git.koha-community.org Git

]> git.koha-community.org Git - koha.git/log

Nick Clemens [Wed, 31 Jan 2024 14:16:17 +0000 (09:16 -0500)]

Bug 34478: Manual fix - action to op / add cud- - opac-search-history

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Wed, 31 Jan 2024 14:01:48 +0000 (09:01 -0500)]

Bug 34478: Manual fix - change action to op and fix transport type - pos/pay

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Wed, 31 Jan 2024 13:10:53 +0000 (08:10 -0500)]

Bug 34478: Manual fix - update ops and use forms - editCollections

Bug 34478: TO SQUASH - Manual fix editCollections

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 11:35:02 +0000 (12:35 +0100)]

Bug 34478: Add 'op' to opac-sendbasketform

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 11:18:21 +0000 (12:18 +0100)]

Bug 34478: Add 'op' to opac-ratings

This is only for non-JS, might need to be removed

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 11:11:10 +0000 (12:11 +0100)]

Bug 34478: Add 'op' to opac-tags

There are way more to do in this controller!...

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 10:56:04 +0000 (11:56 +0100)]

Bug 34478: Add 'op' to opac-request-article

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 10:42:57 +0000 (11:42 +0100)]

Bug 34478: Add 'op' to opac-messaging

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Martin Renvoize [Wed, 31 Jan 2024 10:30:34 +0000 (10:30 +0000)]

Bug 34478: Remove no longer used Mana comment form

The form was moved and cleaned up but it appears during rebases the
original got re-introduced. This just tidies it up as the form itself
here is never used or displayed.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 10:13:48 +0000 (11:13 +0100)]

Bug 34478: Rename action with op - offline_circ

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 10:03:38 +0000 (11:03 +0100)]

Bug 34478: Add missing op - members-update

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 09:51:49 +0000 (10:51 +0100)]

Bug 34478: Rename action with op - mod_debarment

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 09:23:45 +0000 (10:23 +0100)]

Bug 34478: Rename action with op - opac-issue-note

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 31 Jan 2024 07:44:24 +0000 (08:44 +0100)]

Bug 34478: op modify=>edit_form, add=>add_form - memberentry.pl

Bug 34478: TO SQUASH op modify=>edit_form, add=>add_form ( pass opadd to template )- memberentry.pl

The template expects opadd when showing the form - along the way it was changed to 'add' and broke new patron
entry

Bug 34478: TO SQUASH op modify=>edit_form, add=>add_form ( pass op to template )- memberentry.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Tomas Cohen Arazi [Tue, 30 Jan 2024 17:32:50 +0000 (14:32 -0300)]

Bug 34478: op=modify should be op=add_form - memberentry.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Tomas Cohen Arazi [Tue, 30 Jan 2024 15:32:50 +0000 (12:32 -0300)]

Bug 34478: actionType parameter not used - memberentry.pl

Bug 34478: [TO SQUASH] actionType parameter not used - memberentry.pl

syntax error at members/memberentry.pl line 103, near "\|"

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Tue, 30 Jan 2024 16:05:57 +0000 (16:05 +0000)]

Bug 34478: Manual fix - problem_reports

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 15:33:42 +0000 (16:33 +0100)]

Bug 34478: Replace POST with GET - request.tt

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 15:12:52 +0000 (16:12 +0100)]

Bug 34478: Rename action with op - members/boraccount

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Tomas Cohen Arazi [Tue, 30 Jan 2024 14:55:16 +0000 (11:55 -0300)]

Bug 34478: Manual fix - Course reserves

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 12:37:52 +0000 (13:37 +0100)]

Bug 34478: Manual fix - opac-shareshelf

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 11:26:42 +0000 (12:26 +0100)]

Bug 34478: Manual fix - opac-shelves (WIP)

Share still needs attention, moved to "later"

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 11:13:36 +0000 (12:13 +0100)]

Bug 34478: Log if CSRF is wrong (debug)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 10:39:39 +0000 (11:39 +0100)]

Bug 34478: Fix new forms

New forms that need to be fixed after rebase.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 10:28:07 +0000 (11:28 +0100)]

Bug 34478: op =~ ^cud- in pl/pm - Manual branches.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 10:08:24 +0000 (11:08 +0100)]

Bug 34478: Rename action with op - import_export_framework

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Tomas Cohen Arazi [Mon, 29 Jan 2024 20:13:10 +0000 (17:13 -0300)]

Bug 34478: Manual fix - Batch rm items (course reserves)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Tomas Cohen Arazi [Mon, 29 Jan 2024 20:05:47 +0000 (17:05 -0300)]

Bug 34478: Manual fix - Batch add items (course reserves)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Tomas Cohen Arazi [Mon, 29 Jan 2024 19:47:38 +0000 (16:47 -0300)]

Bug 34478: Manual fix - Add items (course reserves)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 26 Jan 2024 19:15:17 +0000 (14:15 -0500)]

Bug 34478: Manual fix - change to post - guided_reports

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 26 Jan 2024 17:56:39 +0000 (12:56 -0500)]

Bug 34478: Manual fix - change to post remove cud from confirm step - serials-collection

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 26 Jan 2024 17:45:21 +0000 (12:45 -0500)]

Bug 34478: Manual fix - remove cud from search op - authorities-home

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 26 Jan 2024 16:58:07 +0000 (11:58 -0500)]

Bug 34478: Manual fix - Switch to post, update op - neworderempty_duplicate

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 26 Jan 2024 16:27:52 +0000 (11:27 -0500)]

Bug 34478: Manual fix - Switch to post, update op, add missing include - basket

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 26 Jan 2024 16:01:18 +0000 (11:01 -0500)]

Bug 34478: Manual fix - fix ops and method - deletemem

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 26 Jan 2024 15:52:54 +0000 (10:52 -0500)]

Bug 34478: Manual fix - Rename action with op change to post - merge-patrons

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 26 Jan 2024 10:35:20 +0000 (11:35 +0100)]

Bug 34478: Rename action with op - circ/request-article

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 26 Jan 2024 10:33:02 +0000 (11:33 +0100)]

Bug 34478: Rename action with op - circ/checkout-notes

svc/checkout_notes will need to be adjusted as well

Bug 34478: [TO SQUASH] Rename action with op - circ/checkout-notes

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 26 Jan 2024 10:11:58 +0000 (11:11 +0100)]

Bug 34478: Rename action with op - catalogue/search-history

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 26 Jan 2024 10:02:56 +0000 (11:02 +0100)]

Bug 34478: Rename action with op - admin/library_groups

This is a bit dirty but it works.
form is not styling correctly when put within the li

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 26 Jan 2024 09:28:06 +0000 (10:28 +0100)]

Bug 34478: Rename action with op - admin/item_circulation_alerts

Also fix possible XSS.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 26 Jan 2024 09:06:20 +0000 (10:06 +0100)]

Bug 34478: Rename action with op - admin/columns_settings

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 26 Jan 2024 09:00:41 +0000 (10:00 +0100)]

Bug 34478: Rename action with op - acqui/cancelorder

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Martin Renvoize [Wed, 24 Jan 2024 11:44:02 +0000 (11:44 +0000)]

Bug 34478: Remove no longer reference form

Cleanup whilst we're here.. the form here isn't actually included
anywhere and the acompanying controller no longer exists.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Martin Renvoize [Wed, 24 Jan 2024 11:09:22 +0000 (11:09 +0000)]

Bug 34478: Update label ops 'edit' to 'edit_form'

This serves to clarify that the 'edit' is not an update action in this
case, but instead is a form fetch.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 24 Jan 2024 11:12:22 +0000 (12:12 +0100)]

Bug 34478: op =~ ^cud- in pl/pm - Manual parcels.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 24 Jan 2024 10:27:01 +0000 (11:27 +0100)]

Bug 34478: Manual fix - preferences

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 24 Jan 2024 10:32:34 +0000 (11:32 +0100)]

Bug 34478: op =~ ^cud- in pl/pm - Manual preferences.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 23 Jan 2024 15:59:44 +0000 (16:59 +0100)]

Bug 34478: Add method="get" to forms without method

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 23 Jan 2024 15:57:05 +0000 (16:57 +0100)]

Bug 34478: Remove duplicated form in virtualshelves/downloadshelf.tt

Just... don't ask... It's there since 2010

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Martin Renvoize [Mon, 22 Jan 2024 11:56:37 +0000 (11:56 +0000)]

Bug 34478: Manual fix - label-edit-profile (cud-save)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Martin Renvoize [Mon, 22 Jan 2024 11:52:58 +0000 (11:52 +0000)]

Bug 34478: Manual fix - label-edit-template (cud-save)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Martin Renvoize [Mon, 22 Jan 2024 11:13:41 +0000 (11:13 +0000)]

Bug 34478: Manual fix - label-edit-layout (cud-save)

Also updated 'cud-edit' in the controller back to 'edit' as it's a 'get'
request to display the form.. i.e. read not create, write or update.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 19 Jan 2024 17:05:26 +0000 (17:05 +0000)]

Bug 34478: Manual fix - subscription-nuberpatterns (cud-del)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 19 Jan 2024 17:03:47 +0000 (17:03 +0000)]

Bug 34478: Manual fix - subscription-frequencies (cud-del)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 19 Jan 2024 17:00:44 +0000 (17:00 +0000)]

Bug 34478: Manual fix - parcels.pl (cud-confirm cud-new)

Bug 34478: [TO SQUASH] Manual fix - parcels.pl (cud-confirm cud-new)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 19 Jan 2024 16:50:47 +0000 (16:50 +0000)]

Bug 34478: Manual fix - edi_ean (cud-ediorder)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Nick Clemens [Fri, 19 Jan 2024 16:39:37 +0000 (16:39 +0000)]

Bug 34478: Manual fix - basketgroups

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Kyle M Hall [Fri, 19 Jan 2024 16:22:53 +0000 (16:22 +0000)]

Bug 34478: Manual fix - account refund - Add op param to forms

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Kyle M Hall [Fri, 19 Jan 2024 15:25:35 +0000 (10:25 -0500)]

Bug 34478: Manual fix - delete baskets - Add csrf include

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Kyle M Hall [Fri, 19 Jan 2024 14:19:58 +0000 (09:19 -0500)]

Bug 34478: Manual fix - delete baskets

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Kyle M Hall [Fri, 19 Jan 2024 14:16:46 +0000 (09:16 -0500)]

Bug 34478: Manual fix - account line discount

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Kyle M Hall [Fri, 19 Jan 2024 14:15:19 +0000 (09:15 -0500)]

Bug 34478: Manual fix - account refund

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Kyle M Hall [Fri, 19 Jan 2024 14:11:40 +0000 (09:11 -0500)]

Bug 34478: Manual fix - account payout

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 13 Dec 2023 08:27:45 +0000 (09:27 +0100)]

Bug 34478: Display programming errors in case plack.psgi caught something suspicious

It will help developpers to debug the problematic places.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 13 Dec 2023 07:31:04 +0000 (08:31 +0100)]

Bug 34478: Manual fix - duplicate_orders (cud-select)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 13 Dec 2023 07:23:54 +0000 (08:23 +0100)]

Bug 34478: Manual fix - preferences

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 16:03:58 +0000 (17:03 +0100)]

Bug 34478: Manual fix - memberentry (modify)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 15:43:21 +0000 (16:43 +0100)]

Bug 34478: Manual fix - batchMod

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 15:43:08 +0000 (16:43 +0100)]

Bug 34478: op =~ ^cud- in pl/pm

This is the result of
bash op_must_start_with_cud-perl.sh

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 15:26:51 +0000 (16:26 +0100)]

Bug 34478: Manual fix - additem

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 13:54:34 +0000 (14:54 +0100)]

Bug 34478: Manual fix - opac-suggestions

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 13:39:15 +0000 (14:39 +0100)]

Bug 34478: Replace POST with GET when needed - add_form

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 13:32:59 +0000 (14:32 +0100)]

Bug 34478: Adjust selenium tests

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 13:12:20 +0000 (14:12 +0100)]

Bug 34478: Add missing csrf-token.inc for opac

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 12 Dec 2023 10:21:07 +0000 (11:21 +0100)]

Bug 34478: op =~ ^cud- everywhere

This is the result of
perl op_must_start_with_cud.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 22 Sep 2023 08:55:29 +0000 (10:55 +0200)]

Bug 34478: op =~ ^cud-

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Thu, 21 Sep 2023 10:00:17 +0000 (12:00 +0200)]

Bug 34478: op-cud - Trick CGI directly

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Thu, 21 Sep 2023 08:50:07 +0000 (10:50 +0200)]

Bug 34478: op-cud - Rename op with op-cud in templates

This is the result of
perl rename_op_with_op-cud.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Thu, 21 Sep 2023 08:23:41 +0000 (10:23 +0200)]

Bug 34478: op-cud - Adjust C4::Auth code

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Thu, 21 Sep 2023 07:59:09 +0000 (09:59 +0200)]

Bug 34478: Move C4::Auth check

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 4 Aug 2023 09:37:52 +0000 (11:37 +0200)]

Bug 34478: Remove check_csrf from pl files

We should no longer need to check CSRF token from pl files

TODO - there is a change for some files where we returned 403

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 4 Aug 2023 09:32:27 +0000 (11:32 +0200)]

Bug 34478: Check CSRF in get_template_and_user

Not sure this is the right place in get_template_and_user
Will have to test login and 2FA

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 4 Aug 2023 09:13:14 +0000 (11:13 +0200)]

Bug 34478: Add 'op' to opac-passwd

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 4 Aug 2023 09:06:16 +0000 (11:06 +0200)]

Bug 34478: Add 'op' to opac-user.tt

Bug 34478: [TO SQUASH] Add 'op' to opac-user.tt

Bug 34478: [TO SQUASH] Add 'op' to opac-user.tt

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 12 Jan 2024 14:00:48 +0000 (15:00 +0100)]

Bug 34478: Add missing CSRF token to POST forms

This is the result of
% perl csrf_add_missing_csrf.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 4 Aug 2023 09:15:54 +0000 (11:15 +0200)]

Bug 34478: Remove generate_csrf from pl

We do not longer need to generate_csrf from pl files

TODO - members/boraccount.tt and sco/sco-main.tt needs to be adjusted

Bug 34478: [TO SQUASH] Remove generate_csrf from pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 4 Aug 2023 08:57:42 +0000 (10:57 +0200)]

Bug 34478: Replace csrf_token input with include file - manual

A couple of left not caught by the previous regex

Still TODO:
% git grep csrf_token **/*.inc **/*.tt
still shows example that needs to be replaced, later (because we use GET)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 4 Aug 2023 08:56:50 +0000 (10:56 +0200)]

Bug 34478: Replace csrf_token input with include file

perl -p -i -n -e 's#<input type="hidden" name="csrf_token" value="\[% csrf_token \| html %]" />#[% INCLUDE '\''csrf-token.inc'\'' %]#g' **/*.tt **/*.inc

This should have actually been done at the same time as
"Bug 30524: (QA follow-up) Only generate CSRF token if it will be used"

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Fri, 4 Aug 2023 08:32:17 +0000 (10:32 +0200)]

Bug 34478: Replace get with post when needed

This is what has been marked as done in "csrf_get.txt"

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 27 Feb 2024 07:56:24 +0000 (08:56 +0100)]

Bug 35955: Add tests

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

David Cook [Tue, 27 Feb 2024 06:05:24 +0000 (06:05 +0000)]

Bug 35955: Cache CSRF token in template plugin

This change uses the Koha::Cache::Memory::Lite cache to
cache the CSRF token, so that it is only generated once,
and is re-used by the Koha::Template::Plugin::Koha object
throughout the entire template processing for the HTTP request.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 21 Feb 2024 08:42:16 +0000 (09:42 +0100)]

Bug 36098: Default to 'file' if pref does not exist

During the installer process there is a bunch of warnings
"Use of uninitialized value $storage_method in string eq at"

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

David Cook [Thu, 15 Feb 2024 23:07:02 +0000 (23:07 +0000)]

Bug 36098: (follow-up) extend test to check driver

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

David Cook [Thu, 15 Feb 2024 22:49:19 +0000 (22:49 +0000)]

Bug 36098: Fix storage_method pass

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Thu, 15 Feb 2024 13:05:21 +0000 (14:05 +0100)]

Bug 36098: Allow to pass storage_method

Will need this on follow-up bugs.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Martin Renvoize [Thu, 15 Feb 2024 11:53:02 +0000 (11:53 +0000)]

Bug 36098: (QA follow-up) Add POD to Koha::Session

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

David Cook [Thu, 15 Feb 2024 02:49:18 +0000 (02:49 +0000)]

Bug 36098: Add Koha::Session module to ease session handling

This patch adds a Koha::Session module that makes it easier
to work with Koha sessions without needing the full C4::Auth module.

Test plan:
0. Apply the patch
1. Run the following unit tests:
prove ./t/db_dependent/Auth.t
prove ./t/db_dependent/Auth_with_cas.t
prove ./t/db_dependent/Koha/Session.t
2. Observe that they all pass

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Tue, 30 Jan 2024 08:02:19 +0000 (09:02 +0100)]

Bug 35935: Ensure login branch will be used after incorrect login

If a different branch is selected after an incorrect login, the previous
branch will be used.

To recreate:
* login with foo/bar, select CPL => FAIL
* login with koha/koha, select another branch => OK but CPL is picked!

It was caused by a dup of "branch" in CGI param list (and first was
picked).

This patch patch also removes "koha_login_context" to not have it twice.
You can also open the source of the page to confirm that form#loginform
contains "branch" and "koha_login_context" in hidden inputs.

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested in KTD. Works as advertised.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

commit | commitdiff | tree

Jonathan Druart [Wed, 14 Feb 2024 08:45:45 +0000 (09:45 +0100)]

Bug 36092: Pass sessionID at the end of get_template_and_user

It seems safer to pass the logged in user and session info at the end of
the sub.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

Main Koha release repository

RSS Atom