]> git.koha-community.org Git - koha.git/log
koha.git
6 years agoKoha 18.05.00 is here! v18.05.00
Jonathan Druart [Thu, 24 May 2018 13:40:27 +0000 (10:40 -0300)]
Koha 18.05.00 is here!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoAdd release notes for Koha 18.05.00
Jonathan Druart [Thu, 24 May 2018 14:45:52 +0000 (11:45 -0300)]
Add release notes for Koha 18.05.00

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agorevert missing part of bug 20073
Jonathan Druart [Thu, 24 May 2018 17:18:08 +0000 (14:18 -0300)]
revert missing part of bug 20073

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoRevert "Bug 20073: Update DBIC Schema changes"
Jonathan Druart [Thu, 24 May 2018 17:17:18 +0000 (14:17 -0300)]
Revert "Bug 20073: Update DBIC Schema changes"

This reverts commit dc300b6547355019d9135c2023c444df7a7f3cff.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoFix translation issues
Jonathan Druart [Thu, 24 May 2018 17:26:55 +0000 (14:26 -0300)]
Fix translation issues

1.
 <failure message="msgfmt
 failure">misc/translator/po/fr-CA-staff-prog.po:713: number of format
 specifications in 'msgid' and 'msgstr' does not match

2.
 <failure message="msgfmt
 failure">misc/translator/po/hy-Armn-staff-prog.po:53901: 'msgstr' is
 not a valid C format string, unlike 'msgid'. Reason: The character
 that terminates the directive number 1 is not a v
 alid conversion specifier.

Found with:
 sudo apt-get install translate-toolkit
 junitmsgfmt misc/translator/po/ar-Arab-staff-prog.po

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoTranslation updates for Koha 18.05.00
Koha translators [Thu, 24 May 2018 13:37:29 +0000 (10:37 -0300)]
Translation updates for Koha 18.05.00

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19287: (follow-up) Use the notice defined for the library of the patron
Jonathan Druart [Thu, 24 May 2018 13:09:36 +0000 (10:09 -0300)]
Bug 19287: (follow-up) Use the notice defined for the library of the patron

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20701: Add csrf protection to mancredit.pl
Jonathan Druart [Thu, 3 May 2018 12:09:19 +0000 (09:09 -0300)]
Bug 20701: Add csrf protection to mancredit.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20701: Add csrf protection to maninvoice.pl
Nick Clemens [Thu, 3 May 2018 11:52:24 +0000 (11:52 +0000)]
Bug 20701: Add csrf protection to maninvoice.pl

TO test:
1 - Be signed in to Koha
2 - Add a manual invoice to an account, works fine
3 - Now do it via url: http://localhost:8081/cgi-bin/koha/members/maninvoice.pl?borrowernumber=5&type=test&amount=5&add=Save
4 - Apply patches
5 - Test that everything continues to work as expected (but more securely)
6 - Try adding a new invoice via URL
7 - Should get 'internal server error' and wrong csrf token in logs

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20803: Cannot search to hold or use print options from API keys interface
Owen Leonard [Tue, 22 May 2018 17:46:36 +0000 (17:46 +0000)]
Bug 20803: Cannot search to hold or use print options from API keys interface

This patch adds a required JS asset to the patron API key interface.
Without it, JS-based functions in the toolbar do not work.

To test you must have RESTOAuth2ClientCredentials enabled.

 - From a patron detail page, choose More -> Manage API keys.
 - Test the toolbar buttons on this page, especially "Search to hold"
   and the various print options.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20730: Move the authentication block before doing anything
Jonathan Druart [Tue, 8 May 2018 17:27:38 +0000 (14:27 -0300)]
Bug 20730: Move the authentication block before doing anything

No need to add more information here, it's self-explanatory...

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20801: Make dependency on memcached mandatory
Mirko Tietgen [Tue, 22 May 2018 11:48:10 +0000 (13:48 +0200)]
Bug 20801: Make dependency on memcached mandatory

Move memcached from suggested to depends for Debian packages.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20800: Keep Koha on Stretch from using broken libhttp-oai-perl
Mirko Tietgen [Tue, 22 May 2018 10:32:19 +0000 (12:32 +0200)]
Bug 20800: Keep Koha on Stretch from using broken libhttp-oai-perl

libhttp-oai-perl in Stretch is 4.03 and broken. Koha depends on
libhttp-oai-perl << 4 for that reason. To make the installation of Koha
on Stretch as easy as possible, this patch adds the alternative
libhttp-oai-3.27-perl which we provide in the Koha repository.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoRevert "Bug 20073: Move Elasticsearch configs to yaml files and improve the default...
Jonathan Druart [Mon, 21 May 2018 14:02:04 +0000 (11:02 -0300)]
Revert "Bug 20073: Move Elasticsearch configs to yaml files and improve the default settings."

This reverts commit f489d2034bbc3bff67230423a7986d5ea34060ec.

This commit breaks the install process when using debian packages.
Reverting as we are very close to the 18.05.00 release

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoRevert "Bug 20073: Remove perlcritic error"
Jonathan Druart [Mon, 21 May 2018 14:01:58 +0000 (11:01 -0300)]
Revert "Bug 20073: Remove perlcritic error"

This reverts commit 67359a97f4cbf828dbe93a7b08ec7283258b46c5.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20792: (bug 18789 follow-up) Fix patron edit page if TranslateNotices is set
Jonathan Druart [Mon, 21 May 2018 13:40:43 +0000 (10:40 -0300)]
Bug 20792: (bug 18789 follow-up) Fix patron edit page if TranslateNotices is set

translated_language is not a Koha::Patron's method but a simple variable
sent to the template.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoRelease notes for 18.05.00-rc2
Jonathan Druart [Thu, 17 May 2018 16:36:48 +0000 (13:36 -0300)]
Release notes for 18.05.00-rc2

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 18786: Add PAYMENT_TYPE to the installer file
Jonathan Druart [Thu, 17 May 2018 16:16:32 +0000 (13:16 -0300)]
Bug 18786: Add PAYMENT_TYPE to the installer file

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 18856: (QA follow-up) Rename method to avoid confusion
Kyle M Hall [Thu, 11 Jan 2018 14:44:08 +0000 (09:44 -0500)]
Bug 18856: (QA follow-up) Rename method to avoid confusion

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Hmm. I would have liked the opac parameter even better ;)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 18856: Don't show cancel option for waiting holds in OPAC
Jonathan Druart [Wed, 10 Jan 2018 19:49:33 +0000 (16:49 -0300)]
Bug 18856: Don't show cancel option for waiting holds in OPAC

This is the alternative patch of Kyle's
"""
If a hold is 'waiting' for the patron to collect then the patron should
be prevented from cancelling the hold via their account in the opac.
If a patron tries to cancel the hold, Koha will give an 'are you sure'
alert and when you click Yes the page just refreshes and the hold
remains.
Staff can cancel the hold from the staff interface but they can then
action the waiting hold.
I think therefore that it is correct behaviour that a patron cannot
cancel a hold when it reaches waiting state via the opac but it would be
useful to either have a warning to prevent the cancellation or a useful
message when they attempt to do so.

The template was using a method that tells Koha if *staff* can cancel a
hold,
instead of patron.

Test Plan:
1) Set up a waiting hold
2) Try to cancel it from the opac
3) Note you cannot
4) Apply this patch
5) Reload the page
6) Note the cancel button has disappeared for found holds
"""

It sounds better to keep the ->is_cancelable method, for readability

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19862: Turn off RoutingListAddReserves on new installations
Katrin Fischer [Tue, 17 Apr 2018 05:55:52 +0000 (07:55 +0200)]
Bug 19862: Turn off RoutingListAddReserves on new installations

The RoutingListAddReserves feature currently doesn't work as
expected (see bug 2894) and should be turned off for new
installations until properly fixed.

To test:
- Run the web installer
- Confirm that RoutingListAddReserves is set to "Don't place"

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 7143: Update about page for documentation team
Lee Jamison [Wed, 16 May 2018 15:56:26 +0000 (11:56 -0400)]
Bug 7143: Update about page for documentation team

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20706: Fix bad HTML link to help file
Mark Tompsett [Tue, 15 May 2018 02:59:24 +0000 (02:59 +0000)]
Bug 20706: Fix bad HTML link to help file

Before there is no href.
After there is.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20706: Adds en language code to the links to the manual
Katrin Fischer [Thu, 10 May 2018 17:03:47 +0000 (19:03 +0200)]
Bug 20706: Adds en language code to the links to the manual

As we don't have a fix yet to link to the right translated manual,
this adds /en to the links from the help files to the manual to
make them work again.

Check with both patches applied, that the links work.
You will have to change 17.11 to 18.05.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20706: Fixes the links to the manual to reflect chanced chapter file names
Katrin Fischer [Thu, 3 May 2018 21:26:40 +0000 (23:26 +0200)]
Bug 20706: Fixes the links to the manual to reflect chanced chapter file names

The numbering in front of the chapter file names has been removed,
so the links need to be adapted accordingly.

Note:
Testing this in master currently won't work for 2 reasons:
- We are still using 17.11 as version variable, will be 18.05 later.
- We are missing the lanugage code before /html and this leads
  to an outdated version of the 18.05 manual.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20724: (QA follow-up) Remove two obsolete comment lines
Marcel de Rooy [Wed, 16 May 2018 12:43:27 +0000 (14:43 +0200)]
Bug 20724: (QA follow-up) Remove two obsolete comment lines

No test plan :)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20724: Add tests for ReservesNeedReturns
Jonathan Druart [Thu, 10 May 2018 14:40:33 +0000 (11:40 -0300)]
Bug 20724: Add tests for ReservesNeedReturns

Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20724: Move the ReservesNeedReturns logic to AddReserve
Jonathan Druart [Thu, 10 May 2018 14:40:11 +0000 (11:40 -0300)]
Bug 20724: Move the ReservesNeedReturns logic to AddReserve

Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20724: Correctly mark an hold as waiting - ReservesNeedReturns
Kyle M Hall [Thu, 10 May 2018 12:12:04 +0000 (08:12 -0400)]
Bug 20724: Correctly mark an hold as waiting - ReservesNeedReturns

We need to call Koha::Hold->set_waiting to correctly
calculate the expiration date.

It fixes a regression introduced by
  commit 26634151dbce0bf39ff6c9eda5b58bb993996a2d
  Bug 12063 - Fix QA failures

The expiration date has to be set for waiting holds

== Test plan (time to execute: less than 4min) ==
1. Set ReservesNeedReturns to "Don't automatically"
2. Place a hold on a specific item
3. Check it in and confirm hold
4. The hold should have an expiration date
     record page → Hold → "Expiration" column
5. It should be listed in staff:/cgi-bin/koha/circ/waitingreserves.pl
6. Set ReservesNeedReturns to "Automatically"
7. Place a hold on a specific item
    (which should also behave like we check the item in to
    keep it for the patron)
8. The hold should have an *empty* expiration date
     record page → Hold → "Expiration" column
9. Holds awaiting pickup page should crash
     staff:/cgi-bin/koha/circ/waitingreserves.pl
10. Cancel the hold to remove the corrupted data
     record page → Hold → the red X
11. Apply this patch
12. Place a hold on a specific item
13. The hold should have an expiration date (not empty)
14. It should be listed in staff:/cgi-bin/koha/circ/waitingreserves.pl
15. Celebrate!

Signed-off-by: Victor Grousset <victor.grousset@biblibre.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20437: Update debian/control
Mirko Tietgen [Tue, 15 May 2018 17:23:25 +0000 (19:23 +0200)]
Bug 20437: Update debian/control

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20437: Force the dependency on HTTP::OAI < 4.0
Tomas Cohen Arazi [Fri, 16 Mar 2018 18:22:47 +0000 (15:22 -0300)]
Bug 20437: Force the dependency on HTTP::OAI < 4.0

Until HTTP::OAI is patched so it actually works, and bug 17704 fixes the API change Koha-side, we need to explicitly pull the right version. Otherwise people using Debian 9+ derived distros (Ubuntu 16.04+) are seeing production issues.

This implies packaging our custom libhttp-oai-perl distribution in the meantime.

This patch makes Koha require a version lower than 4.0.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20693: Update control file
Mirko Tietgen [Tue, 15 May 2018 11:58:03 +0000 (13:58 +0200)]
Bug 20693: Update control file

Auto-generated file.

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20693: Plack fails, because 'libcgi-emulate-psgi-perl' package is not installed
Mirko Tietgen [Tue, 15 May 2018 11:47:10 +0000 (13:47 +0200)]
Bug 20693: Plack fails, because 'libcgi-emulate-psgi-perl' package is not installed

Add CGI::Emulate::PSGI to PerlDependencies.pm

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 17084: Automatic debian/control updates (master)
Mirko Tietgen [Mon, 14 May 2018 20:21:14 +0000 (22:21 +0200)]
Bug 17084: Automatic debian/control updates (master)

18.05.00-rc1

Signed-off-by: Mirko Tietgen <mirko@abunchofthings.net>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20764: Fix Plugins.t v18.05.00-rc1
Jonathan Druart [Mon, 14 May 2018 16:09:16 +0000 (13:09 -0300)]
Bug 20764: Fix Plugins.t

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20764: (follow-up) Rename the test file
Jonathan Druart [Mon, 14 May 2018 15:33:48 +0000 (12:33 -0300)]
Bug 20764: (follow-up) Rename the test file

There is something wrong here...

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20404: Fix Patrons/Import.t
Jonathan Druart [Mon, 14 May 2018 15:25:42 +0000 (12:25 -0300)]
Bug 20404: Fix Patrons/Import.t

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20764: Rename the test file
Jonathan Druart [Mon, 14 May 2018 15:14:33 +0000 (12:14 -0300)]
Bug 20764: Rename the test file

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20764: (QA follow-up) Fix path to sample plugins
Tomas Cohen Arazi [Mon, 14 May 2018 15:03:32 +0000 (12:03 -0300)]
Bug 20764: (QA follow-up) Fix path to sample plugins

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20764: Koha_Template_Plugin_KohaPlugins.t is db dependent
Mirko Tietgen [Mon, 14 May 2018 12:46:20 +0000 (14:46 +0200)]
Bug 20764: Koha_Template_Plugin_KohaPlugins.t is db dependent

t/Koha_Template_Plugin_KohaPlugins.t is DB dependent.
This patch moves it to t/db_dependent/

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20428: Display warning if the entry is empty
Jonathan Druart [Mon, 14 May 2018 14:11:34 +0000 (11:11 -0300)]
Bug 20428: Display warning if the entry is empty

And not only if the entry is missing. We should do the same for other
entries.
Also, use Koha::UploadedFile->temporary_directory to know the fallback
value.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20428: (QA follow-up) Remove redundant directory level
Marcel de Rooy [Mon, 14 May 2018 07:05:21 +0000 (09:05 +0200)]
Bug 20428: (QA follow-up) Remove redundant directory level

Upload creates its own upload folder in the temp folder, so there is no
need to add another level in temporary_directory.
Removing the creation of this folder in koha-create-dirs too.

Also removing the use Koha::UploadedFiles in about.pl. No longer needed.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20428: Make upload_tmp a more general tmp directory
Tomas Cohen Arazi [Fri, 11 May 2018 17:24:32 +0000 (14:24 -0300)]
Bug 20428: Make upload_tmp a more general tmp directory

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20428: Added missing parameter --upload-tmp-path
Mark Tompsett [Tue, 8 May 2018 16:14:48 +0000 (16:14 +0000)]
Bug 20428: Added missing parameter --upload-tmp-path

Line 463 lists valid parameters, but it was missing
upload-tmp-path: which resulted in the koha-create
saying it is an invalid parameter.

TEST PLAN
---------
1) apply all patches but this.
2) sudo perl ~/misc4dev/cp_debian_files.pl
3) restart_all
4) sudo koha-create --create-db --upload-tmp-path unique-path
awesome-test-name
   -- Fails to run.
5) apply this patch
6) repeat 2-4
7) sudo vi /etc/koha/sites/awesome-test-name/koha-conf.xml
   -- the upload_tmp_path entry should have unique-path
      in it.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20428: Make about.pl inform about missing upload_tmp_path entry
Tomas Cohen Arazi [Thu, 29 Mar 2018 13:45:30 +0000 (10:45 -0300)]
Bug 20428: Make about.pl inform about missing upload_tmp_path entry

This patch makes about.pl warn about a missing upload_tmp_path entry in
koha-conf.xml. It also mentions the effectively used tmp dir.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20428: Make Koha::UploadedFile use the new config entry for tmp files
Tomas Cohen Arazi [Thu, 29 Mar 2018 13:44:59 +0000 (10:44 -0300)]
Bug 20428: Make Koha::UploadedFile use the new config entry for tmp files

This patch makes Koha::UploadedFile->temporary_directory try to use the
new configuration entry. It will fallback to File::Spec->tmpdir
otherwise.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20428: Add the option to specify a tmp uploads dir
Tomas Cohen Arazi [Thu, 29 Mar 2018 13:25:43 +0000 (10:25 -0300)]
Bug 20428: Add the option to specify a tmp uploads dir

This patch adds an option to the koha-conf.xml file for specifying
a temporary uploaded files directory.

The koha-create script is adjusted to handle it and a convenient option
switch is added. If ommited, it will default to
/var/lib/koha/<instance>/uploads_tmp.

koha-create-dirs is patched to create the required directory with the
right permissions.

The docs get the new parameter documented.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20404: Turn on ExtendedPatronAttributes by default for new installations
Katrin Fischer [Thu, 10 May 2018 19:05:07 +0000 (21:05 +0200)]
Bug 20404: Turn on ExtendedPatronAttributes by default for new installations

Extended patron attributes are a very useful feature that should be
more obvious. We should activate them by default for new installations.

For testing:
- Run the web isntaller on an empty database
- Check that after installation ExtendedPatronAttributes is turned on

Signed-off-by: Charles Farmer <charles.farmer@inLibro.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19181: Do not screenshot
Jonathan Druart [Fri, 11 May 2018 19:25:13 +0000 (16:25 -0300)]
Bug 19181: Do not screenshot

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19181: Fix jenkins failure
Jonathan Druart [Fri, 11 May 2018 18:41:35 +0000 (15:41 -0300)]
Bug 19181: Fix jenkins failure

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20623: (QA follow-up) avoid fetch() calls in some cases
Victor Grousset [Fri, 11 May 2018 15:43:33 +0000 (17:43 +0200)]
Bug 20623: (QA follow-up) avoid fetch() calls in some cases

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20737: Use https for baker and taylor cover images
Nick Clemens [Wed, 9 May 2018 11:51:20 +0000 (11:51 +0000)]
Bug 20737: Use https for baker and taylor cover images

Easy change, should be able to verify with code review or testing with
dummy values

To test:
1 - Put some values in baker and taylor prefs (don't need to be valid)
2 - Do a search on the opac (and have some items with isbns)
3 - Inspect the cover images links to ensure they are formed correctly
4 - prove -v t/External/BakerTaylor.t

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20707: Replace circ/search.pl circulate permission requirement with catalogue
Nick Clemens [Fri, 4 May 2018 13:54:49 +0000 (13:54 +0000)]
Bug 20707: Replace circ/search.pl circulate permission requirement with catalogue

To test:
 1 - Setup a staff patron with permissions:
   - catalogue
   - reserveforothers
   - course_reserves
 2 - Log in to staff client as that patron
 3 - Find a record and click to place a hold
 4 - Type more than three letters into the search bar but don't submit
 5 - Note that you will not receive autocomplete results
 6 - Either submit, or try to visit any page in staff client
 7 - Your session has been expired, you must log in again
 8 - Log in, go to course reserves
 9 - As before, trigger the autocomplete search in the instrcutor field
10 - Again your session has been terminated
11 - Apply patch
12 - Repeat above actions, this time you will not be kicked out

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 7910: Give feedack when the subscriptions have been renewed
Jonathan Druart [Wed, 18 Apr 2018 18:11:47 +0000 (15:11 -0300)]
Bug 7910: Give feedack when the subscriptions have been renewed

This patch adds a message to the user to let them know the subscription
have been renewed successfully.

Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19792: Few minor fixes
Jonathan Druart [Fri, 5 Jan 2018 16:29:06 +0000 (13:29 -0300)]
Bug 19792: Few minor fixes

- No string extrapolation needed on SQL queries
- '== undef' must be written 'if not defined'

Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19792: (QA follow-up) Move anonymous sub out of GetHierarchy
Marcel de Rooy [Wed, 27 Dec 2017 16:04:36 +0000 (17:04 +0100)]
Bug 19792: (QA follow-up) Move anonymous sub out of GetHierarchy

Test plan:
Run t/db_dependent/Budgets.t.
Without both patches, running the test is slower than with only the first
or both patches.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19792: Performance boost for GetBudgetHierarchy
David Bourgault [Mon, 11 Dec 2017 16:56:27 +0000 (11:56 -0500)]
Bug 19792: Performance boost for GetBudgetHierarchy

This patches reduces the number of SQL calls by combining multiple calls to the recursive functions GetBudgetSpent(), GetBudgetOrdered(), etc. into 4 big queries.
It also removes duplicate function calls from acqui-home.pl

Test plan:
0) Visit Acquisition home
0) Apply patch
1) Refresh page. It shoud look identical.
2) prove t/db_dependent/budgets.t

Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19579: Do not confirm the registration if email already used - PatronSelfRegistra...
Jonathan Druart [Fri, 22 Dec 2017 17:52:26 +0000 (14:52 -0300)]
Bug 19579: Do not confirm the registration if email already used - PatronSelfRegistrationEmailMustBeUnique

If PatronSelfRegistrationVerifyByEmail and
PatronSelfRegistrationEmailMustBeUnique are set, it should not be
possible to register twice with the same email.
However the test is made on already created patron cards when the
registration is done.
Which means it is possible to register several times with the same
email address and click on the registration link to finalise the
registration.

This patch adds a test when the registration link is clicked and display
the "Registration invalid" generic message if the same email is used

Test plan:
1. Patron submits self registration form using the same email address 3
times
2. Patron receives 3 verification emails
3. Patron clicks on 3 verify token URLs
=> Only the first registration should succeed, the 2 others must fail

Maybe we should display a more specific message?

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20623: (QA follow-up) Remove one find call
Marcel de Rooy [Fri, 11 May 2018 09:33:32 +0000 (11:33 +0200)]
Bug 20623: (QA follow-up) Remove one find call

Imo these somewhat weird lines ask for improvement, but I don't want to change
the exact conditions here. Just removing the need to call find twice.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20623: Fix basket group PDF when itemtype not itemtype table
Victor Grousset [Fri, 20 Apr 2018 09:17:26 +0000 (11:17 +0200)]
Bug 20623: Fix basket group PDF when itemtype not itemtype table

When an item has an itemtype not in the itemtype table. Trying to fetch
it's description lead to an error.
Using authorized values like ccode to populate the itemtypes of the
biblioitems (instead of the itemtype table) can lead to such data.
Or importing records with invalid itemtype codes. Koha doesn't do enough
checks at import to at least warn about these issues.

== Test plan ==
1. first we need an item with an itype not in the item_types table
   1. download a record as MARCXML
   2. find it's item type in administration; and the related code
   3. open the MARCXML file and search for occurences of the code
        and replace them by some non-existing value like "FOOBAR"
   4. also change the barcode so it won't be ignored because
        it's a duplicate
   5. also change the title to easily find it later in the search
   6. tools → "Stage MARC records for import"
   7. upload your file
   8. "stage for import"
   9. click "Manage staged records"
        You should end on the page related to your staged record
   10. "Import this batch into the catalog"

2. now we need it in a basket group
   1. have/create a active budget
   2. have/create a fund
   3. have/create a vendor with minimal info
   4. create a basket with minimal info
   5. add our imported item to the basket
        for example search it by name
   6. go to the basket. URL should be
      /cgi-bin/koha/acqui/basket.pl?basketno=XXXXX
   7. close this basket
        and tick "Attach this basket to a new basket group with the same name"
   8. you will end up in the basket groups lists
   9. go to the "closed" tab
   11. go to the basket group
          your vendor page => Basket groups => Closed

3. export as PDF, it should fail (internal server error)
     this is the bug (no kidding ^_^)
4. apply this patch
5. reexport the basket as PDF
6. it should work
7. create an item type (in administration)
     that has the same code as the one that you put in the MARCXML
8. reexport the basket as PDF
9. check that in the PDF that the description is here:
     table at the bottom of the document → "Document" column

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20722: Display search results when searching only by ITEMTYPECAT
Jonathan Druart [Mon, 7 May 2018 18:04:33 +0000 (15:04 -0300)]
Bug 20722: Display search results when searching only by ITEMTYPECAT

- Create an entry for the ITEMTYPECAT authorised value category.
  Make sure to fill in the OPAC description.
- Go to administration > itemtypes and add the new category to 2 item types.
- Go to the OPAC and check that the advanced search shows your new itemtype
  group instead of the individual itemtypes.
- Check the checkbox and Search.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20695: Fix multiple upload result in tools/upload script
Marcel de Rooy [Wed, 2 May 2018 12:50:32 +0000 (14:50 +0200)]
Bug 20695: Fix multiple upload result in tools/upload script

Instead of calling UploadedFiles->find only once with $id, we should
extract all comma separated id's from the parameter.

Test plan:
[1] Before this patch, upload two files at once in Tools/Upload. After doing
    so, you should see only one result reported. But both files should
    have been uploaded.
[2] With this patch, repeat step 1 and see two upload results.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Patch applies and functions as described.
Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20719: USE Branches in TT files
Mark Tompsett [Mon, 7 May 2018 18:14:22 +0000 (18:14 +0000)]
Bug 20719: USE Branches in TT files

TEST PLAN
---------
In the staff client on a kohadevbox:
1) Enable the HouseboundModule system preference.
2) Enable the EnableBorrowerFiles system preference.
3) Go to a patron detail page.
   -- note the Home library is shown.
4) Go to Fines tab (left pane)
   -- Home library is still shown.
5) Click each of the four horizontal tabs
   (Account, Pay fines, Create manual invoice,
    Create manual credit)
   -- Home library not visible for both create tabs
      and the account tab
6) Click the 'Create manual invoice' tab, and create
   some kind of entry.
7) On the 'Account' tab, the table has a 'Details' button.
   Click that.
   -- Home library not visible.
8) Click the 'Details' tab in the left pane.
9) Click 'More' button and choose 'Delete'
   -- Home library not visible when asked for delete
      confirmation.
10) Cancel that, and if you know how to actually
    set up the Norwegian system preferences you can
    figure out how to test the nl-search change.

After seeing all these not visible, apply this patch.
Repeat all the steps, but this time the Home library
should be visible.

Works OK.

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20719: Add missing USE Branches to files.tt
Amit Gupta [Mon, 7 May 2018 12:18:57 +0000 (17:48 +0530)]
Bug 20719: Add missing USE Branches to files.tt

Test

On a kohadevbox:
0. Enable the EnableBorrowerFiles system preference
1. Go to any patron, and click on the 'Files' tab in the
   left pane.
   -- the Home library is not displayed.
2. Apply the patch, restart_all, and reload the page.
   -- the Home library is now displayed.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20746: Move it-IT files to optional
Jonathan Druart [Fri, 19 Jan 2018 12:34:20 +0000 (09:34 -0300)]
Bug 20746: Move it-IT files to optional

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20745: koha-zebra doesn't return the correct error codes
Tomas Cohen Arazi [Thu, 10 May 2018 15:37:53 +0000 (12:37 -0300)]
Bug 20745: koha-zebra doesn't return the correct error codes

This patch makes koha-zebra return 0 (or 1) even when verbose mode is
off. This made koha-zebra --start always return a failure even when the
daemon was correctly launched.

To test:
- Have Zebra running for kohadev instance on your KohaDevBox
- Run:
  $ sudo koha-zebra --stop kohadev && echo yay || echo doh
=> FAIL: 'doh' is printed
- Run:
  $ sudo koha-zebra --start kohadev e&& echo yay || echo doh
=> FAIL: 'doh' is printed as well
- Apply this patch
- Run:
  $ sudo perl misc4dev/cp_debian_files.pl
  $ sudo koha-zebra --stop kohadev && echo yay || echo doh
=> SUCCESS: 'yay' is printed
- Run:
  $ sudo koha-zebra --start kohadev e&& echo yay || echo doh
=> SUCCESS: 'yay' is printed
- Sign off :-D

Sponsored-by: ByWater Solutions
Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19181: Add new tests
Jonathan Druart [Wed, 25 Apr 2018 19:08:25 +0000 (16:08 -0300)]
Bug 19181: Add new tests

This patch reuses the method newly added to Selenium.pm and improve
existing tests.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19181: Change to use ENV, fix login and passwords
Mark Tompsett [Mon, 30 Oct 2017 03:28:20 +0000 (03:28 +0000)]
Bug 19181: Change to use ENV, fix login and passwords

The kohadevbox has admin/admin set, so for testing when
creating the initial superuser, if you wish to minimize
effort, use admin/admin. Otherwise, make sure to:
export KOHA_USER={whatever your user is}
export KOHA_PASS={whatever your password is}
before attempting to run the test.

Also, this test was failing because of a validation check on
the passwords requiring uppercase letters, lowercase letters,
and numbers. Changed the sample data passwords to fix.

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 19181: Selenium test for logging into the Koha intranet and OPAC
Alex Buckley [Thu, 20 Jul 2017 10:50:49 +0000 (10:50 +0000)]
Bug 19181: Selenium test for logging into the Koha intranet and OPAC

This selenium test goes through the process of creating a category and
patron user (as is completed in the basic_workflow.t test) then the
superlibrarian used to create them is logged out and the newly created
patron user authenticates into the OPAC and staff intranet therefore testing the
authenitcation of both.

Test plan (this test plan includes how to install Selenium as well as
how to run this test, for the benefit of people who have not got
Selenium installed on their machines):

1. wget https://selenium-release.storage.googleapis.com/2.53/selenium-server-standalone-2.53.0.jar

2. vim /etc/apt/sources.list.d/firefox.list

3. Paste into the file:
deb http://packages.linuxmint.com debian import

4. sudo apt-get update

5. sudo apt-get install firefox

6. sudo apt-get install xvfb

7. Set the SELENIUM_PATH vartiable:
SELENIUM_PATH=/home/vagrant/kohaclone/selenium-server-standalone-2.53.0.jar

8. Xvfb :1 -screen 0 1024x768x24 2>&1 >/dev/null &

9. DISPLAY=:1 java -jar $SELENIUM_PATH

Note: This will start up the selenium server. Everytime you want to shut
down this terminal window and want to restart Selenium just run the step
9 command to restart the Selenium server

10. Open a new terminal window and write in:
git clone https://github.com/gempesaw/Selenium-Remote-Driver --branch
build/master --single-branch --depth 1

11. cd Selenium-Remote-Driver

12. perl Makefile.PL

13. make

14. make test

15. sudo make install

16. Now everything is installed and you can et up for running the selenium tests

17. Create a superlibrarian user with the username koha and password
koha

18. If your usual port configuration for the intranet and OPAC is 8081
and 8080 respectively then set the staffClientBaseURL and OPACBaseURL
system preferences to localhost:8080 and localhost:80 respectively

19. sudo koha-shell <instancename>

20. perl t/db_dependent/selenium/authenticate.t

21. The test should pass.
Note: The time_diff comments in the test output showing what the test is
doing

Note: If you have issues with installing Selenium and
Selenium::Remote::Driver please write a comment on the bug report and I
will be more than happy to create a screencapture video showing all the
steps

Sponsored-By: Catalyst IT
https://bugs.koha-community.org/show_bug.cgi?id=19181

Signed-off-by: Mark Tompsett <mtompset@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 11943: Add unit test for double accepts
Marcel de Rooy [Fri, 4 May 2018 07:54:30 +0000 (09:54 +0200)]
Bug 11943: Add unit test for double accepts

Test plan:
Run t/db_dependent/Virtualshelves.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 11943: Prevent double accepts in Koha::Virtualshelfshare
Marcel de Rooy [Fri, 4 May 2018 07:34:02 +0000 (09:34 +0200)]
Bug 11943: Prevent double accepts in Koha::Virtualshelfshare

This 'bug' existed long enough now to finally remove it ;)

We do so by deleting the invitation if the borrower already has a share
on this list. Actually not that hard.

We still need: a unit test and a db revision.

Test plan:
[1] Share a list. Let user B accept.
[2] Without this patch: Share again and let B accept again.
[3] Verify that you have two shares for this list in virtualshelfshares.
[4] With this patch: Share another list, let B accept.
[5] Share this other list again, let B accept again.
[6] Verify that virtualshelfshares does not contain double entries now.
    (Note: This pertains to the second list only.)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 18789: Fix borrowernumber on members/files.tt
Jonathan Druart [Thu, 10 May 2018 17:41:45 +0000 (14:41 -0300)]
Bug 18789: Fix borrowernumber on members/files.tt

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20073: Update DBIC Schema changes
Jonathan Druart [Wed, 9 May 2018 15:55:31 +0000 (12:55 -0300)]
Bug 20073: Update DBIC Schema changes

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20734: Add warning to the about page if RESTOAuth2ClientCredentials and not Net...
Tomas Cohen Arazi [Wed, 9 May 2018 14:31:34 +0000 (11:31 -0300)]
Bug 20734: Add warning to the about page if RESTOAuth2ClientCredentials and not Net::OAuth2::AuthorizationServer

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: DBRev 17.12.00.044
Jonathan Druart [Tue, 8 May 2018 19:07:03 +0000 (16:07 -0300)]
Bug 20624: DBRev 17.12.00.044

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: Net::OAuth2::AuthorizationServer is not a hard dependency
Tomas Cohen Arazi [Tue, 8 May 2018 17:58:55 +0000 (14:58 -0300)]
Bug 20624: Net::OAuth2::AuthorizationServer is not a hard dependency

While we get packaging sorted, Net::OAuth2::AuthorizationServer is not a
hard dependency for Koha and the feature requiring it is disabled by
default.

This patch:
- Makes the dependency optional
- Makes the unit tests for the OAuth2 client credentials flow skip if
  the dependency is not met.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: (QA follow-up) Add missing POD in Koha::REST::V1::OAuth
Tomas Cohen Arazi [Mon, 7 May 2018 14:57:59 +0000 (11:57 -0300)]
Bug 20624: (QA follow-up) Add missing POD in Koha::REST::V1::OAuth

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: (QA follow-up) Handle missing deps gracefuly
Tomas Cohen Arazi [Thu, 3 May 2018 18:29:22 +0000 (15:29 -0300)]
Bug 20624: (QA follow-up) Handle missing deps gracefuly

This patch makes the /token endpoint and the authenticate_api_request
method behave correctly in the event of missing deps for OAuth2.

To test:
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: The behaviour is not implemented
- Apply this patch
- Run:
 k$ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: (QA follow-up) Unit tests for missing deps situation
Tomas Cohen Arazi [Thu, 3 May 2018 18:24:56 +0000 (15:24 -0300)]
Bug 20624: (QA follow-up) Unit tests for missing deps situation

This patch tests the situation in which Net::OAuth2::AuthorizationServer
is missing. It mocks Module::Load::Conditional::can_load and expects the
/token endpoint answers 'Unimplemented grant type' to all requests, and
the 'authenticate_api_request' in 'under' exit with unauthorized (403)
to requests in which the Authorization header is passed containing a
Bearer token, but OAuth2 is not really available.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests fail because our REST endpoints don't support this
behaviour.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: Make staff client respect RESTOAuth2ClientCredentials
Tomas Cohen Arazi [Wed, 2 May 2018 18:55:31 +0000 (15:55 -0300)]
Bug 20624: Make staff client respect RESTOAuth2ClientCredentials

This patch makes the staff client UI respect the
RESTOAuth2ClientCredentials syspref.

To test:
- Make sure RESTOAuth2ClientCredentials is "Don't enable"
- Go to a patron's detail page
=> SUCCESS: The 'More' dropdown doesn't show the API keys management
link.
- Enable RESTOAuth2ClientCredentials
- Reload
=> SUCCESS: The 'More' dropdown shows the API keys management link
- Click on the API keys management link
=> SUCCESS: You can edit the api keys
- Disable the syspref
- Reload
=> SUCCESS: You are presented an error 400 page.
- Sign off :-D

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: Make /api/v1/oauth/token respect RESTOAuth2ClientCredentials
Tomas Cohen Arazi [Wed, 2 May 2018 18:51:38 +0000 (15:51 -0300)]
Bug 20624: Make /api/v1/oauth/token respect RESTOAuth2ClientCredentials

This patch makes the /api/v1/oauth/token enpoint respect the
RESTOAuth2ClientCredentials syspref. It will return 400 (with
'Unimplemented grant type' error message) on the event of the syspref
being disabled and the grant_type => 'client_credentials' value passed.

To test:
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: It fails because the off-switch is not implemented
- Apply this patch
- Run:
  k$ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass!
- Sign off :-D

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: Unit tests
Tomas Cohen Arazi [Wed, 2 May 2018 18:21:53 +0000 (15:21 -0300)]
Bug 20624: Unit tests

This patch adds tests to verify that disabling the RESTOAuth2ClientCredentials syspref
makes any request on the /api/v1/oauth/token using the
'client_credentials' grant fail with 'grant not implemented'.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests fail because the change is not implemented!

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20624: Add RESTOAuth2ClientCredentials syspref
Tomas Cohen Arazi [Wed, 2 May 2018 14:20:37 +0000 (11:20 -0300)]
Bug 20624: Add RESTOAuth2ClientCredentials syspref

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20612: (QA follow-up) Fix typo in method POD
Tomas Cohen Arazi [Thu, 3 May 2018 18:53:16 +0000 (15:53 -0300)]
Bug 20612: (QA follow-up) Fix typo in method POD

As Martin correctly highlighted, the method name is not correctly
spelled in POD. This patch fixes it.

To test:
- Look carefully
=> FAIL: Method name is _verify_client_cb but POD says _verify_client_db
- Apply this patch
- Look carefully
=> SUCCESS: Notice the POD is fixed!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20612: koha-conf.xml cleanup
Tomas Cohen Arazi [Wed, 18 Apr 2018 16:40:13 +0000 (13:40 -0300)]
Bug 20612: koha-conf.xml cleanup

Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20612: Make OAuth2 use patron's client_id/secret pairs
Tomas Cohen Arazi [Wed, 18 Apr 2018 16:34:18 +0000 (13:34 -0300)]
Bug 20612: Make OAuth2 use patron's client_id/secret pairs

This patch wires the OAuth related code so it leverages on the new
Koha::ApiKey(s) classes and tools introduced by bug 20568 instead of the
hardcoded entries in koha-conf.xml originally proposed by bug 20402.

To test revisit the test plan for bug 20402, and verify that it works.
But create API key pairs instead of writing them down in koha-conf.xml.
Also:
- Run:
  $ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass!
- Sign off :-D

Sponsored-by: ByWater Solutions
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20612: Unit tests
Tomas Cohen Arazi [Wed, 18 Apr 2018 16:32:34 +0000 (13:32 -0300)]
Bug 20612: Unit tests

This patch makes the oauth.t tests leverage on the new Koha::ApiKey(s)
classes. It adds tests for expired tokens too.

To test:
- Apply this patch
- Run:
  $ kshell
 k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests should fail without the rest of the patches.

Sponsored-by: ByWater Solutions
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: DBRev 17.12.00.043
Jonathan Druart [Tue, 8 May 2018 19:06:22 +0000 (16:06 -0300)]
Bug 20568: DBRev 17.12.00.043

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: fix shebang
Jonathan Druart [Tue, 8 May 2018 19:27:54 +0000 (16:27 -0300)]
Bug 20568: fix shebang

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: Fix bad resolution conflict with bug 18403
Jonathan Druart [Tue, 8 May 2018 19:15:54 +0000 (16:15 -0300)]
Bug 20568: Fix bad resolution conflict with bug 18403

borrowers module permission has now several subpermissions

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: (QA follow-up) Remove unused vars
Tomas Cohen Arazi [Thu, 3 May 2018 18:51:15 +0000 (15:51 -0300)]
Bug 20568: (QA follow-up) Remove unused vars

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: (QA follow-up) Remove api-key management from OPAC
Tomas Cohen Arazi [Wed, 2 May 2018 14:05:05 +0000 (11:05 -0300)]
Bug 20568: (QA follow-up) Remove api-key management from OPAC

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: CSRF protection
Tomas Cohen Arazi [Wed, 18 Apr 2018 17:38:02 +0000 (14:38 -0300)]
Bug 20568: CSRF protection

Edit: fix warning introduced by this patch

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: (QA follow-up) Get rid of the id column
Tomas Cohen Arazi [Sat, 14 Apr 2018 17:50:23 +0000 (14:50 -0300)]
Bug 20568: (QA follow-up) Get rid of the id column

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: (QA follow-up) Make sure client_id and secret are not overwritten on store
Tomas Cohen Arazi [Wed, 18 Apr 2018 16:56:28 +0000 (13:56 -0300)]
Bug 20568: (QA follow-up) Make sure client_id and secret are not overwritten on store

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: (QA follow-up) Test client_id and secret are not overwritten
Tomas Cohen Arazi [Wed, 18 Apr 2018 16:56:00 +0000 (13:56 -0300)]
Bug 20568: (QA follow-up) Test client_id and secret are not overwritten

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: (follow-up) Atomic update fix
Tomas Cohen Arazi [Wed, 18 Apr 2018 13:55:43 +0000 (10:55 -0300)]
Bug 20568: (follow-up) Atomic update fix

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: Move value => client_id + secret
Tomas Cohen Arazi [Mon, 16 Apr 2018 19:04:26 +0000 (16:04 -0300)]
Bug 20568: Move value => client_id + secret

This patch addresses the request from Julian that api keys are expected
to be client id/secret pairs.

It does so by
- Adding 'client_id' and 'secret' columns
- Removing 'value'

Tests got adjusted and so controller scripts and templates.
Both libs and tests changes have been squashed. This ones remain in
order to keep Owen's attribution on the template changes and avoid
rebase conflicts.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: (follow-up) Interface and markup changes
Owen Leonard [Mon, 16 Apr 2018 15:23:50 +0000 (15:23 +0000)]
Bug 20568: (follow-up) Interface and markup changes

This patch makes some interface changes to bring things better in line
with existing interface patterns. This patch also re-indents the
modified templates with 4 spaces instead of 2 and makes <input>s
self-closing.

Also changed: Corrected system preference check in opac-apikeys.pl.

To test, apply the patch and:

In the staff client:

 - Open a patron record and choose More -> Manage API keys.
   - There should be a standard message dialog containing a link to
     "Generate a new key."
     - Clicking the link should show the form for adding a new key.
     - Test that clicking the "Cancel" link hides the form.
     - Test that creating the new key works correctly.
   - You should now see a table showing existing keys and a "Generate a
     new key" button above it.
     - Test that the "Delete" button asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.

In the OPAC:

 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Allow."
 - Log in to the OPAC and click the "your API keys" link in the sidebar.
   - Clicking the "Generate new key" button should display the form for
     adding a new key.
     - Clicking the "cancel" link should hide the form.
     - Submitting the form should add a new key.
   - You should now see a table showing existing keys.
     - Test that the "Delete" link asks for confirmation, and that
       confirming and denying both work correctly.
     - Test that "Revoke" and "Activate" actions still work correctly.
 - Set the AllowPatronsManageAPIKeysInOPAC system preference to "Don't
   allow."
   - Log in to the OPAC and confirm that the "your API keys" link in the
     sidebar is no longer visible.
     - Confirm that navigating directly to /cgi-bin/koha/opac-apikeys.pl
       results in a 404 error.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
6 years agoBug 20568: API key management for OPAC users
Tomas Cohen Arazi [Sat, 14 Apr 2018 20:38:03 +0000 (17:38 -0300)]
Bug 20568: API key management for OPAC users

This patch makes the OPAC interface for API keys management work
with the new lib. Verify all actions work for a logged user.

Users without login should be redirected to an error page.

The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the
OPAC feature is enabled or not.

To test:
- Verify the syspref works
- Verify users can manage their API keys

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>