git.koha-community.org Git - koha.git/commit

author	Janusz Kaczmarek <januszop@gmail.com>
	Wed, 2 Oct 2024 18:04:56 +0000 (18:04 +0000)
committer	Katrin Fischer <katrin.fischer@bsz-bw.de>
	Tue, 22 Oct 2024 10:06:48 +0000 (12:06 +0200)
commit	bc1af60e1ac8c9b7de5aab79239899ad2a437345
tree	0e81b50fcedcc48f111feb053d755ca2542e59c8	tree \| snapshot
parent	145bc398c12f6b02e4de9d9e917f28190a344762	commit \| diff

Bug 38065: Auto control number (001) widget in advanced editor does not work under CSRF protection

Auto control number (001) widget in advanced editor does not work under
CSRF protection.  A token should be passed to POST ...
control_num_sequences call.

Test plan:
==========

1. Verify that the CONTROL_NUM_SEQUENCE category in authorized values is
   present.
3. Add a new authorized value for CONTROL_NUM_SEQUENCE:
     b) authorised value: sprLib0001
     c) in Description - a short string indicating the type of control
     number i.e. "Springfield Library"
4. Create a new bib record using the advanced editor, insert a 001
   field, note that the 001 widget is there.  Click on "Assign next". There
   should be no effect (and you could see [HTTP/1.1 403 Forbidden 706ms] in
   the browser console).
5. Apply the patch ; restart_all ; reload the browser.
6. Repeat p. 4.  You should get the content of the 001 field generated
   by the widget.

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>