Josef Moravec [Tue, 22 Aug 2017 08:58:11 +0000 (08:58 +0000)]
Bug 19116: Hold not set to waiting after transfer
Test plan:
0) Do not apply the patch
1) Place hold on item from another branch
2) Switch to that branch
3) Check them in at the other branch to set them into transport status (T)
4) Switch back to your homebranch
5) Check items in again, use the different confirm buttons and
compare: Only "confirm and print" will be set to waiting, "confirm"
remains in transport.
6) Apply the patch
7) Repeat 1-5 - now should work as expected - the hold is marked waiting
on "confirm" button too
8) Check the hold from the same branch, to make sure this doesn't add
regression
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Mon, 4 Sep 2017 17:14:31 +0000 (14:14 -0300)]
Bug 19116: Unit tests
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Wed, 16 Aug 2017 12:26:17 +0000 (17:56 +0530)]
Bug 19127: Fix Stored XSS in csv-profiles.pl
To Test
1. Hit the page /cgi-bin/koha/tools/csv-profiles.pl?op=add_form
2. Add a text in the field Profile name, Profile description
and Profile MARC fields that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Katrin Fischer [Wed, 16 Aug 2017 11:52:07 +0000 (13:52 +0200)]
Bug 19108: (follow-up) Fix Stored XSS in fieldmapping.pl and items_search_fields.pl
To test:
- Add a framework with script in the description
- Access the Keywords to MARC mapping page
- Add an item search field where both name and label are script
- Try to edit/delete the added mapping
With the patch no script should be executed and everything
should still work ok.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 09:07:50 +0000 (14:37 +0530)]
Bug 19108: Fix Stored XSS in biblio_framework.pl and marctagstructure.pl
To Test
1. Hit the page /cgi-bin/koha/admin/biblio_framework.pl?op=add_form
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Click on Actions -> MARC structure
6. Apply patch and reload, the js is escaped
Fixed for both the pages biblio_framework.pl and marctagstructure.pl
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 08:40:43 +0000 (14:10 +0530)]
Bug 19108: Fix Stored XSS in fieldmapping.pl
To Test
1. Hit the page /cgi-bin/koha/admin/fieldmapping.pl
2. Add a text in the field Field name that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 08:36:47 +0000 (14:06 +0530)]
Bug 19108: Fix Stored XSS in authtypes.pl
To Test
1. Hit the page /cgi-bin/koha/admin/authtypes.pl?op=add_form
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 08:25:45 +0000 (13:55 +0530)]
Bug 19108: Fix Stored XSS in classsources.pl
Fixed for both Classification sources & Classification filing rules
To Test
1. first case classification source: Hit the page
/cgi-bin/koha/admin/classsources.pl?op=add_source
second case classification filing rules:
Hit the page /cgi-bin/koha/admin/classsources.pl?op=add_sort_rule
2. Add a text in the field Description that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 08:19:10 +0000 (13:49 +0530)]
Bug 19108: Fix Stored XSS in items_search_fields.pl
To Test
1. Hit the page /cgi-bin/koha/admin/items_search_fields.pl
2. Add a text in the field Name and Label that contains js
3. Save the page.
4. Notice js is execute
5. Apply patch and reload, the js is escaped
Fixed for new and edit page
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 08:03:57 +0000 (13:33 +0530)]
Bug 19108: Fix Stored XSS in oai_sets.pl
To Test
1. Hit the page /cgi-bin/koha/admin/oai_sets.pl
2. Click on New set
3. Add a text in the field setSpec, setName that contains js
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 04:45:54 +0000 (10:15 +0530)]
Bug 19103: Fix Stored XSS in matching-rules.pl
To Test
1. Hit the page /cgi-bin/koha/admin/matching-rules.pl
2. Click on new record matching rule
3. Add a text in the field Description that contain js.
4. Save the page.
5. Notice js is execute
6. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 04:37:45 +0000 (10:07 +0530)]
Bug 19103: Fix Stored XSS in patron-attr-types.pl
To Test
1. Hit the page /cgi-bin/koha/admin/patron-attr-types.pl
2. Click on new patron attribute type
2. Add a text in the field Description that contain js.
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Tue, 15 Aug 2017 03:22:40 +0000 (08:52 +0530)]
Bug 19103: Fix Stored XSS in itemtypes.pl
To Test
1. Hit the page /cgi-bin/koha/admin/itemtypes.pl
2. Add a text in the field Description, Checkin message that contains js
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Katrin Fischer [Wed, 16 Aug 2017 12:34:17 +0000 (14:34 +0200)]
Bug 19128: Fix Stored XSS in patron-attr-types.pl, authorised_values.pl and categories.pl
Preparation:
- Add a branch with script in the branch name
- Add a patron category with script in the category name
- Add a new authorised value cateogory with script
- Add a new authroised value for this category with script
in all possible fields
- Test editing patron categories
- Test editing patron attribute types
- Test viewing and editing authorised values
Verify that with this script there is no more script executed
and everything works fine.
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Katrin Fischer [Wed, 16 Aug 2017 10:05:50 +0000 (12:05 +0200)]
Bug 19125: Fix Stored XSS in members.pl
In preparation to test this patch:
- Add a patron list named <script>alert("patron list")</script>
- Add a library named <script>alert("library")</script>
- Add a patron category named <script>alert("patron category")</script>
To test:
- Access patron search page and do a search
- Verify that the alerts added above are executed
- Apply patch
- Verify that no alerts are displayed
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Mon, 14 Aug 2017 21:14:11 +0000 (02:44 +0530)]
Bug 19086: Fix Stored XSS in subscription-add.pl
To Test
1. Hit the page /cgi-bin/koha/serials/subscription-add.pl
2. Add a text in the field Public note and Nonpublic note
that contains js (Internalnotes, notes)
2. Save the page.
3. Notice js is execute
4. Apply patch and reload, the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amit Gupta [Mon, 14 Aug 2017 21:03:59 +0000 (02:33 +0530)]
Bug 19086: Fix Stored XSS in supplier.pl
1. Hit the page /cgi-bin/koha/acqui/supplier.pl?op=enter
2. Add a text in the field company_postal, physical, company_fax,
accountnumber, contactposition, contact_fax, contact_notes, notes that contains java script
3. Save the page.
4. Notice js is execute
5. Apply patch and reload the js is escaped
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Chris Cormack [Fri, 11 Aug 2017 19:54:34 +0000 (19:54 +0000)]
Bug 19086: Fix Stored XSS in circulation.pl
1/ To test add a message to a borrower that contains js
2/ hit /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number]
where number is the borrowernumber of the borrower you set the message
for
3/ Notice js is execute
4/ Apply patch, reload, js is escaped
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Chris Cormack [Fri, 11 Aug 2017 19:36:43 +0000 (19:36 +0000)]
Bug 19086: Fix Stored XSS in members/member.pl
To test
1/ hit /cgi-bin/koha/members/member.pl?&searchmember=<script>alert('XSS Payload')</script>
2/ Notice js is executed
3/ Apply patch, reload
4/ js is now escaped
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 28 Sep 2017 17:49:11 +0000 (14:49 -0300)]
Bug 19385: Fix random t/Calendar.t failure - clear the cache before
The cache 'exception_holidays' may be populated when we run these tests,
we need to clear it before the tests are run.
Test plan:
prove t/db_dependent/Circulation/CalcDateDue.t t/Calendar.t
Without this patch, t/Calendar will fail with:
# Failed test 'Exception holiday is not a closed day test'
# at t/Calendar.t line 159.
# got: '1'
# expected: '0'
# Looks like you failed 1 test of 38.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Thu, 16 Mar 2017 11:53:44 +0000 (13:53 +0200)]
Bug 18282: operationId must be unique
operationId has the following documentation:
"Unique string used to identify the operation. The id MUST be unique among all
operations described in the API."
This patch modifies operationIds to be unique accross our API operations.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 18137: (QA followup) Make sure the session exists and is expired on expiration tests
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Lari Taskula <lari.taskula@jns.fi> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Fri, 17 Feb 2017 11:14:09 +0000 (13:14 +0200)]
Bug 18137: List Mojolicious::Plugin::OpenAPI and JSON::Validator as dependencies
Edit (tcohen): I've changed the version numbers to match those Mirko has already
successfully packaged and are known to work for this patchset.
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Thu, 16 Mar 2017 12:24:52 +0000 (14:24 +0200)]
Bug 18137: (follow-up) Sort definitions.json
Before this file grows, we should sort it alphabetically.
To test:
1. prove t/db_dependent/api/v1
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Tue, 7 Mar 2017 11:31:04 +0000 (13:31 +0200)]
Bug 18137: (QA-follow-up) Fix pod fail
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Tue, 21 Feb 2017 17:55:28 +0000 (19:55 +0200)]
Bug 18137: Remove x-mojo-around-action
Mojolicious::Plugin::OpenAPI does not support x-mojo-around action. This patch
removes it from our specification document.
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Mon, 20 Feb 2017 18:07:26 +0000 (20:07 +0200)]
Bug 18137: Make /holds Mojolicious::Plugin::OpenAPI compatible
Also
- adding some missing and new response definitions into Swagger spec.
- fixing failing tests due to Bug 17932's change of boolean values
To test:
1. prove t/db_dependent/api/v1/holds.t
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Mon, 20 Feb 2017 17:58:28 +0000 (19:58 +0200)]
Bug 18137: Make /cities Mojolicious::Plugin::OpenAPI compatible
Also:
- adding some missing and new response definitions into Swagger spec.
To test:
1. prove t/db_dependent/api/v1/cities.t
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Fri, 17 Feb 2017 12:59:24 +0000 (14:59 +0200)]
Bug 18137: Make /patrons Mojolicious::Plugin::OpenAPI compatible
Also:
- adding some missing and new response definitions into Swagger spec.
- fixing failing test due to Bug 17932's change of boolean values
To test:
1. prove t/db_dependent/api/v1/patrons.t
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Fri, 17 Feb 2017 12:36:36 +0000 (14:36 +0200)]
Bug 18137: Migrate from Swagger2 to Mojolicious::Plugin::OpenAPI
This patch migrates from Swagger2 to Mojolicious::Plugin::OpenAPI as Swagger2 is
no longer actively maintained.
This migration involves some minor changes to our Swagger specification documents
and to controllers. Each operation is migrated in following patches separately.
Please see Mojolicious::Plugin::OpenAPI and its tutorial for more documentation.
The patch also refactors some API authentication -related code by taking advantage
of Koha::Exceptions. Authentication is now handled via Mojolicious's "under->to"
functionality. The actual authentication & authorization checks are moved to
Koha::REST::V1::Auth. Added a HTTP 503 response for when database update is
required, instead of returning an authentication failure as before.
To test:
1. prove t/db_dependent/api/v1/auth.t
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lari Taskula [Fri, 17 Feb 2017 12:34:42 +0000 (14:34 +0200)]
Bug 18137: Add useful Koha::Exceptions
Signed-off-by: Olli-Antti Kivilahti <olli-antti.kivilahti@jns.fi> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 18508: Fix t/db_dependent/api/v1/swagger/definitions.t (follow-up of 18137)
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 25 Aug 2017 10:26:21 +0000 (06:26 -0400)]
Bug 19173: Add opac payment and marc conversion plugins to the pulldown filter list
Edit: fixed tab-for-space errors (tcohen).
Signed-off-by: Magnus Enger <magnus@libriotech.no>
New categories are added to the pulldown and work as expected. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Thu, 24 Aug 2017 10:55:49 +0000 (06:55 -0400)]
Bug 19173: Make OPAC online payments pluggable
While PayPal is fairly universal, there is a plethora of online
payment system that are far more localized, servicing a single
country ( e.g. Bug 18968 ) or even a single city! Instead of
adding support for each and every one of these payment options
directly into Koha, it makes more sense to add the ability to
create online payment plugins.
Test Plan:
1) Apply this patch
2) Download and install the Kitchen Sink plugin version 2.1.1 or later
https://github.com/bywatersolutions/koha-plugin-kitchen-sink/releases
3) In the plugin options, enable the opac payments option
4) Create a patron with one or more fines
5) Log into the opac as that patron, note you now have the option
to pay online via KitchenSink ImaginaryPay
6) Make an online payment
7) Note the payment was processed correctly
Sponsored-by: Washoe County Library System Signed-off-by: Kyle M Hall <kyle@gmail.com> Signed-off-by: Magnus Enger <magnus@libriotech.no>
Awesome enhancement! I know we want to add at least one Norwegian
payment service at some point.
I followed the test plan and everything works as advertised. Turning
off the "opac payments option" makes the option dissappear cleanly
from the OPAC. I have *not* looked at the code or done any
considerations about security. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Tue, 25 Apr 2017 17:27:00 +0000 (13:27 -0400)]
Bug 6758: Add new patron column for date of renewal
Test Plan:
1) Apply this patch
2) Run updatedatabase
3) Create a new patron
4) Note the new column date_renewed is NULL
5) Renew the patron
6) Note the date in the column date_renewed is today's date
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Aleisha Amohia [Tue, 29 Aug 2017 05:02:29 +0000 (05:02 +0000)]
Bug 19195: Preventing noisy warns when creating or editing a basket
To test:
1) Open the koha intranet error log
2) Go to Acquisitions -> Find or create a vendor
3) Create a new basket, filling all fields
4) Notice warns in error log
5) Edit this basket
6) Notice warns in error log
7) Apply patch
8) Create another basket, confirm warns do not show
9) Edit this basket, confirm warns do not show
Sponsored-by: Catalyst IT Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lee Jamison <ldjamison@marywood.edu> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Aleisha Amohia [Tue, 29 Aug 2017 21:21:00 +0000 (21:21 +0000)]
Bug 19180: [FOLLOW-UP] Renaming all instances of 'name' variable to 'booksellername'
... when referring to the name of the vendor.
To test:
1) Confirm vendor shows on webpage title (tab name)
2) Confirm vendor shows in breadcrumbs
3) Confirm vendor shows in heading when viewing basket ('Basket x (1) for
vendor')
Sponsored-by: Catalyst IT Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Aleisha Amohia [Sun, 27 Aug 2017 23:00:15 +0000 (23:00 +0000)]
Bug 19180: Add vendor name to breadcrumbs when closing an order
To test:
1) Go to Acquisitions
2) Find a vendor and a basket
3) Click 'Close basket' button
4) Notice that on confirmation page, breadcrumbs are missing vendor
5) Apply patch and refresh page
6) Vendor name should now show
7) Confirm link to vendor works as expected
Sponsored-by: Catalyst IT Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Aleisha Amohia [Wed, 30 Aug 2017 04:36:50 +0000 (04:36 +0000)]
Bug 16204: Show friendly error message if trying to edit record which no longer exists
To test:
1) Create a record
2) Click Edit -> Edit record. open this in another tab
3) Delete the record in the original tab
4) Refresh the edit form in the other tab. Notice the software error
5) Apply patch and refresh page
6) There should be a nice error message with the form fields and buttons
hidden. Confirm links work as expected.
Sponsored-by: Catalyst IT Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marc Véron [Thu, 4 May 2017 15:36:24 +0000 (17:36 +0200)]
Bug 18541 - Patron card creator: Add a grid to support layout design
Add a layout grid to patron card creator to figure out the positions of text
fields, barcode and images.
To test:
- Apply on top of patch 18465
- Go to Home > Tools > Patron card creator
- Edit or create a layout
- Turn on new choice 'Guide grid' in section 'General settings'
- Leave 'Units' unchanged
- Crate a PDF using 'Card batches'
- Notice that card is printed with a layout grid that reflects selected unit
with each 5th and 10th line in different color, unit description displayed
bottom left, card dimensions displayed top right in small print inside the
layout grid
- Print PDF. Set printer settings in Adobe Reader or other PDF printing
software to 'Actual size' to prevent scaling to printer's printable
region
- Mesure out printed PDF and verify that grid corresponds to selecte unit.
- Go back to layout definition and choose an other unit, repeat steps
to verify that grid respects selected unit.
- Go back to layout definition, turn grid off, create PDF, verify that grid
does not display in PDF
Note for testers / QAers: Position of card elements (text, image...) do not
respect the unit, this will be fixed in Bug 18550
Followed test plan and it worked as intended Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Tue, 6 Jun 2017 18:35:07 +0000 (18:35 +0000)]
Bug 18739 - Add SVG version of staff-home-icons-sprite image
Images display correctly. Followed test plan and patch works as described.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Thu, 8 Jun 2017 16:01:32 +0000 (16:01 +0000)]
Bug 15644 - City dropdown default selection when modifying a patron matches only on city
This patch modifies the include files which contain the form fields for
city, state, zipcode, etc. shown on the patron entry screen. The files
are modified so that the city/state/zip <select> preselects a value
based on city, state, and zipcode matching the values in the
corresponding text fields.
To test, confirm that the bug's steps to reproduce are fixed:
- Enter two cities via Administration -> Patrons and circulation
-> Cities and towns:
Springfield, MA 01101
Springfield, VT 05156
- Edit a patron choosing, Springfield VT, and save.
- Edit the patron again and confirm that the correct city is
pre-selected.
- Confirm this result with all three different settings of the
"AddressFormat" system preference.
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Thu, 29 Jun 2017 11:03:39 +0000 (13:03 +0200)]
Bug 18149: Move CountUsage calls to Koha namespace
After the introduction of Koha::Authorities->get_usage_count with bug
9988, we can now replace the remaining occurrences of CountUsage.
At the same time we remove CountUsageChildren. This was an empty sub.
The typo get_count_usage in a subtest title is adjusted.
Test plan:
[1] Run t/db_dependent/Koha/Authorities.t
[2] Perform a search on authorities-home.pl and verify that you see
plausible numbers for 'used in xx records'.
[3] Click on Details for one authority. See the same number?
[4] Do the same as in 2/3 for Authority search on OPAC.
[5] Remember the authid and enter this in the record numbers box on
tools/batch_delete_records.pl. Select Authorities and click
Continue. The next form shows a column "Used in". Do you see
the same count again?
[6] Git grep CountUsage.
You should see just one hit in a comment that can be kept in
Koha/Authorities.pm.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Josef Moravec [Sun, 11 Jun 2017 19:23:41 +0000 (19:23 +0000)]
Bug 10132: Add ability to set MARC Organization Code at library level
Test plan:
0. Apply patches
1. Update database
2. Go to administration -> libraries, try to update some library and
fill in some value into Marc Organization code field
3. Save this library and edit again - the code should be stored
correctly
4. Go to system preferences and fill in some value into MARCOrgCode
preference, note there is enhanced description mentioning the ability to
set organization code on library level
5. Set active library to the one with own org code stored
6. Go to cataloguing, create new empty record and click into field 003 -
there should be the code you filled for that library
7. Set active library to one withou marc org code
8. Go to cataloguing, create new empty record and click into field 003 -
there should be the code from system preference
9. Go to system preferences again and set AutoCreateAuthorities to
'generate' and BiblioAddsAuthorities to 'allow'
10. Go to cataloguing and create some biblio record, fill in any author
in to create its authority record, save the biblio
11. Go to authorities and find this created authority, go to details and
check the fields: 003, 040$a, 040$c, 670$a - there should be used right org code
12. prove t/db_dependent/AuthoritiesMarc.t t/db_dependent/Biblio.t t/db_dependent/Koha/Libraries.t
Signed-off-by: Hugo Agud <hagud@orex.es> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Josef Moravec [Sun, 11 Jun 2017 19:22:06 +0000 (19:22 +0000)]
Bug 10132: Admin pages changes
Signed-off-by: Hugo Agud <hagud@orex.es> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Josef Moravec [Sun, 11 Jun 2017 19:48:50 +0000 (19:48 +0000)]
Bug 10132: Unit tests
Signed-off-by: Hugo Agud <hagud@orex.es> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Josef Moravec [Sun, 11 Jun 2017 19:21:16 +0000 (19:21 +0000)]
Bug 10132: DBIC update
Signed-off-by: Hugo Agud <hagud@orex.es> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Josef Moravec [Sun, 11 Jun 2017 19:19:38 +0000 (19:19 +0000)]
Bug 10132: Database changes
Signed-off-by: Hugo Agud <hagud@orex.es> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Josef Moravec [Tue, 20 Jun 2017 11:06:47 +0000 (13:06 +0200)]
Bug 18810: Update Font Awesome to 4.7.0
Test plan:
0) Apply the patch
1) Edit a template and use any of the new icons, see
http://fontawesome.io/icons/
2) Verify that the added icon is shown
For alternative test see comment #2. Works as expected. Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Wed, 7 Jun 2017 14:56:47 +0000 (10:56 -0400)]
Bug 18742: Circulation statistics wizard no longer exports the total row
To test:
- Run the circulation wizard
- Export to csv
- Note there is no total row
- Apply patch
- Export to csv
- Total row totally there!
Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Mon, 18 Sep 2017 17:23:54 +0000 (14:23 -0300)]
Bug 19335: Fix 00-merge-conflict-markers.t when dockerised
This does not make sense, but fix a bug (why?)
Without this patch, the tests failed on po files:
[17:14:26] t/00-merge-conflict-markers.t .. Failed 1/1 subtests
Test Summary Report
-------------------
t/00-merge-conflict-markers.t (Wstat: 9 Tests: 0 Failed: 0)
Non-zero wait status: 9
Parse errors: Bad plan. You planned 1 tests but ran 0.
Result: FAIL
Note that this is not related to bug 19227.
if the ^>>>>>> and ^<<<<<< matches are done on the same line, the test fail
As saw it failed on *-pref.po files
misc/translator/po/kn-Knda-pref.po
misc/translator/po/ja-Jpan-JP-pref.po
misc/translator/po/nl-BE-pref.po
misc/translator/po/sr-Cyrl-pref.po
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Mon, 7 Aug 2017 18:13:17 +0000 (15:13 -0300)]
Bug 19059: Remove CancelReserve
It's done!
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2017 13:44:56 +0000 (10:44 -0300)]
Bug 19059: Remove CancelReserve - do not log DELETE
There is something wrong with the DELETE log, it should be replaced with
a FILLED log.
Anyway, here we do not want it to be logged.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 3 Aug 2017 21:00:22 +0000 (18:00 -0300)]
Bug 19059: Remove CancelReserve - add new tests
This is bonus, let's add new tests
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 3 Aug 2017 18:12:25 +0000 (15:12 -0300)]
Bug 19059: Remove CancelReserve - move tests
Move the existing tests
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 2 Aug 2017 17:00:12 +0000 (14:00 -0300)]
Bug 19059: Move C4::Reserves::CancelReserve to Koha::Hold->cancel
This patch adds a new Koha::Hold->cancel method and replaces the calls
to C4::Reserves::CancelReserve with it.
Test plan:
- Add and cancel holds
- Change priority of holds
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jon Knight [Mon, 21 Aug 2017 15:04:20 +0000 (15:04 +0000)]
Bug 19068: Add quantity field to the opac suggestions form
This enhancement just exposes the quantity field to the OPAC suggestions
form to permit the end user to enter this if they wish. The librarians
can of course override this quantity when they process the suggestion.
Test Plan (assuming using kohadevbox VM):
1) apply patch and turn on purchase suggestions
2) Go to http://localhost:8080/cgi-bin/koha/opac-suggestions.pl?op=add
and notice that there is now a quantity field available.
3) Make a purchasing suggestion using this form, including a quantity.
4) Log in as a member of library staff and go to Home › Acquisitions ›
Suggestions
5) Confirm that the previously entered suggestion is there, and that the
correct quantity appears in the "Acquisition information" section.
6) Edit the purchasing suggestion, change the quantity, save it and
check that the new quantity appears in the suggestion.
I've popped an ID attribute of "opac-suggestion-quantity" to the
surrounding <li> so that CSS can easily make this optional field
disappear (as suggested by cait on IRC).
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 6 Sep 2017 14:23:10 +0000 (11:23 -0300)]
Bug 12346: Display the correct number of pending patron modifications on the patron module home page
Due to the way members-home.pl handles the variable $branch, the number
of patron modifications listed on members-home.pl may differ from the
number listed on mainpage.pl. When the librarian clicks this link, he or
she may see a different number than was listed, or none at all!
Test Plan:
0) Set IndependentBranchesPatronModifications = Yes
1) Create a number of modification request for BranchA
2) Log into the staff intranet with a patron without superlibrarian
permissions and set your branch to BranchB
3) Note the modifications alert to does not display on mainpage.pl
4) Click the "Patrons" link to take you to members-home.pl
5) Note the modifictions alert does display on this page
6) Apply this patch
7) Reload members-home.pl, note the alert no longer displays
QA notes: What was the point of the branch variable?
Followed test plan, patch worked as described. Also passed QA test tool Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Mon, 26 Jun 2017 10:51:59 +0000 (12:51 +0200)]
Bug 17380: Do not allow Default template in merge form
This patch makes the following changes:
[1] Removes Default from the template list. We should not merge with the
Default framework, since it does not have a reporting tag.
[2] Rearranges the error section in the template. It is confusing to have
two error sections in this template. The error CANNOT_MOVE is not used.
The error FRAMEWORK_NOT_SELECTED is replaced by WRONG_FRAMEWORK.
[3] Do not allow to merge a record with itself.
[4] Check if the merge reference record still contains any MARC tags.
[5] Additional polishing: Simplify passing frameworks to template. Remove
an unused Koha::Authority::Types->search. Remove obsolete POD header
for functions from the script.
Test plan:
[1] Select two authorities to merge. Verify that you cannot select Default
anymore as framework for the reference record.
[2] Reproduce error WRONG_COUNT by adding another authid=999 in the URL
after you selected two authority records for merging.
[3] Remove the third authid from the URL and change the first or second
authid into an unexisting record id. You should generate an Internal
Server Error. The log should show the exception message.
[4] Merge two authorities. Deselect all MARC tags. Should trigger the
error EMPTY_MARC in the template.
[5] Select the same authority record twice for merging. Should trigger the
error DESTRUCTIVE_MERGE in the template.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 17380: Graceful resolution of missing reporting tag in merge
Altough this patch deals with a mostly hypothetical case and this report
makes it practically impossible anymore to merge with records in the
Default framework (having no reporting tag), we can make the code of
sub merge still a bit more robust here.
If you would merge biblio records from one authtype to another and the new
framework would not have a reporting tag, before this patch the result would
be data loss. Merge would handle this request as a delete. This patch makes
merge handle it differently: instead of clearing the biblio records, it
keeps $a and $9 in order to make a future corrective merge possible.
Note: The additional condition on line 1468 for $tags_using_authtype
makes sure that we do not select all fields when the authtype should
unexpectedly be empty string (Default). This prevents crashing on
a "Control fields do not have subfields" error.
Test plan:
[1] Run t/db_dependent/Authorities/Merge.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Mon, 26 Jun 2017 11:41:56 +0000 (13:41 +0200)]
Bug 17380: Do not use GuessAuthTypeCode in MetadataRecord::Authority
If we got an authtypecode from the database and this value is not NULL
since the table column does not allow it, there is no need to call
GuessAuthTypeCode for empty string (read: Default framework) in the
sub get_from_authid.
Furthermore, we remove three Koha::MetadataRecord::Authority->new calls.
They are useless, since we do not pass a record. It just generates:
No record passed at authorities/merge.pl line 96.
Can't bless non-reference value at Koha/MetadataRecord/Authority.pm line 66.
Instead we throw an ObjectNotFound exception.
Test plan:
[1] Run t/db_dependent/Koha_Authority.t
[2] Interface will be tested in the following patches.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Thu, 23 Feb 2017 09:02:57 +0000 (10:02 +0100)]
Bug 17380: Add some checks around Authorities::Types->find
Resolves:
Use of uninitialized value $biblio_fields in scalar chop at authorities/detail.pl line 212.
Can't call method "authtypetext" on an undefined value at authorities/detail.pl line 216.
Can't call method "authtypecode" on an undefined value at authorities/detail.pl line 180.
NOTE: Some of these problems have actually been resolved now by bugs 18801
and 18811, but it is still better imo to have these checks.
Test plan:
[1] Verify unchanged behavior. Search for some authorities on authorities.pl
and click on the details of a record.
[2] Open an authorities detail page and change the authid in the URL to a
not existing number. Instead of an internal server error, you should see
a message like "The authority record you requested does not exist".
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Trivial changes to silence qa tools on POD warnings for Subfields and Tags.
Note: Since Subfield and Tag only contain one sub which is considered as
private by Pod::Coverage, these modules are listed as unrated (no public
symbols defined) and trigger a FAIL on pod coverage in qa tools. This fail
can be ignored.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Fri, 23 Jun 2017 05:59:04 +0000 (07:59 +0200)]
Bug 18811: Atomic update to print warning at upgrade time
The warning encourages people to run the auth_show_hidden_data script
to check for data in hidden fields and adjust their frameworks.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Thu, 22 Jun 2017 13:39:41 +0000 (15:39 +0200)]
Bug 18811: Add a script for checking authority data in hidden fields
If you edit an authority record while having data in hidden fields or
subfields, that data will be lost now.
This script can help you to unhide some fields and prevent data loss.
Test plan:
[1] Add a PERSO_NAME record. Fill e.g. 100b.
[2] Hide 100b in the PERSO_NAME framework.
[3] Run auth_show_hidden_data.pl and verify that it reports 100b in
the PERSO_NAME framework.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Thu, 22 Jun 2017 11:42:38 +0000 (13:42 +0200)]
Bug 18811: Add Koha Objects for authority tags and subfields
Trivial copy and paste activity.
Will be used in a later patch.
No test plan needed.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>