]> git.koha-community.org Git - koha.git/log
koha.git
3 months agoBug 35294: Fix typos in catalogue code comments
Brendan Lawlor [Thu, 6 Jun 2024 13:14:43 +0000 (13:14 +0000)]
Bug 35294: Fix typos in catalogue code comments

Test plan:
1. git grep -n -E 'barocode|preproccess' to find the files and line # of typos
2. Apply the patch
3. git grep -E 'barocode|proccess'
4. See no results

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e8ef0f9417588345d6c9f7e2e5986e4e53986f52)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 25520: Fix the SMS number input hint on the OPAC messaging page
David Nind [Tue, 4 Jun 2024 01:57:37 +0000 (01:57 +0000)]
Bug 25520: Fix the SMS number input hint on the OPAC messaging page

This makes the hint when entering an SMS number on the OPAC messaging
settings page the same as the staff interface hint: "Please enter
numbers only. Prefix the number with + or 00 if including the country
code." For some countries using either +XX or 00XX are accepted,
for example: +49 or 0049.

Test plan:
1. Set the SMSSendDriver system preference to Email
2. View the current hint for entering an SMS number in the staff
   interface:
   2.1 Go to Patrons > + New patron > Patron.
   2.2 Scroll down to the 'Patron messaging preferences' section at the
       end of the page.
   2.3 Note that the hint is "Please enter numbers only. Prefix the
       number with + or 00 if including the country code.".
3. View the current hint for entering an SMS number in the OPAC:
   3.1 Go to the OPAC > Your account (log in if required).
   3.2 Select the 'Messaging' tab/section.
   3.3 Note that the hint is "Please enter numbers only. Prefix the
       number with + if including the country code.".
   3.4 The difference: "..or 00.." is missing.
4. Apply the patch.
5. Refresh the OPAC messaging page.
6. The hint text for the OPAC is now the same as the staff interface.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 313cf37a53b8ff97387a4bd630635d4784bb7a36)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36922: Patron attributes - update hint text for "Is a date"
David Nind [Fri, 31 May 2024 21:19:57 +0000 (21:19 +0000)]
Bug 36922: Patron attributes - update hint text for "Is a date"

The date field for patron attributes is now repeatable (enhancement made
in Koha 24.05 with bug 32610). This updates the hint text to reflect
the change.

Test plan:
1. Go to add a patron attribute (Administration > Patrons and
   circulation > Patron attribute types > + New patron attribute type )
2. Note that the hint for the "Is a date" field says "...Date attributes
   cannot be repeatable or linked to an authorised value category.".
3. Apply the patch.
4. Reload the page.
5. Note that the hint now says "...Date attributes are repeatable,
   but cannot be linked to an authorised value category."
6. Sign off D:

PA amended: 'are repeatable' -> 'can be repeatable'

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit a8e1d8dc90df1dcd55949a986c09fb9256d8dad9)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36338: Update onboarding error message when creating the Koha administrator patron
David Nind [Thu, 16 May 2024 03:59:42 +0000 (03:59 +0000)]
Bug 36338: Update onboarding error message when creating the Koha administrator patron

Update the error message for the web installer onboarding
section when creating the Koha administrator patron (where
the card number or username already exists):
- Fix capitalization
- Use the same label in the error message as used in
  the form

Error message before: The patron has not been created!
Card number or Userid may already exist.

Error message after: The patron was not created! The
card number or username already exists.

Test plan:
1. Option 1:
   1.1 Review the diff for the patch and make sure that
       the updated text makes sense.
       . Previous text: The patron has not been created!
         Card number or Userid may already exist.
       . Updated text: The patron was not created! The
         card number or username already exists.
OR
2. Option 2:
   2.1 Access the database server:
       mysql -uroot -ppassword -hkoha-db-1
   2.2 Drop the koha_kohadev database:
       drop database koha_kohadev;
   2.3 Create the database: create database koha_kohadev;
   2.4 Add privileges (for a real installation this would
       be limited):
       grant all on koha_kohadev.* to koha_kohadev;
   2.5 Restart everything (there may be some errors listed):
       flush_memcached and then restart_all
   2.6 Access the web installer: go to 127.0.0.1:8081
   2.7 Use the database user name and password: get from
       /etc/koha/sites/kohadev/koha-conf.xml
       (default: koha_kohadev, password)
   2.8 Continue through the installation process until you
       reach 'Selecting default settings':
      . Make appropriate selections to use all the sample
        data options and settings
   2.9 For the 'Onboarding' step - Create Koha
       administrator patron:
       . Surname: Acevedo
       . First name: Henry
       . Card number: make up a number that doesn't exist in
         the sample date, for example: 741852963
       . Library: Centerville
       . Patron category: Staff
       . Username: 23529000035676 (this is an existing
         value already in the sample data)
       . Password: a valid password, for example:
         KohaCon2024
       . Confirm password: repeat password used
       . Submit
         ==> Error message before patch: The patron has not
             been created! Card number or Userid may
             already exist.
   2.10 Apply the patch.
   2.11 Repeat step 2.9
   2.12 The error message is now: The patron was not created!
        The card number or username already exists.

3. Sign off.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit bd195784a0a2d039e825d4dd86ff8b4734b4dd13)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36930: Item search gives irrelevant results when using 2+ added filter criteria
Janusz Kaczmarek [Wed, 22 May 2024 21:08:35 +0000 (21:08 +0000)]
Bug 36930: Item search gives irrelevant results when using 2+ added filter criteria

In the Item search the librarian is allowed, in the first step, to define
additional filters like Title, Author, Publisher, Publication date etc.
(in the third fieldset).  This works fine but only for one criterion.
If one adds two or more criteria, the filter does not apply at all.

Test plan
=========
1. Make an Item search with the Pulblisher filter. Put
   %University of California% as the value.
   You should get 5 rows (with standard ktd test data set), three
   from 1982, and two from 1988.
2. Edit search -> add the second criterion: AND Publication date is 1982.
   You would expect three rows but you get 900+ rows.
3. Apply the patch; restart_all.
4. Repeat p. 2. You should get the expected three rows.

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit bdc7ac2c93f9af9ac196c77da47758a1078c47d7)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36961: Fix typo in opacreadinghistory system preference description
David Nind [Tue, 28 May 2024 01:34:41 +0000 (01:34 +0000)]
Bug 36961: Fix typo in opacreadinghistory system preference description

Fix a spelling error in the opacreadinghistory system preference
description - 'itms' to 'items'.

Test plan:
1. In the staff interface view the description for the
   opacreadinghistory system preferences (Koha administration >
   System preferences > search for opacreadinghistory).
2. Note that it reads "Allow patrons to see what itms they have
   checked out in the past."
3. Apply the patch.
4. Refresh the page.
5. Note that 'itms' is now spelt correctly as 'items'.
6. Sign off.

Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit cd95ea29c09c31760666469811d07dfc79e0723b)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36940: Resolve two warnings on undefined branchip
Marcel de Rooy [Thu, 23 May 2024 08:47:50 +0000 (08:47 +0000)]
Bug 36940: Resolve two warnings on undefined branchip

If you enabled AutoLocation and have a branch without ip, this
triggers warnings.

Test plan:
Check logs in this situation with/without this patch by logging out
and in again on staff.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 2f1ffbc6ec088c6c18bad967086db1e51084403f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 34573: (follow-up) Add better logic for add/update title and headers
Owen Leonard [Thu, 6 Jun 2024 12:54:18 +0000 (12:54 +0000)]
Bug 34573: (follow-up) Add better logic for add/update title and headers

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 865ca8b1fca9f4c8b929050e5472dde1a55d72ff)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 34573: (follow-up) Additional updates for modify vendor page
David Nind [Tue, 21 Nov 2023 23:11:02 +0000 (23:11 +0000)]
Bug 34573: (follow-up) Additional updates for modify vendor page

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 58c1f64f773880838894db6c6a67da20e1c8e8b2)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 34573: Fix inconsistencies in acquisitions modify vendor title tag
Owen Leonard [Tue, 21 Nov 2023 13:48:42 +0000 (13:48 +0000)]
Bug 34573: Fix inconsistencies in acquisitions modify vendor title tag

This patch updates the vendor details template so that the title tag
correctly reflects whether the user is viewing the vendor or modifying
it.

To test, apply the patch and go to Acquisitions.

- Locate a vendor and view the details (supplier.pl?booksellerid=X)
  - The title should read "Vendor X > Acquisitions > Koha"
- Edit the vendor.
  - The title should read "Modify vendor X > Acquisitions > Koha"

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3baaf5a3241bc78fb46c8b4844dcd21dd6516eef)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 34077: Allow to use --category-code as the only filter option
Julian Maurice [Fri, 16 Feb 2024 08:31:27 +0000 (09:31 +0100)]
Bug 34077: Allow to use --category-code as the only filter option

--category-code was not checked in the "at least one filter option"
check but it is clearly a filter option.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit d5cb77532ebbe01632f7f27046a2e86a03eac36b)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 34077: Improve documentation and error messages of writeoff_debts.pl
Julian Maurice [Fri, 16 Feb 2024 08:23:13 +0000 (09:23 +0100)]
Bug 34077: Improve documentation and error messages of writeoff_debts.pl

* Change the SYNOPSIS to better describe the different ways to use the
  script
* Only show the SYNOPSIS when options used are wrong (unknown option,
  no filter options, or neither -c nor -v)
* Show the options details only with --help
* Clarify the fact that -v is required when -c is not supplied in the
  description of both options
* Print a specific error message for the following cases:
  * no filters options
  * neither -c nor -v was supplied

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 215b29a737eff191477306581b8b3a1579adc9e3)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36937: Remove warning from unit tests
Matt Blenkinsop [Thu, 23 May 2024 09:23:10 +0000 (09:23 +0000)]
Bug 36937: Remove warning from unit tests

This patch fixes a warning in the unit tests

Test plan:
1) prove t/db_dependent/api/v1/password_validation.t
2) There will be a warning in the output - 'Use of uninitialized value $status in numeric eq (==)'
3) Apply patch
4) Re-run the test
5) The warning will disappear

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5e7572ad7a86cb39d901088367f76b212d64989e)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 30715: Terminology for the log viewer - use 'Staff interface' instead of 'Intranet'
David Nind [Mon, 3 Jun 2024 02:01:30 +0000 (02:01 +0000)]
Bug 30715: Terminology for the log viewer - use 'Staff interface' instead of 'Intranet'

The log viewer (Tools > Additional tools > Log viewer) uses
'Intranet' as:
- an option for filtering what log entries to display.
- a value in the log entries interface column, for log entries.

Koha's terminology guideline is to use 'Staff interface' instead of
'Interface' (https://wiki.koha-community.org/wiki/Terminology#I).

Test plan:
1. Perform some actions that will create log entries when using the
   staff interface. For example:
   1.1 Enable the UseRecalls system preference.
   1.2 Edit the title for a record.
   1.3 Add an item for a record.
2. Use the log viewer to view the logged changes:
   2.1 Go to Tools > Additional tools > Log viewer.
   2.2 Select Submit.
   2.3 Log entries are displayed for the changes made.
3. Note that:
   3.1 For the log viewer 'Interface' filter options, "All" is
       selected by default, and other options are Intranet, OPAC,
       SIP, Command-line, REST API, and Cron job.
   3.2 For the changes viewed in step 2, the value displayed in
       the 'Interface' column is 'Intranet'.
4. Apply the patch.
5. Refresh the page.
6. Note that:
   5.1 For the interface filter options, 'Intranet' is now changed
       to 'Staff interface'.
   5.2 In the list of log entries, the value in the interface column
       is now 'Staff interface'.
7. Sign off D:

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 540ec4f6dc1816f835ca0e3cdb3cbc169d370f5c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36999: Fix 00-strict.t fails to find koha_perl_deps.pl
Fridolin Somers [Fri, 31 May 2024 07:45:27 +0000 (09:45 +0200)]
Bug 36999: Fix 00-strict.t fails to find koha_perl_deps.pl

Since Bug 36323 moved koha_perl_deps.pl it is not needed anymore in 00-strict.t
It fails with :
koha_1       | Can't stat koha_perl_deps.pl: No such file or directory
koha_1       |  at /usr/share/perl5/Test/Strict.pm line 151.

Patch remove koha_perl_deps.pl from @dirs.
It contains misc.

Test plan :
prove t/db_dependent/00-strict.t

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 325a96a4069759b1f66bd4eaaadcc098abfdd968)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37031: Club enrollment from staff interface fails due to Entrollment typo
Phil Ringnalda [Sat, 6 Jul 2024 22:34:06 +0000 (15:34 -0700)]
Bug 37031: Club enrollment from staff interface fails due to Entrollment typo

There is a typo in svc/club/enroll - it tries to call
Koha::Club::Entrollments->search when it should be
Koha::Club::Enrollments. This causes and error when
enrolling patrons in clubs.

Test plan:
1. Without the patch, Tools - Patron clubs - New club template - name it
   and save
2. New club - (your template) - name it and save
3. Circulation - check out to a patron - Clubs tab - Enroll - Finish
   enrollment, get alert() about failure to enroll
4. Apply patch, restart_all
5. Enroll - Finish enrollment, success

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f02d90938dbe0ff8efd43cad23abb066d5642d51)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37316: Adjust tests
Lucas Gass [Thu, 11 Jul 2024 17:37:58 +0000 (17:37 +0000)]
Bug 37316: Adjust tests

Signed-off-by: Eric Garcia <cubingguy714@gmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e071ba329deae6a801b6f920a1540570724be509)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37316: Treat empty string barcodes as undef
Lucas Gass [Thu, 11 Jul 2024 17:17:29 +0000 (17:17 +0000)]
Bug 37316: Treat empty string barcodes as undef

To test:
1.Add the following to MarcItemFieldsToOrder:

homebranch: 949$a
holdingbranch: 949$b
itype: 949$y
nonpublic_note: 949$x
public_note: 949$z
loc: 949$c
ccode: 949$8
notforloan: 949$7
uri: 949$u
copyno: 949$t
price: 949$g|949$j
replacementprice: 949$v
itemcallnumber: 949$o
quantity: 949$k
budget_code: 949$l
coded_location_qualifier: 949$f
enumchron: 949$h

2. Add the following to MarcFieldsToOrder:

price: 949$g
quantity: 949$k
budget_code: 949$l
discount: 949$m
sort1: 949$n
sort2: 949$q

3. Acquisitions > Find a vendor
4. Create a new basket -> Add to basket -> From new file
5. Use the file uplodaded in this bug report.
6. Set format to MARCXML and stage for import.
7. Add staged files to basket
8. Select all, make sure you add an item type, and choose 'Do not look for matching records'
9. Save and kaboom.
10. APPLY PATCH and restart_all
11. Follow the steps again, this time no kaboom.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit b68373ae429408fb5291c6dbe5e7bebe27e40e5f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37316: Add tests
Lucas Gass [Thu, 11 Jul 2024 17:16:32 +0000 (17:16 +0000)]
Bug 37316: Add tests

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 7b4bdf286cea61501bd3bd1936a42960444186ee)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37059: Fix insert button in notices and slips
Brendan Lawlor [Mon, 24 Jun 2024 14:54:05 +0000 (14:54 +0000)]
Bug 37059: Fix insert button in notices and slips

This patch fixes the insert button in notices and slips. The container id needed to be appened with '_panel'

To Test:
1. Edit any notice or slip and try to use the insert button
2. Nothing happens
3. Apply patch and refresh the browser
4. Edit any notice or slip and use the insert button
5. Confirm the parameters are inserted into the tempalte as expected.

Signed-off-by: Eric Garcia <cubingguy714@gmail.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5c5a7d42e6b0731d77dc215ae54b67ae3ec46768)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 35942: OPAC user can enroll several times to the same club
Kyle M Hall [Tue, 30 Jan 2024 15:58:02 +0000 (10:58 -0500)]
Bug 35942: OPAC user can enroll several times to the same club

Test Plan:

1) Create 3 clubs, 1 limited to library A, 1 limited to library B and one not limited
2) Use a patron with home library A.
3) Go to the opac-user page, "Clubs" tab show 0/2 (the one from library B is not listed)
4) Browse to /cgi-bin/koha/svc/club/enroll?id=1
5) Reload that page a couple times
6) Note the patron is now enrolled in the same club multiple times
7) Delete those enrollments
8) Apply this patch
9) Restart all the things!
10) Repeat steps 2-7, note the lack of duplicate enrollments!
11) Repeat steps 2-10 for the staff interface

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit c735c027fabbd91fad2a3208fb0a80c8e2f1eaf3)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37014: Fix after-modal-POST to transmit "not_returned" message
Andrii Nugged [Mon, 3 Jun 2024 00:50:24 +0000 (03:50 +0300)]
Bug 37014: Fix after-modal-POST to transmit "not_returned" message

The bug report addresses an issue where the message "Item was not checked in" erroneously appears during the second POST after a manual or modal check-in process.

1. In circ/returns.pl:
   - Introduced a new hash `%rinot_returned` to track items not returned across pages.
   - Updated the logic to capture the "not returned" status from the query parameters.
   - Adjusted the input processing loop to include `not_returned` status.
   - Modified the section handling barcode check-ins to appropriately initialize and update the `not_returned` status.

2. returns.tt:
   - Added hidden input fields in the template to include `not_returned` status in the form submissions.

The changes ensure that the "not_returned" status is correctly tracked and displayed, preventing the erroneous message from appearing on subsequent POST requests.

1. Perform a manual check-in of an item, but make some warning modal appear: for ex., transfer: check-in the item in not home library.
2. Press OK on the modal. There will be a POST transition again to redraw the checked-in items list.
3. Verify that the "Item was not checked in" message appears erroneously near the item's row.
4. Apply the patch.
5. Repeat steps 1-3 and check that there will be no erroneous "Item was not checked in" message.

Signed-off-by: Tadeusz „tadzik” Sośnierz <tadeusz@sosnierz.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f567d41b91092711278a1e00accb1ebdee59f4c2)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37005: Fix problem with item_type_description being undefined
Lucas Gass [Fri, 31 May 2024 21:30:43 +0000 (21:30 +0000)]
Bug 37005: Fix problem with item_type_description being undefined

To test:
1. Set noItemTypeImages to 'Don't show'
2. Find a record with items and notice the holdings table never loads.
3. APPLY patch, maybe clear borwser cache too.
4. Try again, the holdings table should load.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 37b66a2d7c4803de8ffee491973baab8b4a3071d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37187: Fix deletion of label batches and label templates
Owen Leonard [Wed, 26 Jun 2024 14:56:58 +0000 (14:56 +0000)]
Bug 37187: Fix deletion of label batches and label templates

This patch uses the new form-submit JS to convert the label management
deletion link from a GET operation to POST.

To test, apply the patch and go to Cataloging -> Label creator.

- Click Manage -> Label batches. Create a batch if necessary.
- Click the "Delete" button in the "Actions" column. You should get a
  confirmation message, "Are you sure you want to delete this?"
  - Test both the confirming and cancelling.
- Perform the same test with Manage -> Label templates.
- From the Manage -> Label batches page, click "edit" on one of the
  batches.
- Right above the "Items in batch number X" is a toolbar which should
  have a button, "Delete batch." Test that it works correctly to delete
  the batch.

Sponsored-by: Athens County Public Libraries
Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5f156ad3dff5db21a3d87eecf3207661ce6961f4)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36956: Allow all providers to be displayed in reports
Matt Blenkinsop [Tue, 28 May 2024 10:39:33 +0000 (10:39 +0000)]
Bug 36956: Allow all providers to be displayed in reports

This patch fixes an incorrect usage of the API which was only returning 20 results.

Test plan:
1) Go to ERM module and make sure you have more than 20 data providers stored in your database.
1) (Optional) Run the following command (k-t-d) to create 21 data providers:
  perl -MKoha::Database -e '
      my $schema = Koha::Database->schema;

      $schema->resultset("ErmUsageDataProvider")->create({
          name => "name ".$_
      }) for (1..21)
  '
2) Go to eUsage / reports and create new report (cgi-bin/koha/erm/eusage/reports)
3) Check that only the first 20 data providers are displayed in the drop down
4) Apply patch
5) yarn build or reset_all to rebuild the javascript
6) Repeat steps 1-3, all providers should now be displayed

PA amended patch: Updated commit message test plan

Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 6afe1e14dc0e42b34ed57e9c29637ef8edbe24ab)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37078: Damaged status not showing in detail.pl
Phil Ringnalda [Sat, 22 Jun 2024 18:58:41 +0000 (11:58 -0700)]
Bug 37078: Damaged status not showing in detail.pl

The API returns the fact that an item is damaged in 'damaged_status' but the
code that builds the holdings table is looking for 'damaged' so it doesn't
find that an item is damaged.

Test plan:
1. Administration - Authorized values - DAMAGED row, click Add
2. Give it the Authorized value 2 and the Description Awful
3. On a record with more than one item, like Empress of the blues,
   edit one item to have Damaged status: Damaged and one to have
   Damaged status: Awful
4. On the bib detail view, note that the status column shows both
   as 'Available'
5. Apply patch, refresh
6. Note that now one shows as Damaged and one as Awful (verifying that
   the value is being read from the AV, not the fallback default which
   is also 'Damaged')

Signed-off-by: Brendan Lawlor <blawlor@clamsnet.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 65e0ffa882ee1c1079723b21bf84c43c303a08e2)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36459: Do not duplicate duedatespec IDs
Lucas Gass [Wed, 12 Jun 2024 19:40:03 +0000 (19:40 +0000)]
Bug 36459: Do not duplicate duedatespec IDs

To test;
1. Go to circ/circulation.pl and check an item out to a patron.
2. Backdate it to sometime in the past using the "Specify due date
   (MM/DD/YYYY) : " input
3. A modal appears to "Please confirm checkout". The date is no longer
   populated in that field.
4. You must add the date again here.
5. APPLY PATCH
6. Try again and this time the confimration date should be set
   correctly.
7. Follow the test plan from Bug 18885 to make sure on site checkouts
   still work correctly.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e33714cd0dae87391f73e1f5db3ed3e2b2b9cda7)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36424: Remove trailing comma in DBRev 23.06.00.061
Pedro Amorim [Wed, 3 Jul 2024 12:35:34 +0000 (12:35 +0000)]
Bug 36424: Remove trailing comma in DBRev 23.06.00.061

This fixes a syntax erorr in the database update for
the bookings tables.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f7e1559a7944abee1c1619cc1f1bbbd646622a60)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37071: Updated the purchase suggestions link
Laurae [Tue, 11 Jun 2024 14:04:38 +0000 (14:04 +0000)]
Bug 37071: Updated the purchase suggestions link

To test:
1. Go to a patron account and click on “New purchase suggestion” under the “Purchase Suggestions” tab.
    1. Clicking on the button will take you to the suggestions management page.
2. Apply the patch.
3. Go back to the patron account and click on the “New purchase suggestion” link again. This time it will take you to the purchase suggestion form. You are now able to successfully submit a purchase suggestion.
4. Sign off and have an amazing day. :D

Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
(cherry picked from commit a7484ed7598a6c1263dc5b205e3570f943bbcd60)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37037: (RM follow-up) Add hint at end of script run
Martin Renvoize [Thu, 13 Jun 2024 12:38:57 +0000 (13:38 +0100)]
Bug 37037: (RM follow-up) Add hint at end of script run

This patch adds a hint to the end of the script to notify the end user
that they may need to run the build_holds_queue cronjob if they are
using RealTimeHoldsQueue.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8dd9c94c5772c7481632f20af0025a4bf1e2662b)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37037: touch_all_biblios.pl triggers rebuilding holds for all affected records...
Kyle M Hall [Wed, 5 Jun 2024 15:04:31 +0000 (11:04 -0400)]
Bug 37037: touch_all_biblios.pl triggers rebuilding holds for all affected records when RealTimeHoldsQueue is enabled

If RealTimeHoldsQueue is on, touch_all_biblios triggers a update_holds_queue_for_biblios background job for each affected record. This will result in a as many background jobs being queued up as records! It makes far more sense for this script to not do that which gives the administrator the option for running the holds queue builder if the changes would affect holdability, or to not run it at all.

Test Plan:
1) Run touch_all_biblios.pl
3) Note a update_holds_queue_for_biblios background job is queued for each record touched
4) Apply this patch
5) Merge touch_all_biblios.pl again
6) Note that no update_holds_queue_for_biblios jobs were queued

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 45bfbd0e2d7622eeac913682e95163a3f4489641)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 35869: Removes the dismiss button from messages on OPAC SCO module
Sam Lau [Wed, 5 Jun 2024 17:57:10 +0000 (17:57 +0000)]
Bug 35869: Removes the dismiss button from messages on OPAC SCO module

This removes the "Dismiss" button from the SCO module. Currently, the
"Dismiss" button is present, however it does not function properly and
logs the user out if they press it. As noted on previous chats, keeping
the button would require serious changes, thus it's easier just to remove
the functionallity.

To test:
1) Enable  WebBasedSelfCheck
2) Add an OPAC mesaage to a patron account
3) Login to self check ( http://localhost:8080/cgi-bin/koha/sco/sco-main.pl )
4) See the OPAC message, click dismiss.
5) Notice you are logged out at redirected to:
   ( http://localhost:8080/cgi-bin/koha/opac-dismiss-message.pl )
6) Apply patch
7) Log back into the self checkout module
8) Notice that there is no longer a "Dismiss" button for the message.
9) Log into OPAC into the same user's account
10) On the summary page, note that there is still a dismiss button.
11) Ensure this still works properly
12) sign-off

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 2313bc310373778338bcbf7ab38a415f10bfbda1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37021: Change item_id type as integer in holds endpoint
Emmi Takkinen [Tue, 4 Jun 2024 10:00:05 +0000 (13:00 +0300)]
Bug 37021: Change item_id type as integer in holds endpoint

When one makes a GET call to holds endpoint and hold has
item attached to it, item_id is handled as string not integer
as it should.

To reproduce:
1. Make sure you have hold waiting in your database.
2. Call endpoint api/v1/holds/?q=[{"me.status":"W"}].
=> Note that holds item_id is displayed as item_id: "12345".
3. Apply this patch.
4. Call endpoint again.
=> item_id should now be displayed as 12345.

Also prove t/db_dependent/api/v1/holds.t.

Signed-off-by: Jan Kissig <jkissig@th-wildau.de>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 20e0c056c6faed4252e1718f97f36d15027e93fc)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36166: Disable select to add to list if opacuserlogin is disabled
Matthias Le Gac [Tue, 5 Mar 2024 20:37:11 +0000 (15:37 -0500)]
Bug 36166: Disable select to add to list if opacuserlogin is disabled

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8d3c3b35e0e8f77a8f095f5aedda88d19e0ac7ed)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36207: (RM follow-up) CSRF correction
Martin Renvoize [Tue, 11 Jun 2024 15:13:36 +0000 (16:13 +0100)]
Bug 36207: (RM follow-up) CSRF correction

I think there was a rebase issue here where we split the form into two
forms instead of one.  This patch returns us to one form with two
different submit options (one for selected tags and one per tag) that
both trigger the confirmation modal before submitting to the controller.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0ac23a624735c222bf9358d37961e6c49c21c579)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36207: Use confirmation modal when removing tags from titles in the OPAC
Owen Leonard [Thu, 29 Feb 2024 18:37:54 +0000 (18:37 +0000)]
Bug 36207: Use confirmation modal when removing tags from titles in the OPAC

This patch changes the process of removing a tag from a title on the
user's tag list. It now uses a confirmation modal dialog instead of a
JavaScript alert.

The patch also makes some minor tweaks to CSS to correct style on
"remove" links.

To test, apply the patch and rebuild the OPAC CSS.

 - Log in to the OPAC as a user who has submitted multiple tags or tags
   on multiple items.
  - Open the "Tags" link in the sidebar of the user summary page.
  - Click the "Remove tag" link next to one of the titles in the table
    of the user's tags.
  - You should see a modal confirmation message, "Are you sure you want
    to remove the selected tag from this title?" It should show the
    title and the tag which will be removed.
  - Test both the "Yes, remove tag" and "No, do not remove tag" choices.

  - Check the box next to one of the tagged titles and click the
    "Remove selected tags" button at the bottom of the table.
  - You should see a modal confirmation message, "Are you sure you want
    to remove this item from the list?" It should show the title and
    the tag which will be removed.
  - Test boh the "Yes" and "No" choices.

  - Check the box next to multiple tagged titles and click the
    "Remove selected tags" button at the bottom of the table.
  - You should see a modal confirmation message, "Are you sure you want
    to remove the selected tags from these titles" It should show the
    titles of all the records you selected and the corresponding tags to be
    removed.
  - Test both the "Yes" and "No" choices.

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e834a575ae6ac2aacfd135c25c24438d0aa021e1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 34718: Input field in fund list (Select2) on receive is inactive
Lari Strand [Mon, 3 Jun 2024 11:34:10 +0000 (14:34 +0300)]
Bug 34718: Input field in fund list (Select2) on receive is inactive

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit cbae44105555c3f54e0b83b1795a76ec33256ba6)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36983: Fix incorrect required class
Matt Blenkinsop [Wed, 29 May 2024 11:06:31 +0000 (11:06 +0000)]
Bug 36983: Fix incorrect required class

This patch fixes an error on the B_address2 field which sets it to be
required incorrectly

Test plan:
1) In PatronSelfRegistrationBorrowerMandatoryField, set B_address to be
   required.
2) In the OPAC, navigate to the self registration form.
3) In the Alternate address section, fill in the Address field that you
   have just set to be required. Ensure that you leave the Address 2
   field blank.
4) Fill in all other required fields and submit the form, it should show
   you that the Address 2 field is required, even though it shouldn't be
5) Apply patch
6) Refresh the page and repeat steps 1-5, it should allow youto submit
   the form

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 009d83648c277bd8b351606c52f50fb3563bd7bb)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36894: Display journal article ILL request author
Matt Blenkinsop [Fri, 17 May 2024 10:25:52 +0000 (10:25 +0000)]
Bug 36894: Display journal article ILL request author

This patch fixes the ILL request table to display authors for journal article request types

Test plan:
1) Create an ILL request with the type of Journal Article and add an author in the Article author field
2) Click on the List requests button to see the table
3) The Author field should be blank for the request you created
4) Apply patch
5) Hard refresh the browser to reload the javascript
6) The author field should now be visible

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 11eb0d1da7c538486812ab14449f1ab8b1004d09)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36948: (follow-up) Add chomp to sip log4perl config
Marcel de Rooy [Fri, 24 May 2024 08:35:25 +0000 (08:35 +0000)]
Bug 36948: (follow-up) Add chomp to sip log4perl config

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8e0d18e35ace07ce53b1015774b740ebc27320db)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36948: (follow-up) Allow IPv[46] in port config
Marcel de Rooy [Fri, 24 May 2024 07:55:27 +0000 (07:55 +0000)]
Bug 36948: (follow-up) Allow IPv[46] in port config

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit fcd7e884bc6a16bc0552c1f40b9ecfc7e8b255aa)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36948: (follow-up) Remove log_file param, adjust caller_depth
Marcel de Rooy [Fri, 24 May 2024 07:55:27 +0000 (07:55 +0000)]
Bug 36948: (follow-up) Remove log_file param, adjust caller_depth

We keep OPEN when people still use log_file or setsid.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit c0d76f707b85821144c7e64b78d5a0c42c14dafd)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36948: Resolve SIP issues in D12
Nick Clemens [Thu, 23 May 2024 13:56:51 +0000 (13:56 +0000)]
Bug 36948: Resolve SIP issues in D12

My Koha testing docker SIP started dying repeatedly after launch. After investigation, I
found it was a problem with logging and default ports.

In D12 there is no syslog anymore, everythign uses journal. Four our purposes, lets log SIP issues
to sip.log by default

Attaching a patch to clear things up.

To test:
1 - Open KTD/D12
2 - tail -f /var/log/koha/kohadev/*.log
3 - On another terminal 'restart_all'
4 - Wait a bit, notice SIP dying
5 - Apply patch
6 - Update SIPconfig:
    server-params:
    log_file='/var/log/koha/kohadev/sip.log'
    service with port 8023:
    port="127.0.0.1:8023/tcp"
7 - Restart all
8 - Confirm SIP no longer dies

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5dc1ec387ddf0fb258a184daddca39d6854272e2)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 37000: (follow-up) Add foreign key last
Emily Lamancusa [Fri, 7 Jun 2024 20:24:26 +0000 (16:24 -0400)]
Bug 37000: (follow-up) Add foreign key last

Certain configurations of MySQL will not allow a column to be changed
from nullable to non-nullable if the column has a foreign key constraint.
Add the foreign key constraint last to avoid issues from this.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8e788af50b80283dc381777891f7db0a783b0ea3)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 37000: (Bug 36120 follow-up) Improve reliability of database update
Martin Renvoize [Tue, 4 Jun 2024 10:58:54 +0000 (11:58 +0100)]
Bug 37000: (Bug 36120 follow-up) Improve reliability of database update

This patch adds a series of fallthroughs to ensure pickup_library_id is
always set prior to adding the NOT NULL constraint.

We initially only looked at items.homebranch but as that's a nullable
field itself, we now look at items.holdingbranch before finally
defaulting to the first available branch in the branches table in the
worst case.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8cedcfd5c86f97e75586870c5e758872f8bc9ba9)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 37026: Fix JS error on sco-main.tt
Lucas Gass [Tue, 4 Jun 2024 14:29:40 +0000 (14:29 +0000)]
Bug 37026: Fix JS error on sco-main.tt

To test:
1. Have a patron with some checkouts, holds, and charges that can login into the SCO module.
2. To go  sco-main.pl and login
3. Try changing tabs and notice the console error:

 dataTables is not defined

 4. APPLY PATCH
 5. Try again, there should be no error.
 6. Make sure you can switch the tabs without any issues.

Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit b9ca6b4a36c4e211a8ded1cc2be29ce8defbd7e9)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36672: Circulation rules are performing too many lookups
Kyle M Hall [Fri, 26 Apr 2024 17:41:06 +0000 (17:41 +0000)]
Bug 36672: Circulation rules are performing too many lookups

Looking at the template, for every section after the main rules block we loop over categories or itemtypes, and lookup the value for each rule name.

In systems with large numbers of categories and item types this becomes very slow.

In the rules section, we have already built a hash of rules by category and itemtype - we should continue to use this throughout the page.

Test Plan:
1) Apply this patch
2) For each rule section, create and delete a rule
3) No change in behavior should be noted!

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit aa2befcec89b867c536d2f38203dc817adcf2b5c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36679: Prevent SCO login for the AnonymousPatron
Lucas Gass [Wed, 24 Apr 2024 20:00:53 +0000 (20:00 +0000)]
Bug 36679: Prevent SCO login for the AnonymousPatron

1. Make sure AutoSelfCheckAllowed is Allowed and AutoSelfCheckID and AutoSelfCheckPass are in use.
2. Make sure AnonymousPatron is pointed to an account.
3. Set SelfCheckoutByLogin to cardnumber.
4. Verify that if you go to the anonymous patron account in the staff interface, you cannot checkout items.
5. Go to the selfcheck path of the library.  It should auto login.  Put in the cardnumber for the anonymous user.
6. Proceed to check out items!
7. APPLY PATCH, restart_all
8. Try step 5 again, you should not be able to log in as the AnonymousPatron. Instead you should be redirected to OPAC home page
9. Switch SelfCheckoutByLogin to 'username and pasword'.
10. Again try to log in as the AnonymousPatron, you should not be able to.
11. Make sure you can login as a regular patron when SelfCheckoutByLogin is set to 'cardnumber' and when it is set to 'username and pasword'.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 76075976ea655f6a9811cbc129fe7799d04b505b)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36938: Adjusts tests to remove warns
Nick Clemens [Thu, 30 May 2024 15:19:55 +0000 (15:19 +0000)]
Bug 36938: Adjusts tests to remove warns

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 9f8b963616370139f53511f8229bb17cf4b9b0ea)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 29539: UNIMARC: authority number in $9 displays for thesaurus controlled fields...
George Veranis [Thu, 14 Sep 2023 06:24:07 +0000 (08:24 +0200)]
Bug 29539: UNIMARC: authority number in $9 displays for thesaurus controlled fields instead of content of $a

When you try to dislpay a bibliographic record on unimarc that has subjects
linked with authorities then only the $9 is displayed as link instead of the
content of $a and it's subdivisions, if any.

To test:
1) You will need to have a bibliographic record with at least one subject
autority connected in unimarc framework.
2) View that record on OPAC on detail display. The subject will display as
a number ( $9 )  and you cannot see the text/term of the subject ( $a )
3) Apply patch
4) Repeat step 2
5) The subject display in a normal way based on content $a - or more subfields

Sponsored-by: National Library of Greece
Signed-off-by: David Nind <david@davidnind.com>
Bug 29539: (follow-up) remove tag_onesubject template

Also:
Restores the <span class="value">
Replaces "not(position()=last())" with the more used "position() != last()"
Removes unecessary change in <xsl:param name="spanclass" />

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit a7fbe80af10cee2cbe892c095be0f5689edbf1a6)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 37039: Update discharge request with CSRF token
Owen Leonard [Wed, 5 Jun 2024 18:06:04 +0000 (18:06 +0000)]
Bug 37039: Update discharge request with CSRF token

The OPAC discharge page used a link with a GET parameter, but the script
expects a POST request. This patch converts the link to a form with CSRF
token included.

To test, apply the patch and enable the useDischarge system preference
if necessary.

- Log in to the OPAC as a user with no checkouts or outstanding fees.
- Click the "Ask for discharge" tab in the sidebar of the user summary
  page.
- Click the "Ask for a discharge" button.
- You should be redirected to a page that says "Your discharge request
  has been sent."

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 67cedc9955f50c4d51b2e9a1f68ab0cac8e9a44f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 34838: (QA follow-up): TypeDisclaimer tests - Add 'type' to request metadata
Pedro Amorim [Mon, 27 May 2024 14:43:41 +0000 (14:43 +0000)]
Bug 34838: (QA follow-up): TypeDisclaimer tests - Add 'type' to request metadata

This adds a type to the request (mocking it as a new ILL request of type journal being submitted)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7f8e71e82bf8f46c973302d904de5c41d2e15c87)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 34838: Use ->set to avoid method redefinition warnings
Tomas Cohen Arazi [Thu, 16 May 2024 20:13:05 +0000 (17:13 -0300)]
Bug 34838: Use ->set to avoid method redefinition warnings

This patch silences more warnings. To test

1. Be on 23.11.x
2. Apply the patches before this one
3. Run:
   $ ktd --shell
  k$ prove t/db_dependent/Illrequests.t
=> FAIL: Lots of warnings like this:
Subroutine Koha::Illrequest::SUPER::status redefined at /kohadevbox/koha/Koha/Object.pm line 955.
Subroutine Koha::Illrequest::SUPER::status_alias redefined at /kohadevbox/koha/Koha/Object.pm line 955.
illrequestattributes is DEPRECATED in favor of extended_attributes at t/db_dependent/Illrequests.t line 1071.
4. Apply this patch
5. Repeat 3
=> SUCCESS: No more warnings!
6. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit ff42535f96f99d6fbcc27280401cd07bc65e54d2)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 34838: Tidy
Pedro Amorim [Tue, 26 Sep 2023 09:42:27 +0000 (09:42 +0000)]
Bug 34838: Tidy

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit fff166679b43db5baab8ee9112f77164f4d42c87)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 34838: Only check for status in status graph if request has a status
Pedro Amorim [Tue, 26 Sep 2023 09:35:01 +0000 (09:35 +0000)]
Bug 34838: Only check for status in status graph if request has a status

This check is required because when the existing_statuses method checks for the existing status_alias, it'll leave out the status from the query, so the status will be NULL for those particular query results when calling strings_map, throwing a warning

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3caabe886ec0c1d6967c42480efeb244e995cd7e)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 34838: Only call strings_map if status_alias is not undef in status_alias cycle
Pedro Amorim [Tue, 26 Sep 2023 09:33:08 +0000 (09:33 +0000)]
Bug 34838: Only call strings_map if status_alias is not undef in status_alias cycle

Because its highly likely that at least one request will have status_alias null in the database, the select MAX query will always return at least one result with NULL status_alias, throwing a warning, so we skip that

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 4231def42e1b1256428407f7c4b53da896ba29d4)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 34838: Replace SUPER::AUTOLOAD with get_column
Pedro Amorim [Mon, 25 Sep 2023 15:07:37 +0000 (15:07 +0000)]
Bug 34838: Replace SUPER::AUTOLOAD with get_column

I'm not 100% happy with this but I'm out of ideas.

I think the problem warning happens because there is no method status or status_alias directly defined in Object.pm so it tries to define it, but it has already been defined by AUTOLOAD previously.

Test plan:
  prove t/db_dependent/Koha/Illbackend.t

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit a9f6f47afb1ef16734d89ec0f4c3c3de497e0860)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 37040: (RMaint follow-up) Restore passing CSRF error
Martin Renvoize [Tue, 11 Jun 2024 10:30:22 +0000 (11:30 +0100)]
Bug 37040: (RMaint follow-up) Restore passing CSRF error

This patch restores the plack.middleware.Koha.CSRF plack env setting to
allow passing to the errorDocument.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8cd6b4350441225b43fd5428ccaa3e7dbe6d9883)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 37040: (QA follow-up) Tidy file
Matt Blenkinsop [Fri, 7 Jun 2024 12:33:24 +0000 (12:33 +0000)]
Bug 37040: (QA follow-up) Tidy file

QA tests were failing for tidyness so this patch addresses that

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit aeabe6c9f6dd221eec16f88f5c005390429cec0b)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 37040: Prevent ErrorDocument subrequests from activating CSRF
David Cook [Thu, 6 Jun 2024 01:34:23 +0000 (01:34 +0000)]
Bug 37040: Prevent ErrorDocument subrequests from activating CSRF

This change improves the mechanism for preventing the CSRF middleware
being activated by ErrorDocument subrequests.

This change was necessary due to a subtle issue identified by
Bug 37041.

Test plan:
0. Apply the patch
1. Restart Koha
koha-plack --restart kohadev
2. Go to http://localhost:8081/cgi-bin/koha/cataloguing/addbiblio.pl?biblionumber=9908
3. Log in
4. Note that you get a pretty 403 and not an ugly plain text error
5. Go to http://localhost:8081
6. Fill in the login details, but use the HTML inspector to delete
the csrf_token from the hidden inputs
7. Submit the login
8. Note a pretty 403 page

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit c1ac12417612799a0055046e10031943adb02e18)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 36995: Correct parameter name for library EAN deletion
Owen Leonard [Thu, 30 May 2024 18:07:27 +0000 (18:07 +0000)]
Bug 36995: Correct parameter name for library EAN deletion

This patches removes the "cud-" prefix from the "delete_confirm"
parameter check in Library EAN management. The confirm step is a GET
operation.

To test, apply the patch and restart services;

- Go to Administration -> Library EANs.
- Add an entry if necessary, then click "Delete."
- You should be taken to a confirmation page: "Confirm deletion of
  EAN..."
- Confirm deletion and verify that the EAN was deleted.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 900a1aecbb689cc3348038e011c90e96a76a37bf)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 34444: Correct handling of sort1 and sort2 values
Nick Clemens [Wed, 8 May 2024 13:22:58 +0000 (13:22 +0000)]
Bug 34444: Correct handling of sort1 and sort2 values

Removed extraneous sort_1 data elements
Update selectors to use field names for statistics field
Updated code to set the value after finding the correct selector

To test:
* Make sure you have at least 2 funds with different stat settings, using AV and not
* Create a basket with an order line
* Close it and receive shipment
* Create an invoice and receive the order line
* Finish receiving

* Click "Modify fund"
* Switch fund, verify the stat fields are updated accordingly
* Change values for statistical values
* Update fund
* Edit fund again, pull downs are correct
* Change values in form and close, do not update
* Click 'Modify fund' - confrim form is filled with the saved values

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 596d6b74eaa38e2adb6f6540f0d5b7b26d000c11)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 35989: (QA follow-up): Fix QA tests
Matt Blenkinsop [Thu, 30 May 2024 08:22:08 +0000 (08:22 +0000)]
Bug 35989: (QA follow-up): Fix QA tests

Some file tidying to pass the QA tests

Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 361ec4b2ea1873cd65fce8248218fe685ee354e7)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 35989: (QA follow-up) Add test and limit variable scope
Nick Clemens [Wed, 29 May 2024 13:54:52 +0000 (13:54 +0000)]
Bug 35989: (QA follow-up) Add test and limit variable scope

Before this patch if a record had a 751 and a 781 you could have fields repeated.
This patch reduces the scope of the fields to subdivision variable as it is only used in processing 7xx
fields and should not be shared between fields.

I also add unit tests

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 95f2aecc1b57b7c4bb8326f9f2fc9366a042a9c1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 35989: Stop geographic authority searches crashing
Matt Blenkinsop [Thu, 16 May 2024 09:33:34 +0000 (09:33 +0000)]
Bug 35989: Stop geographic authority searches crashing

Currently when searching for a geographic authority record the search will fail if the record has a heading in a 78X field. The system tries to do a regex match against an undefined variable causing an error. This patch makes that regex match conditional on the variable being defined to allow the search to succeed.

Test plan:
1) Navigate to Authorities
2) In the search bar at the top of the page, click on the dropdown options and in the 'Authority type' field, select 'Geographic Name'
3) Click search
4) You should have a list of authorities
5) Click on any authority record and then click edit and select to edit the record
6) Click on the "7" button
7) Click on the green text next to the '781' field to get the list of fields
8) In field 'v' enter any string you like
9) Click save
10) Repeat steps 1-3, this time it should display an error message for an Unmatched [ in regex
11) Apply patch
12) restart_all
13) Refresh the page, the results should show and the string you entered in the 'v' field should display on the record you edited

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6c9482f213ba7f65de490f49b1ddf3425a4ab478)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoBug 37043: Update the base URL for the Counter Registry API
Matt Blenkinsop [Thu, 6 Jun 2024 08:25:52 +0000 (08:25 +0000)]
Bug 37043: Update the base URL for the Counter Registry API

Test plan:
1) prove t/db_dependent/api/v1/erm_sushi_services.t
2) t/db_dependent/api/v1/erm_counter_registries.t

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8c90b87583f849970c76cb4cf7d512078c9c2879)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
4 months agoUpdate release notes for 24.05.01 release v24.05.01
Fridolin Somers [Mon, 10 Jun 2024 14:33:09 +0000 (16:33 +0200)]
Update release notes for 24.05.01 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
4 months agoIncrement version for 24.05.01 release
Fridolin Somers [Mon, 10 Jun 2024 14:16:08 +0000 (16:16 +0200)]
Increment version for 24.05.01 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36875: (follow-up) Modify query in translated_content
Marcel de Rooy [Thu, 16 May 2024 09:25:34 +0000 (09:25 +0000)]
Bug 36875: (follow-up) Modify query in translated_content

This removes the MySQLism for FIELD(..).
In this case we just want to get the non-default records in
the front. So we can just test lang=default. And prevent inserting
$lang in the expression. And so prevent execution in ORDER BY.
No longer needing the ->quote call too.

Test plan:
Run Koha/AdditionalContents.t again.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit c16f5c61849460489992977812f020ec7fa5c9f3)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36875: Unit test
Marcel de Rooy [Thu, 16 May 2024 08:41:19 +0000 (08:41 +0000)]
Bug 36875: Unit test

Test plan:
Run Koha/AdditionalContents.t without next patch.
Should fail on the sleep execution.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 58573f139427fa15c2c600edc65d0d263cd00222)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36875: Staff counterpart
Marcel de Rooy [Thu, 16 May 2024 07:33:41 +0000 (07:33 +0000)]
Bug 36875: Staff counterpart

Same change.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 73423bd894d5365ac491c92c6d5576052e4732f0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36875: Do not pass unsanitized language to $page->translated_content
Marcel de Rooy [Thu, 16 May 2024 07:19:30 +0000 (07:19 +0000)]
Bug 36875: Do not pass unsanitized language to $page->translated_content

Test plan:
Try to access opac-page.pl with a language not in OPACLanguages.
Verify that this 'language' was not passed to sql. Simplest perhaps
by debugging AdditionalContent.pm. Something like:
 sub translated_content {
     my ( $self, $lang ) = @_;
+warn "L137: $lang";
Now have a public additional_contents page and hit it:
    /cgi-bin/koha/opac-page.pl?page_id=5&language=badsql
Check your log and find:
[2024/05/16 07:25:53] [WARN] L137: en at [etc] line 137.
So badsql was caught.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 1a9e3647095eaf9563db59bd8b3a759a0875cc39)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36818: Escape characters in file names uploaded
Chris Cormack [Wed, 8 May 2024 22:41:43 +0000 (22:41 +0000)]
Bug 36818: Escape characters in file names uploaded

To test:
1/ create a file named something like 'execute`curl blog.bigballofwax.co.nz`.zip'
   Where the domain is one you can watch the logs from
2/ Upload this file as a cover image
3/ Check /var/lib/koha/sitename/tmp/koha_sitename/ and see unescaped filenames
4/ Choose process, check the logs of the webserver see the connection has been made
5/ Apply the patch
5/ Repeat 2 & 3 and see the filename is now escaped
6/ Choose process and check no errors but no no remote execution occurs
7/ Test uploading actual zip file and images still works

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 14bdaae3f257a321f8ec0d32c6b1e9bc6ed6033d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36520: Sanitize input in opac-sendbasket.pl
Chris Cormack [Mon, 13 May 2024 02:26:13 +0000 (02:26 +0000)]
Bug 36520: Sanitize input in opac-sendbasket.pl

To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+-  to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 2f3f42ba98b698871bc473d65a14b5e89d0ae86c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36520: Prevent SQL injection in GetPreparedLetter
Jonathan Druart [Mon, 13 May 2024 12:47:28 +0000 (14:47 +0200)]
Bug 36520: Prevent SQL injection in GetPreparedLetter

Actually in _get_tt_params

The following query will delay the response

SELECT `me`.`biblionumber`, `me`.`frameworkcode`, `me`.`author`, `me`.`title`, `me`.`medium`, `me`.`subtitle`, `me`.`part_number`, `me`.`part_name`, `me`.`unititle`, `me`.`notes`, `me`.`serial`, `me`.`seriestitle`
, `me`.`copyrightdate`, `me`.`timestamp`, `me`.`datecreated`, `me`.`abstract`
  FROM `biblio` `me`
WHERE `biblionumber` = '1) AND (SELECT 1 FROM (SELECT(SLEEP(6)))x)-- -'
ORDER BY field( biblionumber, 1 ) AND (
    SELECT 1
      FROM
    SELECT SLEEP( 6 ) x
   ) -- - )

To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+-  to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 0b3c98b0ba01ea5c886ecfe8eef174b5b7c6ec25)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36520: Add tests
Jonathan Druart [Wed, 15 May 2024 09:25:47 +0000 (11:25 +0200)]
Bug 36520: Add tests

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit ebbab1b398a97ecc884d4cbf22d5bd4239e014cb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: (QA follow-up) Shibboleth POD and checkpw_internal call
Marcel de Rooy [Tue, 30 Apr 2024 14:39:36 +0000 (14:39 +0000)]
Bug 36575: (QA follow-up) Shibboleth POD and checkpw_internal call

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 4cafd512cd31701fa3ee2a19abc4de4488b91e69)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: Adjust checkpw_internal to return patron
Nick Clemens [Wed, 24 Apr 2024 15:06:22 +0000 (15:06 +0000)]
Bug 36575: Adjust checkpw_internal to return patron

This patch refactors checkpw_internal to remove the SQL code, use patron ojbects, and return the
patron that correctly matches the userid/caerdnumber when auth is successful

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit fe78f06a50c41a7dbac24206e31bc5b1189ee185)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: (bug 34893 follow-up) Return patron when autocreating in Shibboleth
Nick Clemens [Wed, 24 Apr 2024 14:25:40 +0000 (14:25 +0000)]
Bug 36575: (bug 34893 follow-up) Return patron when autocreating in Shibboleth

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit f6fe24bdd8f72cdf09111a93d0ca0a114b5ee570)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: (bug 34893 follow-up) Return patron from LDAP
Nick Clemens [Wed, 24 Apr 2024 14:23:51 +0000 (14:23 +0000)]
Bug 36575: (bug 34893 follow-up) Return patron from LDAP

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit e6ce7aded6bc737fd98c2e94aba51abb4581afbb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: (QA follow-up)
Martin Renvoize [Thu, 11 Apr 2024 10:18:30 +0000 (12:18 +0200)]
Bug 36575: (QA follow-up)

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit fffc5600cad077e8b4d8d5211263f1935c5b07cd)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36575: Return correct patron when there is a shared userid / cardnumber
Nick Clemens [Thu, 11 Apr 2024 09:39:03 +0000 (09:39 +0000)]
Bug 36575: Return correct patron when there is a shared userid / cardnumber

This patch moves some patron fetching code in C4/Auth to use to patron returned from the validation
methods and only try to fetch the patron (to check if locked, update attempts, etc) if we didn't authenticate

To test:
1 - Set a user to have userid = BANANA password = Password1
2 - Set a user to have cardnumber = BANANA password = Password2
3 - Hit the patron authentication API:
    http://localhost:8080/api/v1/auth/password/validation
    with data:
    { "identifier": "BANANA", "password":"Password1" }
    and:
    { "identifier": "BANANA", "password":"Password2" }
4 - Note you receive the same response for both
5 - Apply patch, restart all
6 - Repeat the API and confirm you get the correct patron for the password submitted

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit ff4e0c4293486d2db31d2f48d9f6f31d6470965a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36993: Upgrade fails at 23.12.00.023 [Bug 32132]
Emmi Takkinen [Fri, 31 May 2024 09:39:57 +0000 (12:39 +0300)]
Bug 36993: Upgrade fails at 23.12.00.023 [Bug 32132]

Database update fails on some databases because of
foreign key constraint error. This comes from attempt
to make column aqbudgets.budget_period_id not accept
NULL values. Update also fails if there are rows where
column aqbudgets.budget_period_id doesn't match any
values in aqbudgetperiods.budget_period_id.

To test:
1. Remove changes made in bug 32132 and downgrade your database:
- ALTER TABLE aqbudgets MODIFY COLUMN `budget_period_id` INT(11) NULL;
- UPDATE aqbudgets SET budget_period_id = NULL
WHERE budget_period_id IN(SELECT budget_period_id FROM aqbudgetperiods
WHERE budget_period_description = "Budget for funds without budget");
- DELETE FROM aqbudgetperiods
WHERE budget_period_description = "Budget for funds without budget";
- UPDATE systempreferences SET value="23.1200022" WHERE variable = "Version;
2. Upgrade your database (e.g. running installer/data/mysql/updatedatabase.pl)
=> Update fails on foreign key constraint error.
4. Apply this patch.
5. Try to update your database again.
=> Database should now be upgraded succesfully.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 309127226fb5a308e744ed4011d407e4ec3bed28)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986: (follow-up) Ensure idempotency
Martin Renvoize [Thu, 6 Jun 2024 06:30:37 +0000 (07:30 +0100)]
Bug 36986: (follow-up) Ensure idempotency

MySQL/MariaDB checks the primary key/unique constraint before WHERE
clause when performing an UPDATE. As such, the lack of AutoLocation
existing will not prevent a failure on a second run of the update.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 73634e93fd044d68e6415601ebeab7dbcca5286e)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986L (follow-up) Ensure idempotency
Martin Renvoize [Wed, 5 Jun 2024 17:10:33 +0000 (18:10 +0100)]
Bug 36986L (follow-up) Ensure idempotency

MySQL/MariaDB checks the primary key/unique constraint before WHERE
clause when performing an UPDATE. As such, the lack of AutoLocation
existing will not prevent a failure on a second run of the update.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit dc2388281c8e0e9c11ee5829cf09b7737a2f1c6c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986: DBRev 24.05.00.001
Martin Renvoize [Wed, 5 Jun 2024 13:32:57 +0000 (14:32 +0100)]
Bug 36986: DBRev 24.05.00.001

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 1c779aaca820b8dd2edeab3f3369ac342dadb089)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986: (QA follow-up) Catch the case where someone already upgraded
Martin Renvoize [Tue, 4 Jun 2024 10:15:59 +0000 (11:15 +0100)]
Bug 36986: (QA follow-up) Catch the case where someone already upgraded

This adds a corresponding atomic update for the case where someone may
have already upgraded past the version we're correcting in the prior
patch.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit d0f12989518b32c7bf9cb8093d57e49b038e8d70)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoBug 36986: (Bug 26176 follow-up) Fix rename StaffLoginBranchBasedOnIP in BDRev
Fridolin Somers [Wed, 29 May 2024 15:29:21 +0000 (17:29 +0200)]
Bug 36986: (Bug 26176 follow-up) Fix rename StaffLoginBranchBasedOnIP in BDRev

Test by running upgrade from 23.11.00 to main
Check you see :
Upgrade to 23.12.00.061  [15:34:36]: Bug 26176 - Rename AutoLocation and StaffLoginBranchBasedOnIP system preferences
Renamed system preference 'AutoLocation' to 'StaffLoginRestrictLibraryByIP'
Renamed system preference 'StaffLoginBranchBasedOnIP' to 'StaffLoginLibraryBasedOnIP'

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit ebd4aa682796b8ac4666e948e7c55fde4d91ad2d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
5 months agoKoha 24.05 is here! v24.05.00
Katrin Fischer [Mon, 27 May 2024 12:48:23 +0000 (12:48 +0000)]
Koha 24.05 is here!

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months ago24.05.00: Add release notes
Katrin Fischer [Mon, 27 May 2024 13:09:06 +0000 (13:09 +0000)]
24.05.00: Add release notes

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months ago24.05.00: Update kohastructure.sql
Katrin Fischer [Mon, 27 May 2024 13:00:17 +0000 (13:00 +0000)]
24.05.00: Update kohastructure.sql

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months ago24.05.00: Update history.txt
Katrin Fischer [Mon, 27 May 2024 12:56:11 +0000 (12:56 +0000)]
24.05.00: Update history.txt

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months ago24.05.00: Update contributors.yaml
Katrin Fischer [Mon, 27 May 2024 12:55:29 +0000 (12:55 +0000)]
24.05.00: Update contributors.yaml

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 31981: (follow-up) Fix typo in class name
Katrin Fischer [Fri, 24 May 2024 13:53:36 +0000 (13:53 +0000)]
Bug 31981: (follow-up) Fix typo in class name

.debt_gaurantors > .debt_guarantors

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36946: Fix cud- error when processing offline circulations
Owen Leonard [Thu, 23 May 2024 13:13:06 +0000 (13:13 +0000)]
Bug 36946: Fix cud- error when processing offline circulations

This patch fixes a CSRF token error when processing offline
circulations. The form needed both the token parameter and to be sent as
POST.

To test, apply the patch and go to Circulation.

- Go to Upload offline circulation file (.koc)
- Upload a .koc file, add to offline circulation queue.
- View pending offline circulation actions.
- Check one or more transactions and click "Process" at the bottom of
  the page.
  - The process should complete without any JS errors, and the
    checkboxes should be replaced with the text "Success."
- Perform the same test with the "Delete" button.

Sponsored-By: Athens County Public Libraries
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 26176: (follow-up) Replace branch with library in syspref description
Nick Clemens [Fri, 24 May 2024 11:30:54 +0000 (11:30 +0000)]
Bug 26176: (follow-up) Replace branch with library in syspref description

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36939: Remove a warning from Serials.t
Jonathan Druart [Thu, 23 May 2024 07:50:59 +0000 (09:50 +0200)]
Bug 36939: Remove a warning from Serials.t

t/db_dependent/Serials.t .. 2/57 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Serials.pm line 2029.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36923: Remove warnings from Holds/LocalHoldsPriority.t
Jonathan Druart [Wed, 22 May 2024 12:01:28 +0000 (14:01 +0200)]
Bug 36923: Remove warnings from Holds/LocalHoldsPriority.t

t/db_dependent/Holds/LocalHoldsPriority.t .. 1/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. 2/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. 5/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. ok
All tests successful.

We didn't have the default values generated by the DBMS

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36931: Fix label-item-search.pl by removing CSRF requirement
David Cook [Thu, 23 May 2024 06:43:40 +0000 (06:43 +0000)]
Bug 36931: Fix label-item-search.pl by removing CSRF requirement

This change converts a stateless POST into a GET, so that the paging
of the label-item-search.pl results works again.

Test plan:
0. Apply the patch and restart Koha
1. Go to http://localhost:8081/cgi-bin/koha/labels/label-edit-batch.pl?op=new
2. Click "Add item(s)"
3. Add '05/01/2000' in "Added on or after date:" and click "Search"
4. Page through the results
5. Rejoice

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
5 months agoBug 36816: Remove warning
Jonathan Druart [Wed, 22 May 2024 08:08:30 +0000 (10:08 +0200)]
Bug 36816: Remove warning

Use of uninitialized value in string eq at /kohadevbox/koha/opac/opac-memberentry.pl line 629.

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>