]> git.koha-community.org Git - koha.git/log
koha.git
2 months agoBug 28762: Replace is_notforloan with not_for_loan
Martin Renvoize [Mon, 22 Jul 2024 15:14:08 +0000 (16:14 +0100)]
Bug 28762: Replace is_notforloan with not_for_loan

This patch replaces the use of is_notforloan with not_for_loan and
removes the older is_notforloan method and tests

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 4e6d9d13bf879593303eed8188bcfc615111519c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: Confirm return of not_for_loan in boolean context matches is_notforloan
Martin Renvoize [Mon, 22 Jul 2024 15:09:30 +0000 (16:09 +0100)]
Bug 28762: Confirm return of not_for_loan in boolean context matches is_notforloan

This patch is simply here to prove that is_notforloan is just
not_for_loan but in a boolean context.. we'll remove it in the next
patch.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0d5c224cc30a74a0b258bd3e929b82bbd3e2e088)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: (follow-up) Remove warning in tests
Martin Renvoize [Mon, 22 Jul 2024 12:29:06 +0000 (13:29 +0100)]
Bug 28762: (follow-up) Remove warning in tests

Looks like a recent bug introduced a superflous warning, we just clean
that up here whilst we're in the code.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e45a595996c69a980c47ea68102188ffea76c93f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: Unit tests for not_for_loan accessor
Martin Renvoize [Mon, 29 Jan 2024 10:46:07 +0000 (10:46 +0000)]
Bug 28762: Unit tests for not_for_loan accessor

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 99b800620e17f2cbeec2aa472d03e8106d3243af)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: Add test for new 'instructors' accessor
Martin Renvoize [Mon, 29 Jan 2024 09:41:08 +0000 (09:41 +0000)]
Bug 28762: Add test for new 'instructors' accessor

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit fdd6a019320788c47f38bef716ec752befe3d492)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: Move notforloan fallback into object
Martin Renvoize [Fri, 24 Sep 2021 09:25:53 +0000 (10:25 +0100)]
Bug 28762: Move notforloan fallback into object

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 294447d07e1a880e58dc28a458a1229dddf20767)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: Update item-status include
Martin Renvoize [Fri, 24 Sep 2021 07:39:52 +0000 (08:39 +0100)]
Bug 28762: Update item-status include

This patch updates the item-status include so that it expects just an
item object making if simpler and more widely re-usable.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8ff4d3740e92194fb5e3df0739af89d8ac2d4842)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: Use Koha::Course in course-details controller
Martin Renvoize [Thu, 23 Sep 2021 18:06:43 +0000 (19:06 +0100)]
Bug 28762: Use Koha::Course in course-details controller

This patch updates Koha::Course to include the 'instructors' relation
accessor and then update the course-details controller to use the
Koha::Course object and pass it to the template instead of building a
hash using GetCourse.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7f38c77d091cd4192b039041bcc3a00a05e10583)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: (follow-up) fix template logic with Available
Lucas Gass [Wed, 8 Sep 2021 17:01:03 +0000 (17:01 +0000)]
Bug 28762: (follow-up) fix template logic with Available

Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 316c14c1bf75cec6f3fcae61fa29a69223a292c6)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: handle notforloan better
Lucas Gass [Tue, 27 Jul 2021 21:45:12 +0000 (21:45 +0000)]
Bug 28762: handle notforloan better

Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit e3e306efdb622f4c4857aa645c72c89320dac63d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 28762: add staff item-status.inc and better handle statues on course-details.tt
Lucas Gass [Tue, 27 Jul 2021 21:17:48 +0000 (21:17 +0000)]
Bug 28762: add staff item-status.inc and better handle statues on course-details.tt

This patch adds an item-status.inc to the staff side much like what is already in place on the OPAC.

To test:
1. create a course in course reserves, add an item to it.
2. confirm your item shows Available for its status on course-details.pl
3. edit your item to be withdrawn, lost, damaged, notforloan, and restricted use
4. reload course-details.pl, confirm it still shows available
5. apply patch
6. repeat step 3 with each of the statuses and make sure it correctly shows on course-details.pl

Signed-off-by: Hayley Pelham <hayleypelham@catalyst.net.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 38427cc357de46d60114ca308329c89f3220a9dd)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37374: (follow-up) Add csrf token and op to form
Martin Renvoize [Thu, 25 Jul 2024 09:54:36 +0000 (10:54 +0100)]
Bug 37374: (follow-up) Add csrf token and op to form

This patch adds a hidden op input and csrf token to the clubs hold
request form.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 83966f4273093dc2d31f13a81ed563c2d5b16dd6)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37374: Fix functionality of 'Place hold' button for club holds
Sam Lau [Mon, 22 Jul 2024 15:48:01 +0000 (15:48 +0000)]
Bug 37374: Fix functionality of 'Place hold' button for club holds

To test:
1) create a club
2) put 1 patron in your club
3) find a bib
4) Click Holds, then Clubs
5) search for your club, confirm hold detail
6) click Place Hold
7) nothing happens
8) Apply patch
9) Refresh page and click 'Place hold' again
10) Hold is properly placed

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0f7d3fab6cef893b3fa7c0bdb8e71c8f5b960b55)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 26866: Sort items table on additem by cn_cort
Brendan Lawlor [Mon, 22 Jul 2024 18:11:11 +0000 (18:11 +0000)]
Bug 26866: Sort items table on additem by cn_cort

This patch changes the data-order attribute for the item callnumber column
to use the item's cn_sort instead of the callnumber value.

Test plan:
1. Create a bib
2. Add three items with source of classification LLC
    call numbers:
    JC43 .G6 1890
    JC330 .F74 2000
    JC480 .R63 2006
4. On additem.pl sor the items table by 'Full call number'
5. Confirm the items are now ordered correctly by cn_sort
6. Confirm the other columns still sort correctly

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 033e9abc302d14b8edf83051af5b8f07c4314a61)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37302: (follow-up) Update yarn.lock
Martin Renvoize [Wed, 24 Jul 2024 06:49:18 +0000 (07:49 +0100)]
Bug 37302: (follow-up) Update yarn.lock

We were having some issues with package building because we missed the
update to the yarn.lock file here.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5c8baafc6111d34c4804dbd5094d000215d14d88)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37302: Add swagger-cli to devDependancies
Martin Renvoize [Wed, 10 Jul 2024 10:26:09 +0000 (11:26 +0100)]
Bug 37302: Add swagger-cli to devDependancies

This patch adds swagger-cli 4.0.4+ to the devDependancies section of
package.json. This should ensure it gets installed when appropriate

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 86938e11fbdd3d9d3475d30a986aaef8912ea9c8)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37302: Set test to failed if swagger-cli missing
Martin Renvoize [Wed, 10 Jul 2024 10:12:56 +0000 (11:12 +0100)]
Bug 37302: Set test to failed if swagger-cli missing

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit be3924a70f1a610330c631175f01ac8f2cfd8f49)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37400 - In returns.pl don't search for a patron unless needed
Kyle M Hall [Thu, 18 Jul 2024 11:27:47 +0000 (07:27 -0400)]
Bug 37400 - In returns.pl don't search for a patron unless needed

In returns.pl we find a patron, then use it in an if statement.

Test Plan:
Cancel a hold with other holds remaining on the record.
No change should be noted.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 82535a488764be5437c47d38953eb0aea81ce4ee)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 36885: Fix Bootstrap tooltip on budget planning page
Owen Leonard [Thu, 16 May 2024 13:57:11 +0000 (13:57 +0000)]
Bug 36885: Fix Bootstrap tooltip on budget planning page

This patch finishes the process of adding a Bootstrap tooltip to the
listing of funds which are locked.

To test, apply the patch and go to Administration -> Budgets.

- Edit a budget and make it locked: Check the "Lock budget" checkbox and
  save.
- View the budget you locked.
- From the toolbar, click Planning -> Plan by months.
- In the table of funds, hover your mouse over a fund.
- You should see a Bootstrap-styled tooltip, "Fund locked."

Signed-off-by: David Nind <david@davidnind.com>
Bug 36885: (follow-up) Correct popup hint

Bug 36885: (follow-up) Remove tooltip from unlocked budgets (copy-paste error)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit deb9bf78b8197eeb90e2c9c9088104a0b91d498b)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37324: Self registration complete login form won't login user
Jan Kissig [Mon, 15 Jul 2024 11:01:39 +0000 (13:01 +0200)]
Bug 37324: Self registration complete login form won't login user

This patch fixes the self registration complete login form which appears after a complete self registration process.

To test:
a) open http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=PatronSelfRegistrationDefaultCategory
b) set PatronSelfRegistration to allow
c) set PatronSelfRegistrationDefaultCategory to Self registration
d) logout or open a private tab
e) http://localhost:8080/cgi-bin/koha/opac-memberentry.pl and enter required fields
f) Registration complete! appears with a prefilled login form. Click Log in.
g) Check you are not logged in

apply patch and redo steps e-f and check that login worked.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0988be4a599209d4b8a72659c39198b060d28e6f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 29509: DBRev 24.05.03.002
Lucas Gass [Wed, 28 Aug 2024 19:57:42 +0000 (19:57 +0000)]
Bug 29509: DBRev 24.05.03.002

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 29509: (QA follow-up) Tidy atomic update
Kyle M Hall [Fri, 19 Jul 2024 13:54:44 +0000 (09:54 -0400)]
Bug 29509: (QA follow-up) Tidy atomic update

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0505531cde2e0513a2c8fbc3c91d18f9ae3a3a89)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 29509: (QA follow-up) Check top level permissions too
Martin Renvoize [Tue, 7 May 2024 13:18:04 +0000 (14:18 +0100)]
Bug 29509: (QA follow-up) Check top level permissions too

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 56c7c3782b2ceacbbd2777ec0f3fa9955e877d2c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 29509: Update swagger specification and add permissions to users
Martin Renvoize [Mon, 22 Jan 2024 16:49:56 +0000 (16:49 +0000)]
Bug 29509: Update swagger specification and add permissions to users

This patch removes the 'edit_borrowers', 'manage_bookings',
'lable_creator', 'routing' and 'order_manage' permissions from the list
of options in the patrons list endpoint.

We then assign the new 'list_borrowers' permission to any users who have
those removed permissions

Test plan
1) Apply patch and run the database update
2) Users with any of the permissions listed above should now also have
   the 'list_borrowers' permission too.
3) Check that patron searching continues to work from the various
   locations in the UI for the above affected users

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Incorporated second patch and removed 1<<4. 16 reads much better :)

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 85ea79c45b6f95baee9ec955c6c09046808771b5)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37399: Fix showing itemtype on holdings table
Emmi Takkinen [Thu, 18 Jul 2024 09:34:12 +0000 (12:34 +0300)]
Bug 37399: Fix showing itemtype on holdings table

If syspref "noItemTypeImages" is disabled, holdings table won't display
itemtype column. This patch fixes this.

To reproduce:
1. Enable syspref "noItemTypeImages".
2. Find biblio with items.
   => Note that itemtype column is displayed on holdings table.
3. Disable syspref "noItemTypeImages".
   => Itemtype column is no longer displayed on holdings table.
4. Apply this patch.
   => Now column should be displayed correctly.

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 313f7e86b8b9bb063d07be292dd352c2f889fa99)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37226: append a random number to the `id` attribute of each <li>
Andreas Roussos [Mon, 1 Jul 2024 14:27:42 +0000 (14:27 +0000)]
Bug 37226: append a random number to the `id` attribute of each <li>

When you view the authority details page for a term that contains more
than one terms with broader relationship, clicking on the expand/collapse
arrows next to the top-level terms in the hierarchy tree will not work
properly, i.e. *only one* broader term will show the narrower term under
it at any given time.

This is affecting both the OPAC and the Staff interface.

This is happening because in the HTML source of the page the individual
<li> elements associated with each node do not have unique `id` values,
which confuses the JavaScript library (jsTree) responsible for rendering
the hierarchy tree.

This patch fixes that by appending a random number to each `id` attribute.

Test plan:

0) Enable the AuthDisplayHierarchy System Preference (set to 'Show').

1) Copy the provided MARC21 Authority sample data (sample-data.mrc)
   to your KTD Koha container (it must have MARC21 marc flavour):

   docker cp sample-data.mrc koha-koha-1:/kohadevbox/

2) Import the provided authorities (the sample file contains three
   Geographic Name records):

   WARNING! the --delete switch is passed to bulkmarcimport.pl
   WARNING! this will erase any authority data you have in your instance!
   (this is done to retain the broader/narrower authid associations)

   misc/migration_tools/bulkmarcimport.pl --authorities --file=/kohadevbox/sample-data.mrc --verbose -c=MARC21 --delete -m=ISO2709

3) Visit the authority details page for 'Athens' in OPAC/Staff:

   http://localhost:8080/cgi-bin/koha/opac-authoritiesdetail.pl?authid=3
   http://localhost:8081/cgi-bin/koha/authorities/detail.pl?authid=3

   In the authority hierarchy tree, click the arrows next to 'Europe'
   and 'Greece' to expand and show the narrower term: notice how only
   one item works at any given time.

4) Apply the patch.

5) Repeat step 3) (refresh the pages) -- this time you should be able
   to view 'Athens' as a narrower term of both 'Europe' and 'Greece'
   at the same time.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 24e54b1fd4b241a0d5723ff7ec97b2fe9645d577)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37343: Fixed search for vendors when transferring an item in acquistions
Eric Garcia [Tue, 16 Jul 2024 17:00:43 +0000 (17:00 +0000)]
Bug 37343: Fixed search for vendors when transferring an item in acquistions

To test:
1. Have several vendors in acquistions
2. Add a basket and click "+Add to basket"
3. I used an mrc file to add an order from a new file
4. Stage for import -> add staged files to basket
5. Select the items and choose an item type
6. In the Orders table click 'Transfer' under the 'Modify' column
7. Try searching for vendors, nothing happens.
8. Apply patch restart_all
9. Click 'Transfer' again and try searching for vendors.
10. Notice vendors appear

NOTE:
Vendor search is a GET operation not POST. Use 'do_search' instead of 'cud-do_search'.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 54575f3c30f6eab9adf2078ffcb92cee05a987dc)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 29087: (QA follow-up): Fix QA tests
Matt Blenkinsop [Fri, 28 Jun 2024 13:53:10 +0000 (13:53 +0000)]
Bug 29087: (QA follow-up): Fix QA tests

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Conform BZ comment31
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7f5e1fac86bf7eaa3f217a8e41cc4522e7fe9c3c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 29087: Add unit tests
Matt Blenkinsop [Tue, 16 Apr 2024 12:47:16 +0000 (12:47 +0000)]
Bug 29087: Add unit tests

prove t/db_dependent/Koha/Items.t

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 44d3762a6921a323443ca56996fc55d5e96cc9b8)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 29087: Prevent filter_by_for_hold to crash if default holdallowed is not_allowed
Jonathan Druart [Fri, 19 Nov 2021 12:27:44 +0000 (13:27 +0100)]
Bug 29087: Prevent filter_by_for_hold to crash if default holdallowed is not_allowed

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8c804c17493ecc9cb993c5434644c1b2a860bae3)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37260: Check message broker for both 'about' and 'sysinfo' tabs
Pedro Amorim [Fri, 5 Jul 2024 13:28:24 +0000 (13:28 +0000)]
Bug 37260: Check message broker for both 'about' and 'sysinfo' tabs

Test plan:
1) Apply test patch only
2) Visit <staff_url>/cgi-bin/koha/about.pl
3) Notice it shows 'Using RabbitMQ' (it should show 'Using SQL polling')
4) Apply this patch, repeat 3)
5) Notice it now shows 'Using SQL polling'
6) Remove test patch. Notice it shows 'Using RabbitMQ' again.
7) Repeat test plan but for /cgi-bin/koha/about.pl?tab=sysinfo tab

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6a321c6ee44413e1e3601d1d9fcd727788e2bb3f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37111: Fix renew link on opac-user.tt
Lucas Gass [Tue, 18 Jun 2024 19:34:52 +0000 (19:34 +0000)]
Bug 37111: Fix renew link on opac-user.tt

To test:
1. Check some items out to a patron
2. Set the username and apssword for the patron so that you can log in as that patron.
3. Log in to the OAPC as that patron.
4. Go to Your account > Summary (the default landing page after you log in).
5. Click "Renew" for one of the items.
6. You get the error as above.
7. APPLY PATCH
8. Try steps 1 -5 again, you should not get an error.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Alexander Wagner <alexander.wagner@desy.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 58838fc263ecc9a843c94520e373030c77fc4eed)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37111: Add submit-form asset to OPAC assets
Lucas Gass [Tue, 18 Jun 2024 19:34:24 +0000 (19:34 +0000)]
Bug 37111: Add submit-form asset to OPAC assets

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Alexander Wagner <alexander.wagner@desy.de>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6c56d3d90b92a4ca6f7120a187adb35d3e6fd914)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37371: Move Maskito instantiation to onReady ( OPAC )
Lucas Gass [Wed, 17 Jul 2024 15:10:24 +0000 (15:10 +0000)]
Bug 37371: Move Maskito instantiation to onReady ( OPAC )

To test:
1. Find a any date picker in Koha, like DOB in the patron record.
2. Add a date, either manually or using the date picker.
3. Once there is a date like 07/15/2024 try to edit only part of the
   date, or the '15'.
4. The date easily becomes malformed.
5. APPLY PATCHSET, maybe clear your browser cache too
6. Try directly inputing dates. I would suggest the following places:

-Patron record DOB
-Specify due date on circ/circulation.pl as this includes time
-Add item screen, this is the dateaccessioned plugin
-OPAC self reg/self modify

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit bae3203f700cdac634b5bd3c65e02902c8ae50bf)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37371: Move Maskito init to onReady in dateaccessioned.pl
Lucas Gass [Wed, 17 Jul 2024 14:58:14 +0000 (14:58 +0000)]
Bug 37371: Move Maskito init to onReady in dateaccessioned.pl

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit f723c33d480dbd1883fa32dc85e6cc0bd8a5c0a0)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37371: Set overwrite mode to replace
Lucas Gass [Wed, 17 Jul 2024 14:50:42 +0000 (14:50 +0000)]
Bug 37371: Set overwrite mode to replace

In our case I think overwriteMode needs to be set to replace:

https://maskito.dev/core-concepts/overwrite-mode
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0f04c9a26afe02824e1c3b213a4c0f8ad212278c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37371: Move Maskito instantiation to onReady
Martin Renvoize [Wed, 17 Jul 2024 14:08:58 +0000 (15:08 +0100)]
Bug 37371: Move Maskito instantiation to onReady

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7e1de5b5574bf09cdc9c4f83f6f0acd916c6d6cf)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37216: DBRev 24.05.03.001
Lucas Gass [Wed, 28 Aug 2024 19:25:41 +0000 (19:25 +0000)]
Bug 37216: DBRev 24.05.03.001

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37216: (follow-up) Clear invalid value
Emily Lamancusa [Fri, 28 Jun 2024 21:02:50 +0000 (17:02 -0400)]
Bug 37216: (follow-up) Clear invalid value

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 37683ffd695f6cc0c356325e8b9f2c2a516e1477)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37216: (QA follow-up) Add update to set existing options
Martin Renvoize [Fri, 28 Jun 2024 15:03:03 +0000 (16:03 +0100)]
Bug 37216: (QA follow-up) Add update to set existing options

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit fbcdce5e0a00da4eb8884a7786ead92db966ad16)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoBug 37216: Fix SQL for EmailFieldSelection
Emily Lamancusa [Thu, 27 Jun 2024 20:27:37 +0000 (16:27 -0400)]
Bug 37216: Fix SQL for EmailFieldSelection

Test plan:
Part A: New installation
1. Start a fresh test instance
2. Set EmailFieldPrimary to "selected addresses", and do not touch
    EmailFieldSelection
3. Edit a patron to ensure the following fields are set:
   - Primary email
   - Secondary email
   - Alternate email
   - Enable email notices for item checkout
4. Attempt to check an item out to that patron
--> Koha explodes!
5. Apply patch
6. reset_all
7. Repeat steps 2-4
--> Checkout succeeds!
8. Ensure test plan for bug 12802 still passes

Part B: Upgraded installation
1. Start a fresh test instance at version 23.11
2. Switch to main
3. Install database update
4. Set EmailFieldPrimary to "selected addresses", and do not touch
    EmailFieldSelection
5. Edit a patron to ensure the following fields are set:
   - Primary email
   - Secondary email
   - Alternate email
   - Enable email notices for item checkout
6. Attempt to check an item out to that patron
--> Koha explodes!
7. Go back to 23.11 and reset_all
8. Switch to main and apply patch
9. Repeat steps 4-6
--> Checkout succeeds!
10. Ensure test plan for bug 12802 still passes

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 89a0c62da407e5981f7bc30b12691f0a1546905d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
2 months agoUpdate release notes for 24.05.03 release v24.05.03
Tomas Cohen Arazi [Mon, 12 Aug 2024 18:28:19 +0000 (15:28 -0300)]
Update release notes for 24.05.03 release

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoIncrement version for 24.05.03 release
Tomas Cohen Arazi [Mon, 12 Aug 2024 18:18:08 +0000 (15:18 -0300)]
Increment version for 24.05.03 release

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37508: Don't return Internal server error when running report
Nick Clemens [Mon, 12 Aug 2024 12:10:12 +0000 (12:10 +0000)]
Bug 37508: Don't return Internal server error when running report

To test:
1 - Create a report like:
SELECT "a"
FROM borrowers
WHERE <<Test>> != ''
2 - Run report
3 - Enter "password"
4 - Internal server error / stacktrace
5 - Apply patch
6 - Repeat
7 - Get a yellow warning box

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37508: (QA follow-up) Use ->check_columns
Marcel de Rooy [Fri, 9 Aug 2024 09:56:11 +0000 (09:56 +0000)]
Bug 37508: (QA follow-up) Use ->check_columns

Add shebang to Guided.t too.

Test plan:
See also previous commits.
Try sql like:
  select access_token from oauth_access_tokens

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37508: (QA follow-up) Move check to Koha::Report, extend
Marcel de Rooy [Fri, 9 Aug 2024 09:50:44 +0000 (09:50 +0000)]
Bug 37508: (QA follow-up) Move check to Koha::Report, extend

Do not allow password but allow password_expiry_days etc.
Do not allow token, secret and uuid too.

Test plan:
Run t/db_dependent/Koha/Reports.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37508: (follow-up) Don't pass the column or sql containing password
Aleisha Amohia [Thu, 8 Aug 2024 23:53:47 +0000 (23:53 +0000)]
Bug 37508: (follow-up) Don't pass the column or sql containing password

This patch replaces these variables with a non-translatable message.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37508: (follow-up) Throw error is password is in SQL query at all
Aleisha Amohia [Wed, 7 Aug 2024 04:37:25 +0000 (04:37 +0000)]
Bug 37508: (follow-up) Throw error is password is in SQL query at all

Confirm tests pass t/db_dependent/Reports/Guided.t

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37508: Test for errors when returning an aliased password column
David Cook [Wed, 7 Aug 2024 01:15:10 +0000 (01:15 +0000)]
Bug 37508: Test for errors when returning an aliased password column

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37508: Throw error if password column is detected in SQL report
Aleisha Amohia [Mon, 29 Jul 2024 03:53:06 +0000 (03:53 +0000)]
Bug 37508: Throw error if password column is detected in SQL report

This enhancement prevents SQL queries from being run if they would return a password field from the database table.

To test:

1. Run tests and notice they fail t/db_dependent/Reports/Guided.t

2. Apply patch and restart services

3. Create a public report with an SQL report which would access a password column in a database table
4. Try to run the report. Notice you are met with an error and the results are not shown.
5. Access the JSON URL, you should not get the results and should be shown an error
6. Confirm tests pass t/db_dependent/Reports/Guided.t

Sponsored-by: Reserve Bank of New Zealand
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37370: Return 400 if OpacExportOptions does not contain the passed format
Tomas Cohen Arazi [Tue, 16 Jul 2024 15:43:39 +0000 (12:43 -0300)]
Bug 37370: Return 400 if OpacExportOptions does not contain the passed format

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit a164c51d78f375d9d660e2c079cc7e05d2d1d326)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37466: Add correct filter for sort_by in results.tt
David Cook [Thu, 25 Jul 2024 06:44:37 +0000 (06:44 +0000)]
Bug 37466: Add correct filter for sort_by in results.tt

This patch replaces the $raw filter with the correct uri filter
for the sort_by in results.tt

Test plan:
1. Apply patch
2. Go to /cgi-bin/koha/catalogue/search.pl?count=20&sort_by=popularity_dsc&idx=kw&q=1
3. Click on "Edit this search"
4. Note that the "Popularity (most to least)" Sort by option is selected
5. Go to /cgi-bin/koha/catalogue/search.pl?count=20&sort_by=popularity_dsc&idx=kw&q=24y24ty2498294t9824yt9y23
6. Click on "Edit this search"
7. Note that the "Popularity (most to least)" Sort by option is selected

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5148e05d408b43c0eb330683ffa4c26c90faa696)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37464: Validate "type" sent to barcode/svc
David Cook [Thu, 25 Jul 2024 06:56:18 +0000 (06:56 +0000)]
Bug 37464: Validate "type" sent to barcode/svc

This change validates the "type" sent to the barcode/svc. Without this
change, we pass the user input directly to GD::Barcode, which passes
the input into an eval{} block without any validation of its own.

Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=bad&barcode=123456
3. Note that a Code39 barcode is provided for an invalid type
4. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=Code39&barcode=123456
5. Note that a Code39 barcode is provided
6. Go to http://localhost:8081/cgi-bin/koha/svc/barcode?type=UPCE&barcode=123456
7. Note that a non-Code39 barcode is provided (presumably UPCE)

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 73b0c3cf621250008845f22f7a36f90a48e00b06)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37488: Validate paths in datalink.txt/idlink.txt files
David Cook [Fri, 26 Jul 2024 04:01:43 +0000 (04:01 +0000)]
Bug 37488: Validate paths in datalink.txt/idlink.txt files

This change validates the paths in datalink.txt/idlink.txt,
so that only images in the unpacked archive directory are allowed

Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Create a datalink.txt file with the following:
42,selfie.jpg
3. Create a jpeg at selfie.jpg
4. ZIP the datalink.txt and selfie.jpg files
5. Upload to the "Upload patron images" tool
(after enabling the "patronimages" system preference)
6. Note that the image uploads correctly

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 8fcb767fe2836c90ceacb5b5d8211524571eb8aa)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37323: Tidy
David Cook [Fri, 26 Jul 2024 03:27:22 +0000 (03:27 +0000)]
Bug 37323: Tidy

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 579c28c764257a250c12aa11207772c074c1335e)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37323: Don't allow symlinks in link files in zip and validate filepaths
Chris Cormack [Thu, 18 Jul 2024 23:57:32 +0000 (23:57 +0000)]
Bug 37323: Don't allow symlinks in link files in zip and validate filepaths

Test plan:
0. Apply patch and restart/reload Koha
1. Test that uploading a patron image still works, in single file format and as a zip

Work as suggested

Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 9bc0521493fbe2f9fe0dde051d0b2f52c8a14a9a)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37323: Escape characters in patron image picture upload
Amit Gupta [Thu, 11 Jul 2024 17:43:06 +0000 (23:13 +0530)]
Bug 37323: Escape characters in patron image picture upload

To Test
1. Create a file name for example: test.zip`curl xxxxtesting.informaticsglobal.com`.zip
   where the domain is one you can watch the logs from.
2. Go to Tools and click on Upload patron images choose option zip file and upload the file.
3. Check /var/log/apache2/access.log and see the curl with the IP
   "xx.xxx.xx.xxx - - [11/Jul/2024:23:10:33 +0530] "GET / HTTP/1.1" 200 267 "-" "curl/7.68.0"
4. Apply the patch
5. Repeat 2 and 3 step and check no error is coming for the Remote execution error.
6. Test uploading actual zip file and images still works.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5c931e00f73e91467581fd29721e5af8d7fa98ab)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37255: Fix handling of "All" values on waiting hold cancellation policy
Emmi Takkinen [Thu, 4 Jul 2024 11:23:31 +0000 (14:23 +0300)]
Bug 37255: Fix handling of "All" values on waiting hold cancellation policy

If one creates a default waiting hold cancellation policy with
patron categories set as "All" and itemtype set as "All", Koha
breaks on 500 error. This happens because in we try to match
template policy with "All" values either in category or itemtype
with *, not undef. This patch fixes this.

To test:
1. Create a new default waiting hold cancellation policy and
set both patron category and itemtype as "All".
2. Save policy.
=> Error page for error 500 is displayed.
3. Apply this patch.
4. Reload page.
=> Page is displayed and policy listing displays new policy
as it should.

Sponsored-by: Koha-Suomi Oy
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
2 months agoBug 37533: Fix query in orderreceive.tt
Andreas Jonsson [Wed, 31 Jul 2024 09:06:02 +0000 (09:06 +0000)]
Bug 37533: Fix query in orderreceive.tt

The new validation in the REST API will no longer allow
the operator "in".  Consequently, it has to be replaced
with the allowed "-in".

Test plan:

 * Open an invoice and click "Go to receipt page" and
   on any basket click "receive" and make sure the dialog
   box appears.

Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
3 months agoGenerate release notes for 24.05.02 release v24.05.02
Lucas Gass [Thu, 25 Jul 2024 17:32:03 +0000 (17:32 +0000)]
Generate release notes for 24.05.02 release

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoIncrement version for the 24.05.02 release
Lucas Gass [Thu, 25 Jul 2024 17:09:20 +0000 (17:09 +0000)]
Increment version for the 24.05.02 release

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37210: Properly escape SQL query parameters by using bind values
Julian Maurice [Tue, 2 Jul 2024 14:32:32 +0000 (16:32 +0200)]
Bug 37210: Properly escape SQL query parameters by using bind values

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37210: Escape single quote in search string in overdue.pl
Hammat Wele [Thu, 27 Jun 2024 14:09:04 +0000 (14:09 +0000)]
Bug 37210: Escape single quote in search string in overdue.pl

To Test:
1. Go to /cgi-bin/koha/circ/overdue.pl
2. In the Â«Name or card number» field, type Â«Tommy'and(select(0)from(select(sleep(10)))v)and'»
3. Apply the filter
   ==> It takes 10 seconds, sleep(10) is executed
4. Inspect the page, in Â«Patron category:» field, put Â«Tommy'and(select(0)from(select(sleep(10)))v)and'» in one of his option's value
5. select the option from the filter and Apply the filter
   ==> It takes 10 seconds, sleep(10) is executed
we can inject SQL to the followin field : borname, itemtype, borcat, holdingbranch, homebranch and branch
6. Apply the patch
7. Repeat step 1,2,3
   ==> it doesn't take 10 seconds, the injected sql is not executed
8. Repeat step 5
==> it doesn't take 10 seconds, the injected sql is not executed
9. Repeat step 5 with the followin field : itemtype, holdingbranch, homebranch and branch
   ==> it doesn't take 10 seconds, the injected sql is not executed

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36481: (follow-up) Add missing library_id parameter
Martin Renvoize [Mon, 22 Jul 2024 13:49:31 +0000 (14:49 +0100)]
Bug 36481: (follow-up) Add missing library_id parameter

The /libraries/{library_id}/cash_registers endpoint was missing the
library_id parameter definition from the swagger specification.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 466d38f18d43e968f3b69562c1ee018177953681)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36480: (follow-up) Add missing library_id parameter
Martin Renvoize [Mon, 22 Jul 2024 13:52:29 +0000 (14:52 +0100)]
Bug 36480: (follow-up) Add missing library_id parameter

The /libraries/{library_id}/desks endpoint was missing the
library_id parameter definition from the swagger specification.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6aadc4a42308815803ac77c124ac4e778141e349)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Add 400 response definition to all routes
Tomas Cohen Arazi [Mon, 8 Jul 2024 20:21:25 +0000 (17:21 -0300)]
Bug 37018: Add 400 response definition to all routes

This patch adds a test for well defined 400 responses on all verbs and
paths on the API spec.

The tests verify:

* Presence of 400 response definition
* The description must start with 'Bad request' (needs coding guideline)
* If DBIC queries are allowed on the route, then `invalid_query` needs
  to be mentioned in the description.

All routes get fixed to make the tests pass.

To test:
1. Apply this patch
2. Run:
   $ ktd --shell
  k$ yarn api:bundle
  k$ prove xt/api.t
=> SUCCESS: Tests pass!

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Clarify operators
Martin Renvoize [Wed, 10 Jul 2024 08:39:33 +0000 (09:39 +0100)]
Bug 37018: Clarify operators

This patch clarifies the list of operators both in the validate routine
and in the swagger descrption block where we document this feature for
the end user.

JD amended patch: tidy

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Silence useless warning
Tomas Cohen Arazi [Mon, 8 Jul 2024 20:30:01 +0000 (17:30 -0300)]
Bug 37018: Silence useless warning

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Handle exception in unhandled_exception() helper
Tomas Cohen Arazi [Mon, 8 Jul 2024 19:48:01 +0000 (16:48 -0300)]
Bug 37018: Handle exception in unhandled_exception() helper

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: (follow-up) adding some allowed operators
Hammat Wele [Wed, 3 Jul 2024 13:59:48 +0000 (13:59 +0000)]
Bug 37018: (follow-up) adding some allowed operators

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Use validation in search_rs helper
Martin Renvoize [Wed, 5 Jun 2024 13:20:22 +0000 (14:20 +0100)]
Bug 37018: Use validation in search_rs helper

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Add validation method to Koha::REST::Plugin::Query.pm
Martin Renvoize [Wed, 5 Jun 2024 13:19:54 +0000 (14:19 +0100)]
Bug 37018: Add validation method to Koha::REST::Plugin::Query.pm

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Add Koha::Exceptions::REST
Tomas Cohen Arazi [Mon, 8 Jul 2024 17:34:25 +0000 (14:34 -0300)]
Bug 37018: Add Koha::Exceptions::REST

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Unit tests
Martin Renvoize [Wed, 5 Jun 2024 13:19:06 +0000 (14:19 +0100)]
Bug 37018: Unit tests

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37018: Regression tests
Tomas Cohen Arazi [Sat, 6 Jul 2024 13:32:07 +0000 (10:32 -0300)]
Bug 37018: Regression tests

This patch adds regression tests. With the current codebase, the
malicious query returns a 200. It should be caught and a 400 needs to be
returned.

To test:
1. Apply this patch
2. Run:
   $ ktd --shell
  k$ prove t/db_dependent/api/v1/query.t
=> FAIL: It returns a 200
3. Once the rest of the patches are ready, repeat 2
=> SUCCESS: It returns a 400

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37247: Fix display of "closed"
Jonathan Druart [Fri, 5 Jul 2024 12:47:42 +0000 (14:47 +0200)]
Bug 37247: Fix display of "closed"

The subscription was not shown as closed after we closed it.
This is because "closed" is not passed to the template.
It seems more reliable to rely on the subscription object (that is passed to both
serials/serials-collection.tt and serials/subscription-detail.tt, the
others are not showing the Reopen/Close buttons)

Also fetch the subscription object after and reopen/close it to display
accurate values.

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37247: Fix subscriptions operation allowed without authentication
Fridolin Somers [Thu, 4 Jul 2024 14:18:17 +0000 (16:18 +0200)]
Bug 37247: Fix subscriptions operation allowed without authentication

Move close and reopen after get_template_and_user().
Also move Koha::Subscriptions->find(), not a good idea to run DB queries
before authentication.

Test plan :
1) Apply patch
2) Authenticate to staff interface
3) Go to an existing open subscription
4) Open a new browser tab and use it to log-out
5) Go to first tab and click on 'Close'
6) You get login page
7) Authenticate
8) Check subscription is not closed
9) Check you can close and reopen subscription

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37146: Add tests
Jonathan Druart [Thu, 11 Jul 2024 09:40:35 +0000 (11:40 +0200)]
Bug 37146: Add tests

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37146: Prevent path traversal by validating input
David Cook [Fri, 21 Jun 2024 01:45:51 +0000 (01:45 +0000)]
Bug 37146: Prevent path traversal by validating input

This patch validates the plugin_name passed to plugin_launcher.pl
against the base path containing the "value_builder" directory.

Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Go to http://localhost:8081/cgi-bin/koha/cataloguing/addbiblio.pl?biblionumber=29
3. Check that the tag editor for leader still works
4. Go to http://localhost:8081/cgi-bin/koha/cataloguing/additem.pl?biblionumber=29
5. Check that the pluginf or "Date acquired" still works

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36863: (QA follow-up): tidy up code
Victor Grousset/tuxayo [Mon, 3 Jun 2024 18:11:24 +0000 (20:11 +0200)]
Bug 36863: (QA follow-up): tidy up code

Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36863: Deal with non-listed methods in CSRF plack middleware
Jonathan Druart [Wed, 15 May 2024 12:47:30 +0000 (14:47 +0200)]
Bug 36863: Deal with non-listed methods in CSRF plack middleware

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37074: Do no pass biblionumber
Jonathan Druart [Fri, 14 Jun 2024 07:26:53 +0000 (09:26 +0200)]
Bug 37074: Do no pass biblionumber

It is not used in the controller

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37074: Comment approval and un-approval should be CSRF-protected
Owen Leonard [Wed, 12 Jun 2024 17:49:25 +0000 (17:49 +0000)]
Bug 37074: Comment approval and un-approval should be CSRF-protected

This patch converts the "Approve" and "Unapprove" controls in the staff
client's comment moderation page so that the operations are POST instead
of GET.

To test, apply the patch and restart services.

- If necessary, enable OPACComments and submit a few comments on a few
  titles in the OPAC
- Go to Tools -> Comments
- Test the process of approving, unapproving, and deleting comments

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37385: Fix Transfer not triggering automatically when cancelling a hold by checki...
Kyle M Hall [Thu, 18 Jul 2024 12:54:30 +0000 (12:54 +0000)]
Bug 37385: Fix Transfer not triggering automatically when cancelling a hold by checking in an item

Upadates for CSRF are inadvertently stopping AddReturn from being trigger
when a hold is canceled. This is necessary to generate the transfer
back to the originating library.

Test Plan:
1) Find item with a waiting hold, and check it in
2) In the popup notifying me of the waiting hold, select 'Cancel hold'
3) Note no second popup appears notifying you of the need to transfer the item to its home library
4) Apply this patch
5) Restart all the things!
6) Repeat steps 1-2
7) Second popup appears!

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 554efbe35483dbc3dd7615f7feeaa6edf14619e6)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37183: Batch edit serial subscriptions sets expiration date to today
Chris Cormack [Sat, 29 Jun 2024 22:52:42 +0000 (22:52 +0000)]
Bug 37183: Batch edit serial subscriptions sets expiration date to today

Test plan:

Add some serials:
1) Add a new serial, visit:
   /cgi-bin/koha/serials/subscription-add.pl
2) Put a biblionumber in the 'record' field, e.g. '112'.
   Press 'next' and click 'ok' on the alert box.
3) Fill all the required fields and click 'test prediction'.
4) Fill the Subscription end date (= Expiration Date).
5) Click 'save subscription'.
6) Repeat steps 1-5 to create a second serial.

Batch edit serials:
1) Visit serials and hit the 'Search' button:
   /cgi-bin/koha/serials/serials-home.pl
2) Click the 2 checkboxes for the 2 serials we created
   previously and click the new link that pops up
   'Edit selected serials'.
3) Click 'Save' without changing anything.
4) Go back to either of the serials, notice the value
   for Expiration date is changed to TODAY
   (the date of the batch edit).

Apply the patch and retest the batch editing (before
retesting, change the expiration dates of the two
serials back to the original expiration date).

Note that the expiration date now only changes if you
enter a date in the 'Expiration date' field.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5a07a04fdb23aa13f85df64b1f2a4739397f5f28)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37377: Fix orders search do_search param
Brendan Lawlor [Thu, 18 Jul 2024 18:33:53 +0000 (18:33 +0000)]
Bug 37377: Fix orders search do_search param

This patch fixes the orders search in Acquisitions.

The form method is GET no need to prepend with cud-

Test plan:
1. Create an order that you can search for
2. Try order search, nothing happens
3. Apply patch restart all, refresh browser
4. Try order seach again and get results

Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl>
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit f80cc53470ebba24b92c05e71ac74a7c3058234c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36741: Skip auto_too_soon issues in auto renew digest
David Cook [Thu, 23 May 2024 00:47:08 +0000 (00:47 +0000)]
Bug 36741: Skip auto_too_soon issues in auto renew digest

This change adds a line to skip auto_too_soon issues/checkouts
in the auto renew digest template.

Since auto_too_soon do not trigger notifications and don't require
any special action, let's skip them in the breakdown of checkouts in
the AUTO_RENEWALS_DGST email.

Test plan:
0. Apply the patch
1. reset_all (in koha-testing-docker)
2. Note the following line in the AUTO_RENEWALS_DGST template:
[% NEXT IF (checkout.auto_renew_error == 'auto_too_soon') %]

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 05432982cf8a407872fd643206a14550c0d0a53a)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 28664: (follow-up) Throw exception if debt if VOID
Martin Renvoize [Thu, 27 Jun 2024 15:55:55 +0000 (16:55 +0100)]
Bug 28664: (follow-up) Throw exception if debt if VOID

This patch adds an exception when an attempt is made to refund against a
VOID debit.

Test plan
1) Run the included unit test

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit b18664ec45ffbe761c50b6daca487c3222f8a5e0)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 28664: Prevent refunds against void lines
Martin Renvoize [Mon, 5 Jul 2021 18:34:58 +0000 (19:34 +0100)]
Bug 28664: Prevent refunds against void lines

With the introduction of double entry accounting for VOID actions, we
need to add an additional filter to the 'Issue refund' button appearance

Test plan
1/ Add a debt
2/ Pay the debt
3/ Void the payment
4/ Confirm that with the patch applied the 'Issue refund' button doesn
not appear on the 'Void' accountline.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit a47474e3d771dff8cb3daa3c4641718796d11381)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37044: Added library branch to SCO OPAC message
Sam Lau [Thu, 6 Jun 2024 14:29:54 +0000 (14:29 +0000)]
Bug 37044: Added library branch to SCO OPAC message

This patch simply adds the correct branch at the end of an OPAC message on the SCO page.

To Test:
1) From the staff interface, click on a patron and add an OPAC message
   to their account.
2) Log into the SCO with this patron.
   (http://localhost:8080/cgi-bin/koha/sco/sco-main.pl)
3) Notice how in the "Messages for you" at the top, you will see the
   message, however, at the timestamp, it says something like "Written
   on 06/06/2024 by " w/o listing the library that sent it.
4) Apply patch
5) Log back into SCO module
6) Note that now in the message timestamp, it correctly lists the
   library that sent the message.
7) Sign-off

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 4801037abe0f8d294eb03503c2b5a275ed06f62a)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37002: Correct several HTML markup errors
Owen Leonard [Fri, 31 May 2024 13:14:17 +0000 (13:14 +0000)]
Bug 37002: Correct several HTML markup errors

This patch makes several minor corrections to HTML markup in the
bibliographic detail page template and related include files. This
corrects the following validator errors:

- Stray end tag a.
- Bad value true for attribute disabled on element select.
- Bad value true for attribute disabled on element input.
- No space between attributes.
- Duplicate attribute class.
- The value of the for attribute of the label element must be the ID of
  a non-hidden form control.

The patch is simple enough that an inspection of the patch is probably
enough, but following is a detailed test plan of the affected areas:

- Apply the patch and view the bibliographic detail page in the
  staff interface.
- Under the "Edit" menu in the toolbar, these options should still work
  correctly:
  - Modify record using template
  - Edit items in a batch
  - Delete items in a batch
- Click the "Items" link in the sidebar and find the "Bookable" setting
  for the title's items. Make at least one item bookable and return to
  the detail page.
- Click the "Place booking" button in the toolbar and confirm that you
  can successfully place the booking.
- If you have access to Novelist, confirm that Novelist content displays
  correctly on the detail page.
- Turn on the "EnableItemGroups" preference.
- On the detail page, open the "Item groups" tab and click the "New item
  group" button.
  - In the modal, the "Name" and "Display order" labels give focus to
    the corresponding form field when clicked.
  - Create an item group.
- Under the holdings tab, select one or more items and click "Add/move
  to item group".
  - In the modal, clicking the "Item group" label should give focus to
    the dropdown.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 928681a24cbcca64d02822c13776c2f92df2a963)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36895: Fix background job link
Matt Blenkinsop [Fri, 17 May 2024 13:48:28 +0000 (13:48 +0000)]
Bug 36895: Fix background job link

This patch fixes the missing job id in the links from the import KBART file page

Test plan:
1) Import a KBART file to get the message at the top of the screen.
2) The message should include a link on the text "see progress"
3) Click the link, it should just take you to the background jobs page
4) Apply patch
5) yarn build
6) Hard refresh the browser
7) Repeat steps 1-3
8) It should correctly take you to the background job

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit dc154e3dd2a4184d23d0cc8a966560bd43cb6038)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36909: Eliminate duplicate ID in cookie consent markup
Owen Leonard [Tue, 21 May 2024 14:47:21 +0000 (14:47 +0000)]
Bug 36909: Eliminate duplicate ID in cookie consent markup

This patch changes markup and CSS in the OPAC and staff client to
eliminate HTML validator warnings about duplicate ids.

To test, apply the patch and rebuild all CSS (Bug 36909: Eliminate
duplicate ID in cookie consent markup).

- If necessary, set the "CookieConsent" system preference to "Require."
- Open the OPAC in a new private window (to prevent previous consents
  from hiding the consent messages).
- You should see a cookie consent bar across the bottom of the page. It
  should look correct, and its contents should reflow well at various
  browser widths.
- Click "Accept all cookies."
- In the header you should now see a "Your cookies" link.
- Click it and confirm that the contents of the modal look correct and
  reflow well at various browser widths.

- Perform the same tests in the staff interface.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 984960351ec23994d87642ec1b077e7577ca5659)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 37198: Improve GetPreparedLetter documentation
Martin Renvoize [Wed, 26 Jun 2024 14:24:01 +0000 (15:24 +0100)]
Bug 37198: Improve GetPreparedLetter documentation

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 149412cb62a074ccdef1e1c2bbbd2bee35c48498)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36141: Add classes to CAS text on OPAC login page
Fridolin Somers [Wed, 21 Feb 2024 09:09:30 +0000 (10:09 +0100)]
Bug 36141: Add classes to CAS text on OPAC login page

This enhancement makes it easier for libraries to change the CAS-related messages on the OPAC login page.

It moved the invalid CAS login message above the CAS loging heading,
like for Shibboleth login.

Test plan :
1) Enable system preference 'casAuthentication'
2) Restart all caches (restart_all in koha-testing-docker)
3) Go to OPAC, logged out
4) Click on 'Log in to your account'
5) In the staff interface, edit the OPACUserJS system preference. Add the following JS and Save:
   $(".cas_invalid").text("Test changing the invalid CAS login message.");
   $(".cas_title").text("Test changing the CAS login heading.");
   $(".cas_url").text("Test changing the CAS account link text.");
   $(".cas_url").after(' <i class="fa fa-globe" aria-hidden="true"></i>');
6) Refresh the OPAC and confirm the text changes to reflect your JS.

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 0e1289d0149d788d7925c2e01f193da7ef3b469a)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36911: (follow-up) Add markup comments
Owen Leonard [Tue, 21 May 2024 17:12:21 +0000 (17:12 +0000)]
Bug 36911: (follow-up) Add markup comments

This patch adds comments to the template to highlight the markup
structure.

This patch should have no effect on the page's appearance or
functionality.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8d898f1746bfb049950bd3928da1cce9c5c3c14d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36911: Reindent circ-menu.inc
Owen Leonard [Tue, 21 May 2024 16:36:54 +0000 (16:36 +0000)]
Bug 36911: Reindent circ-menu.inc

This patch reindents the circ-menu include file so that it has
consistent indentation. These changes should have no visible effect on
the page.

To test, apply the patch and enable the 'CircSidebar' system
preference if necessary.

- View any circulation page, including the checkout page, to confirm
  that the left-hand sidebar menu is unchanged.
- Test with the 'patronimages' system preference both on and off.

Viewing the diff while ignoring whitespace changes should show only
places where a line break was added.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 002fbdcc62c83a13ececb1e5e3c53b742f947b8b)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36498: Tidy cataloguing/additem.pl
Kyle M Hall [Fri, 17 May 2024 10:29:39 +0000 (10:29 +0000)]
Bug 36498: Tidy cataloguing/additem.pl

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 0877dfd16d0891d0b36a906ced6f8f8e83e2d738)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36498: Add ability to set item group display order from additem.tt
Lucas Gass [Tue, 2 Apr 2024 22:27:45 +0000 (22:27 +0000)]
Bug 36498: Add ability to set item group display order from additem.tt

To test:
1. Apply patch, restart_all
2. System preferences -> EnableItemGroups, set to 'Enable'.
3. Find a record and create at least 1 item group.
4. Go to Add item
5. Scroll to the bottom and look for 'Options' underneath 'Add to item group'
6. In the dropdown select 'Create new item group'
7. There should be fields for 'Name' and 'Display order'.
8. Make sure you can add a new item group with and without a display order set. If no display order is set it should default to 0.
9. Try to add a non numerical display order, you should not be able to.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 49c55a03e70d4f4c7362cf45a5103f58c694af01)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
3 months agoBug 36128: (QA follow-up) Add regression test
Martin Renvoize [Thu, 27 Jun 2024 09:01:45 +0000 (10:01 +0100)]
Bug 36128: (QA follow-up) Add regression test

This patch adds a simple regression test to ensure we don't re-introduce
the errant warning.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 18c97c1456b527521624fc9be6f8c3bacaba28f1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>