pedro Amorim [Fri, 23 Feb 2024 16:15:08 +0000 (15:15 -0100)]
Bug 36158: Update t iterator variable

It seems like its causing some sort of conflict with t('Hide SQL code') further down below in the code, but I'm not sure why.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36156: None value selected on clone field/subfield linked to AV
Thibaud Guillot [Fri, 23 Feb 2024 12:12:42 +0000 (13:12 +0100)]
Bug 36156: None value selected on clone field/subfield linked to AV

When a field or subfield is linked to a list of authorized values and cloned, the selected value is repeated in the clone. This is linked to the default behavior of Select2Utils, so I've added a precise index (-1) to ensure that no value is selected in the clone.

Test plan:

1) Create a repeatable field and subfield and link a list of authorised values to the subfield.
2) Edit a record, clone the field and see which value is automatically selected in the clone.
3) Apply the patch
4) Repeat step 2

Sponsored by : BibLibre

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35532: Remove shortcut buttons from flatpickr
Martin Renvoize [Mon, 19 Feb 2024 10:31:19 +0000 (10:31 +0000)]
Bug 35532: Remove shortcut buttons from flatpickr

It doesn't make sense to have the shortcut buttons in the range picker
for bookings. This patch adds the ability to remove them entirely from
display and uses that option in the bookings modal.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35532: Update date select field and add hint
Martin Renvoize [Mon, 19 Feb 2024 10:13:14 +0000 (10:13 +0000)]
Bug 35532: Update date select field and add hint

This patch updates the 'Period' select from 'Period' to 'Booking dates'
and adds a hint beneath it too.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 35426: Improve layout of bookings modal form
Owen Leonard [Tue, 28 Nov 2023 18:46:11 +0000 (18:46 +0000)]
Bug 35426: Improve layout of bookings modal form

This patch changes the class on the bookings modal form's fieldset in
order to make the form work better in the small space offered by the
modal.

Also changed: The hint for the patron search field has been moved below
the field for consistency.

To test, apply the patch and search for a title in the staff interface.

- View the detail page.
- If you don't see a "Place booking" button in the toolbar,
  click "Items" in the sidebar menu.
  - Locate the "Priority" heading, and change the "Bookable" setting to
    "Yes."
- Click the "PLace booking" button in the toolbar.
  - The bookings modal form should appear, and the form layout should be
    improved.

Signed-off-by: Barbara Johnson <barbara.johnson@bedfordtx.gov>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
7 months agoBug 36219: Re-add missing state param for Oauth/OIDC client
David Cook [Mon, 4 Mar 2024 03:57:27 +0000 (03:57 +0000)]
Bug 36219: Re-add missing state param for Oauth/OIDC client

This change restores the csrf token added as the state param for
the OAuth/OIDC client.

Test plan:
0. Apply the patch and restart Starman
1. Test the SSO using the wiki guide

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Fix selenium tests if no fund exist
Jonathan Druart [Mon, 4 Mar 2024 13:46:07 +0000 (14:46 +0100)]
Bug 35329: Fix selenium tests if no fund exist

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Fix autocomplete when placing a hold
Jonathan Druart [Mon, 4 Mar 2024 13:38:16 +0000 (14:38 +0100)]
Bug 35329: Fix autocomplete when placing a hold

There was a JS error
Uncaught TypeError: node.autocomplete(...).data(...) is undefined

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: Fix cookie domain for www/ tests
Tomas Cohen Arazi [Mon, 4 Mar 2024 13:20:05 +0000 (10:20 -0300)]
Bug 36084: Fix cookie domain for www/ tests

This patch changes the hardcoded `koha.local` value on
t::lib::Mocks::Zebra so tests don't fail when the domain is not `koha`.

To test:
1. Run:
   $ ktd --shell
  k$ export KOHA_INTRANET_URL=http://kohadev-intra.myDNSname.org:8081
  k$ prove t/db_dependent/www/batch.t
=> FAIL: Tests fail!
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Fix conflict with 33457
Jonathan Druart [Fri, 1 Mar 2024 15:01:13 +0000 (16:01 +0100)]
Bug 35329: Fix conflict with 33457

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: (follow-up) Add styling to info and error
Jonathan Druart [Fri, 1 Mar 2024 14:32:40 +0000 (15:32 +0100)]
Bug 35329: (follow-up) Add styling to info and error

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Handle duplicate without 500
Jonathan Druart [Mon, 26 Feb 2024 14:34:52 +0000 (15:34 +0100)]
Bug 35329: Handle duplicate without 500

This is not perfect but way better than before!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Adjustment for 34478
Jonathan Druart [Mon, 26 Feb 2024 14:34:18 +0000 (15:34 +0100)]
Bug 35329: Adjustment for 34478

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: (QA follow-up) Fix for bug 35865
Martin Renvoize [Tue, 23 Jan 2024 11:43:06 +0000 (11:43 +0000)]
Bug 35329: (QA follow-up) Fix for bug 35865

This restores the missing hint that's restored by bug 35865 ahead of
this patchset

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Add styling to info and error
Jonathan Druart [Mon, 22 Jan 2024 20:52:52 +0000 (21:52 +0100)]
Bug 35329: Add styling to info and error

There were 2 "class" attribute and the second was ignored.
This could still be improved, but then we should adjust the css from
staff-global, but won't be trivial to test.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Fix filter vars scope
Jonathan Druart [Mon, 22 Jan 2024 20:35:50 +0000 (21:35 +0100)]
Bug 35329: Fix filter vars scope

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Add POD + tidy Selenium.pm
Jonathan Druart [Fri, 12 Jan 2024 12:27:50 +0000 (13:27 +0100)]
Bug 35329: Add POD + tidy Selenium.pm

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Add cypress tests
Jonathan Druart [Wed, 10 Jan 2024 15:45:24 +0000 (16:45 +0100)]
Bug 35329: Add cypress tests

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Add selenium tests
Jonathan Druart [Wed, 10 Jan 2024 12:43:04 +0000 (13:43 +0100)]
Bug 35329: Add selenium tests

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: (follow-up) Label changes for improved accessibility
Owen Leonard [Wed, 10 Jan 2024 13:22:28 +0000 (13:22 +0000)]
Bug 35329: (follow-up) Label changes for improved accessibility

This patch alters the patron search form so that <label>s wrap the
<input> fields, allowing the label to be clickable without having to
associate it with a unique id. CSS has been modified to accommodate this
change.

The patch also adds missing Bootstrap classes to the "Clear" button, and
swaps out the "hint" class for the "note" class on the permissions
information ("Only staff with superlibrarian or acquisitions
permissions...").

After this patch, form field labels in the patron search modal should be
clickable to give focus to the field (except for Sort 1 and Sort 2 --
label don't work that way with Select2).

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Prevent XSS
Jonathan Druart [Wed, 10 Jan 2024 12:56:15 +0000 (13:56 +0100)]
Bug 35329: Prevent XSS

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: (follow-up) Trigger Select2 upon modal open
Owen Leonard [Wed, 10 Jan 2024 12:20:28 +0000 (12:20 +0000)]
Bug 35329: (follow-up) Trigger Select2 upon modal open

If we wait until the modal is visible Select2 can correctly calculate
the width needed for the Sort 1 and Sort 2 dropdowns.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Remove fixedHeader
Jonathan Druart [Wed, 10 Jan 2024 08:04:31 +0000 (09:04 +0100)]
Bug 35329: Remove fixedHeader

If fixedHeader is set for the result table in the modal, the header will
still appear (quite randomly) on the main view.

To recreate the problem:
Go to /cgi-bin/koha/members/memberentry.pl
Click Add guarantor
Search
Close the modal
Scroll down
=> The header of the table will be displayed randomly at the top of the
page

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Fix neworderempty
Jonathan Druart [Wed, 10 Jan 2024 07:49:07 +0000 (08:49 +0100)]
Bug 35329: Fix neworderempty

Hum I had to put it that way but I cannot remember why. Moving patron_search_js after patron_search_modal fixes the search problem (see comment 12).

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Move patron search to modal - remove members/search.pl
Jonathan Druart [Tue, 9 Jan 2024 12:42:54 +0000 (13:42 +0100)]
Bug 35329: Move patron search to modal - remove members/search.pl

 git grep members/search.pl
should not return any results

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Move patron search to modal - suggestion
Jonathan Druart [Tue, 9 Jan 2024 11:09:55 +0000 (12:09 +0100)]
Bug 35329: Move patron search to modal - suggestion

Test plan:
Edit a suggestion
Click "Set patron" to change the suggester
Click "Select manager" to set the manager

On the suggestion list view, you can also select a manager. Make sure
you are testing with different tabs (suggestions with different statuses).

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Move patron search to modal - erm
Jonathan Druart [Mon, 8 Jan 2024 13:17:40 +0000 (14:17 +0100)]
Bug 35329: Move patron search to modal - erm

Test plan:
Edit an agreement or a license
Add new user and click "Select user" to open the modal
Test with different user for the same agreement/license

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Move patron search to modal - routing list
Jonathan Druart [Fri, 5 Jan 2024 13:50:38 +0000 (14:50 +0100)]
Bug 35329: Move patron search to modal - routing list

The behaviour is a bit different here. Adding a patron from the popup
refreshed the parent page with the newly added patron.

With this patch the refresh of the page will happen when the modal is
closed (if patrons have been added).

Test plan:
Create a subscription, receive one item, create a routing list.
Add users.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Move patron search to modal - edit-batch
Jonathan Druart [Fri, 5 Jan 2024 11:01:55 +0000 (12:01 +0100)]
Bug 35329: Move patron search to modal - edit-batch

Test plan:
Create new patron card batch
Keep the textarea empty and click "Add patron(s)" to open the modal
There is a special feature here, the "checkbox" column is displayed and
you can select several patrons and click "Add selected patrons".

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Move patron search to modal - funds
Jonathan Druart [Fri, 5 Jan 2024 11:10:33 +0000 (12:10 +0100)]
Bug 35329: Move patron search to modal - funds

This is a tricky one.
We can have several modals per page, patron-search.inc needs to be
adjusted to not use ids but classes. Also we need to declare JS
variables with 'var' instead of 'let' (which does not allow redefinition
of the same variable).

Test plan:
Create or modify a fund
"Select owner" and "Add users" to open the modals.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Move patron search to modal - basket
Jonathan Druart [Fri, 5 Jan 2024 07:13:29 +0000 (08:13 +0100)]
Bug 35329: Move patron search to modal - basket

Add user to an acquisition basket

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: Move patron search to modal - neworderempty
Jonathan Druart [Thu, 4 Jan 2024 15:44:39 +0000 (16:44 +0100)]
Bug 35329: Move patron search to modal - neworderempty

Test plan:
Create a new acquisition order and add users.

FIXME:
Note that rules for .modal-dialog .dialog.message need to be adjusted.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 35329: move patron search to modal - Add guarantor
Jonathan Druart [Thu, 4 Jan 2024 15:13:49 +0000 (16:13 +0100)]
Bug 35329: move patron search to modal - Add guarantor

This is the first of many patches to come.

We will rewrite the patron search popup to convert it to a Bootstrap's modal.

I faced different problems on different pages, it is preferable to test
each page on top of the whole patchset, to make sure a futur change will
not break previous pages (and this is why they are all on the same bug
report).

For each page we will test that:
* the different filters work
* the "Clear" filters button work
* the "Add" or "Select" patron button works
* the nested modal to display patron's details (when clicking on their
  name or cardnumber) works

On this patch we are testing the guarantor search:
Create a edit a patron and click "Add guarantor" to open the modal.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36148: Do not deal with CSRF error in get_template_and_user
Jonathan Druart [Mon, 26 Feb 2024 10:29:17 +0000 (11:29 +0100)]
Bug 36148: Do not deal with CSRF error in get_template_and_user

We deal with that in the middleware, we don't want 403.pl to early exit.
If we notice that we actually need it (for other scripts), we could
eventually add a new flag to get_template_and_user to skip the CSRF check,
or build the template without using get_template_and_user for errors/*
scripts.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36148: Fix header name
Jonathan Druart [Fri, 23 Feb 2024 08:07:23 +0000 (09:07 +0100)]
Bug 36148: Fix header name

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36148: Improve error handling and restore programming errors
Jonathan Druart [Fri, 23 Feb 2024 07:53:46 +0000 (08:53 +0100)]
Bug 36148: Improve error handling and restore programming errors

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36148: Add explanatory notes
David Cook [Fri, 23 Feb 2024 05:15:24 +0000 (05:15 +0000)]
Bug 36148: Add explanatory notes

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36148: Allow Koha::Middleware::CSRF to use error/exception middlewares
David Cook [Fri, 23 Feb 2024 05:05:30 +0000 (05:05 +0000)]
Bug 36148: Allow Koha::Middleware::CSRF to use error/exception middlewares

This change allows Koha::Middleware::CSRF to use the ErrorDocument and
HTTPExcetions middlewares to display the correct status codes and HTML
documents.

Leveraging Plack environmental variables, we're also able to pass along
data to the error page handlers to show warnings indicating that there
was a missing CSRF token.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36148: Move CSRF check to a Plack middleware
Jonathan Druart [Thu, 22 Feb 2024 14:16:08 +0000 (15:16 +0100)]
Bug 36148: Move CSRF check to a Plack middleware

The easiest here is to not empty 'op' but instead redirect to an error
page.

Minor changes: to keep the patch simple it removed the 'dev only' error and
display the error for non-dev installs. It should not be a problem
anyway and will prevent errors to be hidden in the log.
We could make KOHA_ERROR an arrayref, but later (we don't need it now
anyway).

Note that the OPAC still not benefit from a friendly specific error for
invalid token.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - overdrive
Nick Clemens [Tue, 27 Feb 2024 19:14:19 +0000 (19:14 +0000)]
Bug 36084: svc - overdrive

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: Fix file upload and www/batch.t
Jonathan Druart [Wed, 28 Feb 2024 09:01:25 +0000 (10:01 +0100)]
Bug 36084: Fix file upload and www/batch.t

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - mana
Jonathan Druart [Tue, 27 Feb 2024 08:44:42 +0000 (09:44 +0100)]
Bug 36084: svc - mana

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: (follow-up) svc - localization
Jonathan Druart [Mon, 26 Feb 2024 13:30:06 +0000 (14:30 +0100)]
Bug 36084: (follow-up) svc - localization

This form is never sent.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: (follow-up) svc - config/systempreferences
Jonathan Druart [Mon, 26 Feb 2024 13:13:57 +0000 (14:13 +0100)]
Bug 36084: (follow-up) svc - config/systempreferences

This form is never sent.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - renew
Jonathan Druart [Fri, 23 Feb 2024 11:15:42 +0000 (12:15 +0100)]
Bug 36084: svc - renew

Material - The code that is supposed to replace the checkbox with a text
was not at the correct place. It should be with checkin, not renewal.
With the table refresh it does not make sense to keep it as we will
never see it.
Best is to replace the checkbox with the text directly.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - recall
Jonathan Druart [Fri, 23 Feb 2024 08:51:04 +0000 (09:51 +0100)]
Bug 36084: svc - recall

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - problem_reports
Jonathan Druart [Thu, 22 Feb 2024 15:50:15 +0000 (16:50 +0100)]
Bug 36084: svc - problem_reports

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - virtualshelves/search
Jonathan Druart [Thu, 22 Feb 2024 13:04:09 +0000 (14:04 +0100)]
Bug 36084: svc - virtualshelves/search

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - members/add_to_list
Jonathan Druart [Thu, 22 Feb 2024 11:01:31 +0000 (12:01 +0100)]
Bug 36084: svc - members/add_to_list

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - localization
Jonathan Druart [Wed, 21 Feb 2024 15:56:54 +0000 (16:56 +0100)]
Bug 36084: svc - localization

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - creator_batches
Jonathan Druart [Wed, 21 Feb 2024 12:30:29 +0000 (13:30 +0100)]
Bug 36084: svc - creator_batches

No desire to have a nice api client for this.

This patch also:
Improve failure handling
Remove unecessary code in svc script
Remove duplicated on click binding

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - cover_images
Jonathan Druart [Wed, 21 Feb 2024 10:46:42 +0000 (11:46 +0100)]
Bug 36084: svc - cover_images

Removing the ability to remove several cover images, it was not used.

FIXME - Note that I am getting randomly a failure when uploading an image and
seeing the following error in the log:
[Wed Feb 21 10:43:59.168934 2024] [cgi:error] [pid 24037] [client 172.18.0.1:45074] AH01215: Use of uninitialized value $fileID in bitwise and (&) at /kohadevbox/koha/tools/upload-cover-image.pl line 101.: /kohadevbox/koha/tools/upload-cover-image.pl, referer: http://localhost:8081/cgi-bin/koha/catalogue/detail.pl?biblionumber=1

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: Add CSRF token support to svc/authentication
David Cook [Wed, 21 Feb 2024 06:17:50 +0000 (06:17 +0000)]
Bug 36084: Add CSRF token support to svc/authentication

GET svc/authentication will return a CSRF token in a response header

POST svc/authentication requires a CSRF token which can be sourced
from the response header of GET svc/authentication or some other
place like the meta element on a HTML page

Note: misc/migration_tools/koha-svc.pl is a simple script which
can be used to practically evaluate svc/authentication and svc/bib

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - clubs
Jonathan Druart [Tue, 20 Feb 2024 15:43:51 +0000 (16:43 +0100)]
Bug 36084: svc - clubs

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - checkout_notes - OPAC
Jonathan Druart [Tue, 20 Feb 2024 14:39:51 +0000 (15:39 +0100)]
Bug 36084: svc - checkout_notes - OPAC

Decided to not use APIClient for OPAC, LATER.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - checkout_notes
Jonathan Druart [Tue, 20 Feb 2024 14:39:21 +0000 (15:39 +0100)]
Bug 36084: svc - checkout_notes

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: Fix is_ajax by setting X-Requested-With header
Jonathan Druart [Tue, 20 Feb 2024 09:00:11 +0000 (10:00 +0100)]
Bug 36084: Fix is_ajax by setting X-Requested-With header

Some svc scripts (and controllers) are using using is_ajax to guess if
it's an AJAX request.
$.ajax is setting the (non standard) X-Requested-With header, but the
low level JS 'fetch' does not.

This patch set it in http-client.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - checkin
Jonathan Druart [Mon, 19 Feb 2024 15:29:23 +0000 (16:29 +0100)]
Bug 36084: svc - checkin

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - config/systempreferences
Jonathan Druart [Fri, 16 Feb 2024 13:56:09 +0000 (14:56 +0100)]
Bug 36084: svc - config/systempreferences

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - shelfbrowser.pl - Replace with GET
Jonathan Druart [Fri, 16 Feb 2024 12:41:14 +0000 (13:41 +0100)]
Bug 36084: svc - shelfbrowser.pl - Replace with GET

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - authorised_values - APIClient now global
Jonathan Druart [Wed, 14 Feb 2024 15:34:20 +0000 (16:34 +0100)]
Bug 36084: svc - authorised_values - APIClient now global

APIClient is not a global variable, which will make the next changes
much easier!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: Do not allow absence of token
Jonathan Druart [Tue, 13 Feb 2024 15:32:35 +0000 (16:32 +0100)]
Bug 36084: Do not allow absence of token

Well, this test was silly, I was focussed on propagating an error to the
UI, but we really need to explode in this case.

Note that this requires more work as login is now broken.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: Add a global #messages div
Jonathan Druart [Tue, 13 Feb 2024 14:16:38 +0000 (15:16 +0100)]
Bug 36084: Add a global #messages div

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: Add a Dialog class
Jonathan Druart [Tue, 13 Feb 2024 14:11:59 +0000 (15:11 +0100)]
Bug 36084: Add a Dialog class

To display potential errors.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: Bring fetch for everywhere
Jonathan Druart [Tue, 13 Feb 2024 14:08:25 +0000 (15:08 +0100)]
Bug 36084: Bring fetch for everywhere

We are retrieving the awesome fetch modules from Vue, so that it can be
used in other areas. Here we will use it to inject the CSRF token to the
header of every POST request.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: svc - article_request - POC
Jonathan Druart [Mon, 12 Feb 2024 15:32:40 +0000 (16:32 +0100)]
Bug 36084: svc - article_request - POC

This is a proof of concept

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36084: C4::Auth+plack.psgi for svc?
Jonathan Druart [Mon, 12 Feb 2024 16:36:44 +0000 (17:36 +0100)]
Bug 36084: C4::Auth+plack.psgi for svc?

Suggestion to move the CSRF check to CGI->new so that we will check it
for every request, and it will cover svc scripts as well (they are not
using get_template_and_user).

The token will be retrieve from the param list *or the csrf_token
header* (do we want to name it x-koha-csrf-token instead?).

This will be done for *every* request that are not GET: CSRF token is now
required everywhere CGI is used (side-effects possible?).

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: (follow-up 2) Add cud-login to the login form - fix tests
Jonathan Druart [Wed, 28 Feb 2024 09:06:08 +0000 (10:06 +0100)]
Bug 36102: (follow-up 2) Add cud-login to the login form - fix tests

Bug 36102: [TO SQUASH] (follow-up 2) Add cud-login to the login form - fix tests

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: Add cud-login to the login form (2FA)
Jonathan Druart [Wed, 28 Feb 2024 08:09:05 +0000 (09:09 +0100)]
Bug 36102: Add cud-login to the login form (2FA)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: (follow-up) Add cud-login to the login form
Jonathan Druart [Mon, 26 Feb 2024 11:18:06 +0000 (12:18 +0100)]
Bug 36102: (follow-up) Add cud-login to the login form

Previous patch missed opac-auth

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: Fix removal of cookie from the installer session on upgrades
David Cook [Wed, 21 Feb 2024 01:50:24 +0000 (01:50 +0000)]
Bug 36102: Fix removal of cookie from the installer session on upgrades

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: Fix expired session on the login page of the installer (?)
Jonathan Druart [Tue, 20 Feb 2024 14:12:23 +0000 (15:12 +0100)]
Bug 36102: Fix expired session on the login page of the installer (?)

I *think* this change fixes a bug when starting the installer with an
expired session. I am no longer able to reproduce the problem however.

Just skip if it does not make sense.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: If CSRF check fails, try with anonymous
Jonathan Druart [Tue, 20 Feb 2024 13:31:04 +0000 (14:31 +0100)]
Bug 36102: If CSRF check fails, try with anonymous

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: Remove cookie from the installer session
Jonathan Druart [Tue, 20 Feb 2024 13:10:40 +0000 (14:10 +0100)]
Bug 36102: Remove cookie from the installer session

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: Generate a new sessionID if the existing one is invalid
Jonathan Druart [Tue, 20 Feb 2024 13:01:04 +0000 (14:01 +0100)]
Bug 36102: Generate a new sessionID if the existing one is invalid

If the cookie contain an expired sessionID we need to create another
one to correctly generate the CSRF token.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: Do not repeat op or csrf_token on the login form - staff
Jonathan Druart [Tue, 20 Feb 2024 12:37:21 +0000 (13:37 +0100)]
Bug 36102: Do not repeat op or csrf_token on the login form - staff

Needed for OPAC?

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
7 months agoBug 36102: (follow-up) Add cud-login to the login form
Jonathan Druart [Tue, 20 Feb 2024 10:03:37 +0000 (11:03 +0100)]
Bug 36102: (follow-up) Add cud-login to the login form

Hum this didn't make sense. We are not checking credentials after
checkauth.

This patch is suggesting to rename "userid" and "password" parameters
from login forms to "login_userid" and "login_password" to not interfere
with other parameters with the same name.

This looks quite correct, however I am seeing
  "The form submission failed (Wrong CSRF token)."
in the log after a successful login. Which feels wrong, what's
happening?

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>