Jonathan Druart [Mon, 18 Nov 2019 09:30:04 +0000 (10:30 +0100)]
Bug 20948: Only display item-level hold info if first hold
On the item list of the catalogue detail page we display next item-level
hold info even if it is not the next hold. That leads to confusion as it
will not necessarily be the accurate info.
This patch makes the following changes:
- Display the item-level hold only if it is the next hold (priority ==
1)
- Display "There is an item level hold on this item (priority=X)"
if there is at least 1 item-level hold placed on this item
Test plan:
- Place several next available holds on a single item record
- Place an item level hold on the item
- Go the the biblio detail page
=> Without this patch, the item will show the item level hold
=> With the patch you see "There is an item level hold on this item"
- Check the item in, confirm the hold
=> No changes, the item will show the waiting hold info
- Cancel all the holds except the item-level one
=> No changes, the item will how the item-level one
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
(cherry picked from commit 6998a32ca4e29313a02b020d9e36c0c75f129fb1)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit e46289d12c99f3fabf0d00cdd71ec8f921d69be2) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Jonathan Druart [Mon, 18 Nov 2019 09:10:56 +0000 (10:10 +0100)]
Bug 20948: Simplify existing code
No changes expected here.
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
(cherry picked from commit bdffc685f2c715b683d3b31e7c218ba71800bf43)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 62021926df99639a4432ce798f4483bbf8edaaba) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Owen Leonard [Fri, 22 Nov 2019 16:47:45 +0000 (16:47 +0000)]
Bug 13806: Sanitize inputs where creating Reports subgroup
This patch adds validation of report group and subgroup inputs so that
the user can't enter data into only one half of the group code/name
pair.
To test, apply the patch and go to Reports -> Use saved.
- Create or edit a report which doesn't have a group or subgroup
assigned.
- Under "Report group," select the "or create" radio button.
- Click the "Update SQL" button to submit the form without entering a
group code or name. The form should require taht you enter data into
both fields.
- Enter data into the report group code and name fields. Add data to
either the code or data field under "Report subgroup." You should
not be able to submit the form without populating both.
- Start over editing a report which doesn't have a group or subgroup
assigned.
- Select an existing group under "Report group."
- Under "Report subgroup," select the "or create" option.
- You should not be able to submit the form without adding data in
both the code and name fields for the report subgroup.
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
(cherry picked from commit 798cc769fe25478ed41fa50cd41fd3a90c0a4a24)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 992cbe96e6b17853b369f719d40987bbb38bd64e) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Fridolin Somers [Fri, 13 Dec 2019 06:01:23 +0000 (07:01 +0100)]
Bug 24230: fix intranet_js plugin hook before body end tag
The plugin hook intranet_js is after body tag in intranet-bottom.inc :
</body>
[% KohaPlugins.get_plugins_intranet_js | $raw %]
</html>
It must be before like in opac-bottom.inc
Test plan :
1) Install a Koha plugin with intranet_js hook, like KitechenSink
2) Go to an intranet page
3) Look at source of the page to see plugin code is before body end tag
Signed-off-by: Nicolas Legrand <nicolas.legrand@bulac.fr> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
(cherry picked from commit c383cf2fa5bece671d3654ed5b16eae7b354187f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 689e0d0d62dee580df2b73bc58b3ed84b10e0a95) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Fridolin Somers [Fri, 22 Nov 2019 14:04:34 +0000 (15:04 +0100)]
Bug 24090: Subfield text in red when mandatory in record edition
In biblio or autority record edition, color subfield text in red when mandatory.
Like patron fields in patron edition form.
Test plan :
1) Edit a biblio record
2) See that mandatory subield text is red (#C00)
3) Same in autority record edition
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
(cherry picked from commit 94dcf7e77ebf7e44446a1df2c7046d9808e8a5b9)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit d1c059f18cf54a3d8306c43f5a40014f05dbac10) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Bug 24191: Make objects.search pass to_model to dbic_merge_sorting
This patch makes objects.search pass the to_mode method reference so it
can be used to map API attributes to column names when building the
sorting portion of the query.
To test:
1. Apply the regression tests on this patchset
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/REST/Plugin/Objects.t
=> FAIL: Tests fail!
3. Apply the rest of the patchset
4. Run:
k$ prove t/Koha/REST/Plugin/Query.t
=> SUCCESS: Tests pass! changes to the methods work as expected!
5. Run:
k$ prove t/db_dependent/Koha/REST/Plugin/Objects.t
=> SUCCESS: Tests pass!
6. Sign off :-D
Sponsored-by: ByWater Solutions Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
(cherry picked from commit 32ded5069184a004855ab732798c0171f98790fa)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 3de45aad29d4ef9b2fd3dc7b4f1d700d4f9b8c30) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Bug 24191: Add to_model param to _build_order_atom and dbic_merge_sorting
This patch adds a to_model parameter to dbic_merge_sorting so it is
passed when used (for example from objects.search). The to_model param
is passed along to the _build_order_atom method where it is finally
used.
In the process I wrote tests that reflected some problems in the current
code:
- Mojolicious automatically returns a scalar if a query parameter only
happens once on a request. The code expected an arrayref in every case.
- There's a design issue that forced me to use some hacky code in
_build_order_atom.
The first issue is dealth with, by using Scalar::Util::reftype as the
Perl docs recommend.
The second issue, I don't plan to clean it here, as there's ongoing work
on a Koha::Objects->search_from_api method that will obsolete this code
most probably (see bug 23893 for a better picture of where the mappings
will be living soon).
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/Koha/REST/Plugin/Query.t
=> SUCCESS: Tests pass!!
3. Sign off :-D
Sponsored-by: ByWater Solutions Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
(cherry picked from commit 46895911d4668c343446104df41afb151dd2fae3)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit d9ec59f191f8256e6961af290eb35cae673298e9) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
This patch adds missing tests for calling objects.search with
non-existent column names for sorting, that should be mapped using
to_model for that matter.
Tests should fail as there's no current use of to_model for building the
order_by portion of the query.
Sponsored-by: ByWater Solutions Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joy Nelson <joy@bywatersolutions.com>
(cherry picked from commit f38519b0638f620d0faeebdc2f0e0c74085c5838)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 99ad6cac3068621ff72c02f4f7ae4916124f52d5) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Nick [Thu, 10 Oct 2019 16:06:08 +0000 (16:06 +0000)]
Bug 23089: Fix sorting on sum and regular fields
As of bug 20589 we no longer analyze sort fields and so we no longer need to append ".phrase"
to our sort in searches.
Additionally, sort fields based on 'sum' should also use sum in building the value to sort on
To test:
0 - Be using ES
1 - Find the most circulated item in your collection
2 - Search for '*'
3 - Sort by popularity DESC
4 - Note that item is not first
5 - Try to sort by anything but relevancy, it fails
6 - Apply patch
7 - Redo searches and sorts
8 - Things should now work as expected
Signed-off-by: Ere Maijala <ere.maijala@helsinki.fi> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 6a2ba8b6b23f482dcf8bbe53668d93519a11edf5) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Ere Maijala [Thu, 24 Oct 2019 10:35:52 +0000 (13:35 +0300)]
Bug 23089: Fix QueryBuilder tests.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit cce9d03bf911a2279a62e742f48fbe56be91e021) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Nick Clemens [Tue, 30 Jul 2019 15:20:27 +0000 (15:20 +0000)]
Bug 23389: Add 'All' option to report dropdowns
This patch optionally adds an 'all' option to report dropdowns
Note you will need to use 'LIKE' instead of '=' to allow 'All' to work
To test:
1 - Write a report:
SELECT branchname FROM branches WHERE branchcode LIKE <<Branch|branches>>
2 - Run it
3 - Select a branch
4 - You get one branch info
5 - Note you cannot select all
6 - Apply patch
7 - Run report
8 - No change
9 - Update report like:
SELECT branchname FROM branches WHERE branchcode LIKE <<Branch|branches:all>>
10 - Run report
11 - Select 'All'
12 - You get all branches
13 - Select one branch
14 - You get one branch
15 - Test with other authorised categories (itemtypes, YES_NO, etc.)
16 - Confirm it works as expected
17 - Prove -v t/db_dependent/Reports/Guided.t
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7c97f5263d474adc11688b9b7773c5b8705d10d3) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
Nick Clemens [Mon, 7 Oct 2019 17:46:30 +0000 (17:46 +0000)]
Bug 23768: Return invalid ISBN when searching with variations
To test:
1 - Enable SearchWithISBNVariations and IntranetCatalogSearchPulldown
2 - Refresh page and click on 'Search the catalog' tab
3 - Search for 'ISBN' 0385299209
4 - Note no results
5 - Note the search says if searched 'kw,wrdl: (nb=)'
6 - Apply patch, restart all the things
7 - Repeat search
8 - Search looks correctly formed
9 - Add the isbn above to a record, confirm it is returned by search
10 - Confirm searches for valid ISBNs still work as expected
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 050f43f73c4857b26996e15e3d8b8ad536b32763) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
(cherry picked from commit f2bb4afa161db73e803607ac6c518a1e98427de3)
Owen Leonard [Tue, 8 Oct 2019 17:11:17 +0000 (17:11 +0000)]
Bug 13749: On loading holds in patron account 'processing' is not translatable
This patch updates the DataTables configuration for two tables: The
checkouts and holds lists shown on the checkout and patron details
screen.
The tables lacked the standard application of a custom set of
defaults defined in js/datatables.js. It is in this file that custom
language strings are defined for DataTable interface elements, pulling
in the translated values from datatables.inc.
Without our custom defaults applied, DataTables used its own defaults,
which are not translated.
To test, apply the patch and check out to a patron who has both
checkouts and holds. The more the better to give you more time to
observer the loading state of the tables.
- Checkouts: This table doesn't exhibit any visible problems because
page-specific text is defined for the table's "Loading" message.
However, it still makes sense to apply the defaults to the table for
consistency's sake. There should be no visible changes to the table.
- Holds: From the checkout or patron details page click the "Holds"
tab. While the table loads there should be a "Processing" message. If
you switch to another translation the message should appear in that
language.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 9af572c7969f5372853d238ee35f530e4e9fc9f6) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
(cherry picked from commit 06ff77dbc766df3301440d587e5f74dc8ce477d6)
Katrin Fischer [Sat, 2 Nov 2019 01:58:00 +0000 (01:58 +0000)]
Bug 23952: Fix body tag on OPAC course details page
The id was not changed, when the page was added and
remained opac-main. The patch changes it to
opac-course-details so the page has its own unique id.
To test:
- Add a course reserve to your installation
- Go to the course reserves page in the OPAC
- Click on the course to see its details
- Look at the source code, the <body> tag should show:
Without patch: opac-main
with patch applied: opac-course-details
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit ccf9eaf62fc05abe318fe4652025ac3979c50c19) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
(cherry picked from commit 81f4bb3d9cf49d060d4078aca439a3fbc9d3a429)
Lucas Gass [Tue, 29 Oct 2019 17:40:47 +0000 (17:40 +0000)]
Bug 23506: Display correct icon in staff client and OPAC
When the leader6 is set to 'i' the MARC21slim2intranetDetail.xsl
attempts to display 'SO.png' which does not exist.
TEST PLAN:
1. Find or create a record with an 'i' as the 6th position in the 000 leader.
2. Do to the OPAC detail page and staff detail for an item in that record.
3. Notice the material type icon does not display because SO.png does not exist.
4. Apply patch and restart_all
5. Look at the opac detail and staff detail page again after clearning the browser cache.
6. The material type icon now displays (MU.png), this is the same icon used on the OPAC results page.
Katrin Fischer [Sat, 2 Nov 2019 06:54:31 +0000 (06:54 +0000)]
Bug 21939: Fix permissions for holds history tab
The tab will show when the staff user has edit_borrowers
permission, but the page itself will not be accessible.
This patch fixes the page permissions to allow access
with the edit_borrowers permission as suggested by the
comments on the original bug report.
To test:
- Create a staff user with only "edit_borrowers" permission
from the borrowers module
- Try to access the holds history tab from any patron account
- Verify you are blocked
- Apply patch
- Try again and verify the page is accessible now
- Repeat with superlibrarian and full borrowers permission.
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Bob Bennhoff <bbennhoff@clicweb.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit cd3ef03e76e1441675c90135c42d033bf99f73cd)
(cherry picked from commit f3c9ba16d506aa5145bd46123d7982b035a9e56f)
Jonathan Druart [Tue, 10 Dec 2019 10:22:59 +0000 (11:22 +0100)]
Bug 24199: (bug 23042 follow-up) Prevent t/Auth_with_shibboleth.t to fail randomly
CGI->url_param does not always return the parameters in the same order.
Test plan:
0/ Recreate the random failure, does not apply the patch and run
t/Auth_with_shibboleth.t several times.
You will notice that it fails inconsistenly
1/ Apply the patch and confirm that it now passes 100% of the time
Jonathan Druart [Mon, 2 Dec 2019 16:50:40 +0000 (17:50 +0100)]
Bug 24145: (bug 22543 follow-up) Fix Auth.t
Auth.t is failing because of: 1. recent changes from bug 22543 and 2. wrong mocked CGI->param in tests
Without this patch we hit the exit statement that breaks the tests with the following error:
t/db_dependent/Auth.t .. 1/22 Un-mocked method 'url()' called at /kohadevbox/koha/C4/Auth.pm line 1223.
Un-mocked method 'redirect()' called at /kohadevbox/koha/C4/Auth.pm line 1227.
A context appears to have been destroyed without first calling release().
Based on $@ it does not look like an exception was thrown (this is not always
a reliable test)
This is a problem because the global error variables ($!, $@, and $?) will
not be restored. In addition some release callbacks will not work properly from
inside a DESTROY method.
Here are the context creation details, just in case a tool forgot to call
release():
File: t/db_dependent/Auth.t
Line: 74
Tool: Test::More::subtest
Cleaning up the CONTEXT stack...
# Looks like you planned 22 tests but ran 1.
t/db_dependent/Auth.t .. Dubious, test returned 255 (wstat 65280, 0xff00)
Failed 21/22 subtests
Test Summary Report
-------------------
t/db_dependent/Auth.t (Wstat: 65280 Tests: 1 Failed: 0)
Non-zero exit status: 255
Parse errors: Bad plan. You planned 22 tests but ran 1.
Files=1, Tests=1, 2 wallclock secs ( 0.02 usr 0.00 sys + 1.54 cusr 0.24 csys = 1.80 CPU)
Result: FAIL
Nick Clemens [Tue, 26 Nov 2019 14:12:01 +0000 (14:12 +0000)]
Bug 24120: (follow-up) input_name too
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 04fab26ccc25d70a3b94b3bd2ceea22752b8714e) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
(cherry picked from commit 6551577ab3474fbe81325604d47b8509f86d7abf)
Nick Clemens [Tue, 26 Nov 2019 13:19:28 +0000 (13:19 +0000)]
Bug 24120: URI filter search terms in sort dropdowns
To test:
1 - Search for C++
2 - Sort your results
3 - Note search is now for "C "
4 - Apply patch
5 - Search for C++
6 - Reorder results
7 - Still searching for C++
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 59ea9b3cc27c27d16880fc238f4a173a9e38b479) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
(cherry picked from commit c9cd551d5454b78bd01ac29762962f487fb8bd60)
Katrin Fischer [Sun, 3 Nov 2019 22:48:04 +0000 (22:48 +0000)]
Bug 23483: Show the description, not the patron's title when writing off an individual fine/fee
When writing off an individual fine, the description shown
was the patron's title, instead of the fine description.
Fixing it by changing it to the same template variable used for
paying individuals so they match up.
To test:
- Pick a patron and make sure salutation is set (Mr, Mrs, ...)
- Create a manual fine
- For the fine, compare the description shown when using the Writeoff
and Pay buttons next to the fine
- Verify the display is different and writeoff displays the salutation
- Apply patch
- Repeat, descriptions now should match up
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 89931b4bb02d6ca1796ece2647fc6104382c0b7d) Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz>
(cherry picked from commit b485c28382f7acd67241fcbc08a249bd341e5106)
Jonathan Druart [Wed, 19 Jun 2019 17:12:15 +0000 (12:12 -0500)]
Bug 23042: Correct shib param escaping
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Thu, 13 Jun 2019 16:02:33 +0000 (17:02 +0100)]
Bug 23042: Only include GET params in return URL for Shibboleth
The shibboleth return target included POST parameters in the URL string,
this meant that a failed local login POST would include the username and
password used in the attemtped login in plaintext in the redirect URL
that is appended to the shibboleth login URL.
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martin Renvoize [Wed, 19 Jun 2019 09:56:30 +0000 (10:56 +0100)]
Bug 23042: Add tests to catch POST params in return URL
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Wed, 30 Oct 2019 12:15:38 +0000 (13:15 +0100)]
Bug 23836: exit after output_error
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick [Thu, 17 Oct 2019 15:26:18 +0000 (15:26 +0000)]
Bug 23836: Don't forward form tracklinks if not tracking
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Wed, 14 Aug 2019 17:39:43 +0000 (13:39 -0400)]
Bug 23451: [18.11.x] Fix other similar wrong filterings
Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Wed, 14 Aug 2019 17:31:53 +0000 (13:31 -0400)]
Bug 23451: [18.11.x] Prevent XSS vulnerabilities in opac-imageviewer.pl
And certainly in other sripts as it is in opac-bottom.inc
Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Magnus Enger [Fri, 6 Sep 2019 07:54:04 +0000 (09:54 +0200)]
Bug 22543: Prevent "back and refresh attack"
To reproduce and test:
- Log into the OPAC, you are taken to /cgi-bin/koha/opac-user.pl
- Log out, you are taken to /cgi-bin/koha/opac-main.pl?logout.x=1
- Click "Back", you are taken to /cgi-bin/koha/opac-user.pl
- Reload the page, you see an error like "Confirm new submission
of form"
- Reload the page again and confirm the submission of the form
- You are now logged in to the OPAC again!
- Log out again
- Apply this patch
- Log in to the OPAC, you are taken to /cgi-bin/koha/opac-user.pl
- Log out, you are taken to /cgi-bin/koha/opac-main.pl?logout.x=1
- Click back, you are taken to /cgi-bin/koha/opac-user.pl
- No matter how many times you reload /cgi-bin/koha/opac-user.pl,
you should not see anything other than the login form.
- Check that Self Check Out still works as it should, by making
sure you have a user with self_check permissions, then setting
WebBasedSelfCheck, AutoSelfCheckAllowed, AutoSelfCheckID and
AutoSelfCheckPass appropriately. Then visit
/cgi-bin/koha/sco/sco-main.pl and verify everything works as
expected.
The messages and errors pages you see related to resubmitting the
form might differ from the ones described here, depending on what
browser you use. I tested in Chromium 76.0.x.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Marcel de Rooy [Fri, 9 Aug 2019 09:27:18 +0000 (09:27 +0000)]
Bug 23329: (QA follow-up) Resolve warning on wrong biblionumber
Passing a wrong biblionumber generates a warning:
GetMarcUrls called on undefined record at opac/tracklinks.pl line 58.
Test plan:
[1] Try it again with a wrong biblionumber and check the logs.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Marcel de Rooy [Fri, 9 Aug 2019 09:18:13 +0000 (09:18 +0000)]
Bug 23329: (follow-up) Allow item URI with a biblionumber parameter
If you pass a URI with a biblionumber without specifying the itemnumber,
tracklinks did not redirect an item URI.
Test plan:
[1] Add URI in an item.
[2] Pass this URI with the itemnumber to tracklinks. Should pass.
[3] Pass this URI with the biblionumber to tracklinks. Should pass now too.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Wed, 17 Jul 2019 11:01:01 +0000 (11:01 +0000)]
Bug 23329: Only redirect tracklinks.pl to urls contained in records
Bug 19487 limited redirection to urls contained in a record/item if we were tracking.
We should probably limit forwarding if not tracking as well.
Additionally, if we don't have a soucre, let's not forward
To test:
0 - Set TrackClicks syspref to 'Don't track'
1 - Hit localhost:8080/cgi-bin/koha/tracklinks.pl?uri=http://www.google.com
2 - You get forwarded to google
3 - Set TrackClicks to 'Track anonymously'
4 - You get a 404
5 - Apply patch
6 - Hit localhost:8080/cgi-bin/koha/tracklinks.pl?uri=http://www.google.com
7 - You get a 404
8 - Set TrackClicks syspref to 'Don't track'
9 - Hit localhost:8080/cgi-bin/koha/tracklinks.pl?uri=http://www.google.com&biblionumber=1
Choose a biblionumber that exists
10 - You get a 404
11 - Add http://www.google.com to the 856$u of the record used above
12 - Hit localhost:8080/cgi-bin/koha/tracklinks.pl?uri=http://www.google.com&biblionumber=1
13 - You are redirected
14 - Confirm redirection and 404 as expected with other settings of TrackClicks
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Katrin Fischer [Fri, 12 Jul 2019 12:40:22 +0000 (12:40 +0000)]
Bug 23101: Hide action buttons on contracts if user lacks permission
When the user doesn't have superlibrarian, full acq or
contracts_manage permission, don't show buttons for editing
and deleting contracts.
To test:
- Create a vendor with a few contracts
- Create a staff user with
- superlibrarian = can view edit/delete contracts
- full acq perms = same
- without manage_contracts = can view, but action buttons are gone
- Make sure the sorting of the contracts table works in all cases
Signed-off-by: Holly Cooper <hc@interleaf.ie> Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit d0a06e365b693de6609998b3d649d9ef4d083880) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit d1da1a688d5a4fb1ea78d53b6308aa08ac09cdd0)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Kyle M Hall [Fri, 27 Sep 2019 11:23:28 +0000 (07:23 -0400)]
Bug 23688: System preference uppercasesurnames broken by typo
In the process of moving this feature from memberentry.pl to Patron.pm, the 's' on uppercasesurnames was dropped, breaking the feature.
Test Plan:
1) Test uppercasesurnames, note it does not work
2) Apply this patch
3) Test uppercasesurnames, note it works now!
Signed-off-by: Kyle Hall <kyle@bywatersolutions.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 62ad053894c57ae990a9724cf58beaa4441448c6) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 0c9c78341b5f0c855fcf2a697edc31eb6e1262fc)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 23679: add Unit Test t/db_dependent/Circulation/transferbook.t
I've choosen to add it to db_dependent because we may add other tests
to cover transferbook() cases that will change DB
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Bin Wen <bin.wen@inlibro.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit d096eeab8a7d23cf460b1ad5f10df746f3d62dda) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 19b44c8b44b1c0b92afb3f34b4b6fd41ab1faf5d)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 23679: fix software error when trying to transfer an unknown barcode
When trying to transfer an unknown barcode in
/cgi-bin/koha/circ/branchtransfers.pl you get the error :
Can't call method "itemnumber" on an undefined value at
/home/koha/src/C4/Circulation.pm line 319.
This comes from C4::Circulation::transferbook which should stop when
finding unknown barcode.
Test plan :
1) Go to /cgi-bin/koha/circ/branchtransfers.pl
2) Enter a barcode not existing in database
3) Without patch you get a software error, with patch you get a message
saying 'No Item with barcode'
4) Enter a barcode existing in database and check transfer is OK
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Bin Wen <bin.wen@inlibro.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3848a3a772e2202ac3339bd241adcef987e48361) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 43f15f13123c705bb750af43a74997e581b48719)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Thu, 5 Sep 2019 13:53:50 +0000 (13:53 +0000)]
Bug 21406: [18.11.x only] Prevent errors from undefined fields in requests
To test:
1 - In 18.11 enable ILL and install the freeform backend
2 - Create a request for 'Journal article'
3 - Note there is no 'Author' field
4 - Try to view ILL requests
5 - You get a datatables error about missing metadata_author column
6 - Apply patch
7 - No more error
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Wed, 6 Nov 2019 10:17:33 +0000 (11:17 +0100)]
Bug 23961: (bug 22851 follow-up) Restore Add subscription fields link
This fix a wrong rebase conflict resolution from
commit 414869eb9d7b29754b75bd0c798d6a566df88a7e
Bug 22851: Style navigation links in serials modules like same links
in other modules
It only affects 18.11.x
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Liz Rea [Thu, 19 Sep 2019 00:14:23 +0000 (00:14 +0000)]
Bug 23658: fix wrong transfer modal dropping specified checkin date
To test:
Have an item that needs a transfer
use the check in page, and backdate the checkin date
check in the item, click ok or print - backdating is OK
Check it in again - backdating drops off
Apply this patch, restart the things
run tests again, backdating should be retained in all cases.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Kyle M Hall [Fri, 20 Sep 2019 11:14:34 +0000 (07:14 -0400)]
Bug 23624: (QA follow-up) Don't fetch the count unless the query was successful
Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit f2b27975679e64722f06b175e759801227a313fc) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 528aa88b7e7978b25331258f4f69274a3c21945f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
This patch makes counting the results have no memory footprint by
leveraging on the DB to count the rows.
To test:
- Without this path, run:
$ kshell
k$ prove t/db_dependent/Reports/Guided.t
=> SUCCESS: Tests pass
- Apply this patch
- Run:
k$ prove t/db_dependent/Reports/Guided.t
=> SUCCESS: Tests still pass!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit bca4453c50d8b5b1d3c7029ded2b522a9a2bf868) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit b332b365edbab4197580ecd4b3fe684dadfe070f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 7958e7f3f9b4275cd8da0ed2e04dfbc90d863a60) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 654c13e7d9aa911fb42d40d2a1c34a6d554967fa)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Paul Hoffman [Tue, 17 Sep 2019 17:00:03 +0000 (13:00 -0400)]
Bug 23624: Count rows in report without (potentially) consuming all memory
C4::Reports::Guided::nb_rows (called by get_prepped_report in reports/guided_reports.pl) uses DBI::fetchall_arrayref to retrieve all rows at once; counts them; and then discards the rows and returns the count. This has the potential, if the number of rows is very large, to exhaust all available memory.
(Other code in guided_reports.pl has the same potential effect, but because the solution to that is much less straightforward it will be addressed in a separate bug report.)
This patch uses the second ($max_rows) parameter to DBI::fetchall_arrayref to retrieve a smaller number (1,000) of rows at a time, looping until all results have been retrieved. This will only use as much memory as the maximum amount used by a single call to DBI::fetchall_arrayref.
Test Plan:
1) Create a report the will generate a huge number of results
2) Run the report, watch your memory usage spike
3) Apply this patch
4) Restart all the things!
5) Run the report again, note your memory usage is much lower
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 79e15278f718768fa082b7b3d7b48e6adde164da) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit be8bade672b279da24f15154c88a5c5faf840b19)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 23607: Make /patrons/:patron_id/account staff only
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 8171c9d05dc3adf0014a727e304f666606f7f751) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 4c681e4e913a62f9efc72e145a327d2ee5b77711)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Kyle M Hall [Tue, 17 Sep 2019 19:41:12 +0000 (15:41 -0400)]
Bug 23625: Make new 'required' attributes match the currently used syntax in other templates
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0aeb5998481a28fb72c8f184bd3f85f7491dc858) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 267d0a90333006004f527fbc535556e04f6786de)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Eric Phetteplace [Mon, 16 Sep 2019 19:53:32 +0000 (12:53 -0700)]
Bug 23625: ArticleRequestsMandatoryFields* only affects field labels, does not make inputs required
Test plan:
1. Enable article requests ( syspref: ArticleRequests => Enable, Circ and fine rules ALL/ALL (or a given category/itemtype): Article requests => Yes )
2. Set one or more fields to require in the ArticleRequestsMandatoryFields, ArticleRequestsMandatoryFieldsItemOnly, and/or ArticleRequestsMandatoryFieldsRecordOnly settings (all these settings are affected in the same manner)
3. Search for a title and select the "Request Article" button from the OPAC search results
4. Authenticate as a patron
5. Neglect to fill out at least one of the mandatory fields
6. Select the "Place Request" button at the bottom of the form
7. The form submits despite the empty mandatory fields
8. Apply patch
9. Repeat steps 3, 5, & 6
10 . The form should refuse to submit, show a browser-native message about the missing required fields.
Sponsored-by: California College of the Arts Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 64148cf4ac6f20787a809b36243672430faa6e8f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 4d8dece7ff91d619f71b1edfd8803300ed9a06bf)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Fri, 6 Sep 2019 11:13:27 +0000 (11:13 +0000)]
Bug 22602: Fix OverDrive circulation when coming from another site
On bug 21078 we caught an error and returned, this makes us skip some variable setting that we need.
This patch moves that code into its own function.
To test:
0 - Have OverDrive circulation setup and working
1 - Place a link to your kohadev installation on another site
2 - Follow that link to the opac
3 - Note all items show as 'Place hold' even if available copies
4 - Apply patch
5 - Repeat 1&2
6 - Note the items availability shows correctly
Signed-off-by: Elizabeth Quinn <EQuinn@chplnj.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 4b642386d8983a12c1a79924ae1fac180b10c3d0) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit acf3eb5217d32753b8f59f626d976707d0d6a90a)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick [Fri, 20 Sep 2019 16:44:53 +0000 (16:44 +0000)]
Bug 23651: Add address of restricted page to syspref description
To test:
1 - Look at the restricted page syspref
2 - Check that the url is listed
3 - Add some content to the page
4 - Save the prefs
5 - Verify the address listed takes you to the page on the opac
Signed-off-by: Lisette Scheer <lisetteslatah@gmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit fa97bc90df532720287eaf296c15f7facdaa730d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 8e6313eaf7cd9b91ecfb8ed3c56c18fa9d488561)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Fridolin Somers [Wed, 31 May 2017 14:54:32 +0000 (16:54 +0200)]
Bug 18710: Wrong subfield modified in batch item modification
In Tools > Batch item modification, one can modify or delete a subfield.
When deleting a subfield et modifying another, the wrong subfield gets modified.
This is caused by the fact that disabled inputs are not posted in form.
So for a subfield to delete :
Input name=field_value is not posted. But input name=subfield is posted with subfield code.
So these 2 arrays does not have the same size :
my @subfields = $input->multi_param('subfield');
my @values = $input->multi_param('field_value');
For exemple, deleting $2, not changing $u and modidying $v will modify $u with value for $v o_O
This patch correts but setting disabled all inputs of a deleted subfield : field_value, tag, subfield and mandatory. Like it was not present in the form.
Test plan :
- Go to Tools > Batch item modification
- Enter a barcode and submit
- Lets say there are subfields : $2 (not mandatory), $u and $v
- Check the subfield $2 to be deleted
=> $2 input is disabled
- Enter a text in $v
- Submit the form
=> Without patch, the text for $v gets into $u
=> With patch, the text for $v gets into $v
- Check the subfield $2 is well deleted
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit adb232c8f0f4bf8574ca3dce9548196430c57fb0) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit d8a1871dd0a08b86931c80ad717b4d5e55577c3f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Katrin Fischer [Fri, 13 Sep 2019 12:18:09 +0000 (12:18 +0000)]
Bug 23605: Fix terminology for branches limitations on patron category admin page
Fix branches to library.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 921cf9b35297c8ea57cc5482385f040c2734a027) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 9fe6c016ab23265bcfed6684135e4040179094fd)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick Clemens [Thu, 13 Jun 2019 10:56:34 +0000 (10:56 +0000)]
Bug 22744: Remove the 'do not notify' buttons
These checkboxes are simply a way to clear the prefs before editing. We are not saving
a lot of click, and we are confusing people, this patch simply removes them
To test:
1 - Edit a patron's messaging preferences
2 - Think too hard about the 'Do not notify' boxes
3 - Feel confused
4 - Apply this patch
5 - Edit a patron's messaging preferences
6 - Confirm it feels better
Liz Rea [Wed, 4 Sep 2019 02:10:21 +0000 (02:10 +0000)]
Bug 23537: Overdrive won't show complete results at all times
To test:
On an overdrive enabled OPAC (tough sell, I know)
Do a search for something you know has magazines, the collection I
was looking at had "knit" as one
Without this patch, the results will show "(many) items found in
overdrive collection" but only show a small number of them.
With the patch, the number of results should match the number
shown/paginated.
A site that has this fix applied, is
https://tracy.bywatersolutions.com/cgi-bin/koha/opac-overdrive-search.pl?q=knit
Before this patch, the number of results was 44, but there were only
8 shown. Now we see all 44
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 98e4b5c04a1f89fb168fbc6e7dc40f374cb40ad1) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit f05a3767f6c10bc59cedee7588754f7c3e6a0a0c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Nick [Tue, 10 Sep 2019 14:04:43 +0000 (14:04 +0000)]
Bug 23526: Don't use encoded question mark in shib_login_url
To test:
1 - Enable shib
2 - Do a search
3 - Try to login from search
4 - Get an error
5 - Apply patch
6 - Retry
Note: You do have to fully configure shibboleth, you can simply enable it in koha-conf.xml and check the URLs. Signed-off-by: Matthias Meusburger <matthias.meusburger@biblibre.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 16aa7d1c8afe249318767a8a023f7dbddb6843ea) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit da602a96ad96163f624a65822db13ef68ed5644a)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 23597: Add missing reserved query parameters to GET /holds
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 410e9bc0e88007cdff850afed83ee55a240a7517) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit fa5bf1805449dd7ab58c3404c1364a0d86b10a77)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Owen Leonard [Mon, 9 Sep 2019 16:58:04 +0000 (16:58 +0000)]
Bug 23575: Template error causes item search to be submitted multiple times
This patch corrects the item search template so that the submit handler
is not nested inside an unrelated loop. The change should have no
outward effect on the behavior of the item search other than making it
faster.
To observe the bug in action, open your browser's developer tools and
click the "Network" tab. Filter the output to only "XHR" and perform an
item search. You should see multiple requests.
To test, apply the patch and perform an item search. It should behave
normally.
Check the browser's "Network" monitor again to verify that only one
request is being sent.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 075261645e1650629038c9a09e8d9e387bcc5474) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 3cf3782a6097067d57030772417c3a2fe5cc9566)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Thu, 20 Dec 2018 22:39:34 +0000 (19:39 -0300)]
Bug 22037: Block SIP checkout if guarantees have debt
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 2e91d33381cb29da30bfe16f022f1d07fe2b327f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit b74949a821944384df3e319d43e35f3c124f40a7)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Fridolin Somers [Thu, 8 Aug 2019 06:51:14 +0000 (08:51 +0200)]
Bug 23004: Unit test
Run prove t/db_dependent/Koha/SearchEngine/Elasticsearch/QueryBuilder.t
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit b26c2a18630538ee515f8e383293efd2c2928c70) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit c67f4ce30a6c5aaeb850f77572be9fe052717cde)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Fridolin Somers [Wed, 29 May 2019 06:15:08 +0000 (08:15 +0200)]
Bug 23004: Missing authtype filter in auth_finder.pl
In cataloguing, the use of tag editor opens authorities finder with a limit on specific authorities type.
This limit is missing with Elasticsearch.
This patch adds in query a "filter" on "term" which is the most performant way because there must be no ranking computed on this part.
Test plan :
1) Use Elasticsearch
2) Create an autority of type author (NP in UNIMARC) with heading "Tolkien"
3) Create an autority of type subject-author (SAUT in UNIMARC) with heading "Tolkien"
4) Create a biblio record
5) Use tag editor on a author field (700 in UNIMARC)
6) Seach for "Tolkien" in $a
without patch : you see the 2 authorities in results
with patch : you see only the correct authority in results (NP in UNIMARC)
7) Check search in authorities-home.pl is still OK
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 949e36c7b8a11cd185025a4c9e102f0e26205009) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 1d8b1fafc4dbdc54108dbe2ff949d612cde6b99e)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Martha Fuerst [Wed, 8 Aug 2018 16:51:39 +0000 (12:51 -0400)]
Bug 21180: Allow Talking Tech outbound script to limit based on patron home library branchcode
A library system has requested the ability to limit which patrons are sent to Itivia for phone notices.
Test Plan:
1) Enable phone notices for two patrons with overdues
2) Run the misc/cronjobs/thirdparty/TalkingTech_itiva_outbound.pl with the new --patron-branchcode option
3) Note only the patron whose homebranch you specified is in the output file
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3cb66af150171abf44868f8b0bdca8f70132e4f0) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 92b966a87a74d58e5fdf5a252365175cc2397e9f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Marcel de Rooy [Fri, 17 May 2019 07:36:17 +0000 (07:36 +0000)]
Bug 22929: Allow SCI/SCO logins independent of GDPR_Policy
This patch makes Auth skip the GDPR policy check when get_template_and_user
is called for sci/sco (self checkin, checkout).
I do not really like the change in this form but the nature of self checkin
and checkout kind of dictate it (double hack).
I wanted to add a test but since that asks for mocking CGI, checkauth, etc.
the time needed for that is just too much for this simple change.
Test plan:
Enable GDPR_Policy and self checkin/checkout.
Verify that using patrons without consent is not blocking sci/sco.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3640130d1fbc49ddc2cc4baef53a4c4d7fea76bf) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit a1927fdf46c015fb1382aaa7bf63768088a7e19c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 23353: ACQ framework makes fr-CA web installer explode
This patch removes the standalone ACQ framework SQL file in the fr-CA
directory and adds the ACQ framework creation SQL in the default
framework file, as it is in other languages.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 811bee9bce57e67fd22562b3bb62397335b4eeb5) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 93b8ea9685ab565018fee3caa021f10a99586830)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 16111: (QA follow-up) Few additional corrections
[1] Refining the regex on the format parameter in opac-search.pl
[2] Adding a colon to dc:identifier. The Dublin Core specs gives me this
example:
Identifier="ISBN:0385424728"
[3] Replacing last occurrence of rss2 in the rss template
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 2bbd811027172af1adb68f9904071951056ecbda) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit ad787464c913339dacbda41d4cc1a259ac21e53c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Bug 16111: (QA follow-up) Changes related to partial revert
When reverting the & change, we need to go back to html filter for
query_cgi and limit_cgi. In this patch I only replaced it where it is
needed. The template contains more references to SEARCH_RESULT.query_cgi
and SEARCH_RESULT.limit_cgi which are useless, since searchResults does
not return these hash keys at all.
This patch fixes one occurrence where SEARCH_RESULT was copied outside
the loop that defines the template variable.
Obviously, the code for RSS still needs more attention.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 062c3f9ab2e25b64dad1d4356a976a1416204c05) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 33c0504bb9437b84f36ede00b762fafebb2c80fc)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Liz Rea [Mon, 19 Aug 2019 01:51:04 +0000 (01:51 +0000)]
Bug 16111: Further fixes to the RSS to make feed work
- fixed links per the WC3 spec
- fixed a problem in the ATOM link
To test:
do a search, click the RSS icon - it shows xml in most browsers but wont
do RSS type things.
Apply this patch, restart the things
refresh the page, it should do RSS things (i.e. firefox should render it
as a nice looking thing, rather than raw XML.)
noting that there are a couple of validation errors still, but they
don't seem to be show stopping and moreover I wasn't sure how to fix them:
Misplaced Item
Self reference doesn't match document location (this is a "for widest
compatibility you should fix" kind of thing)
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit fafd719dd34aeb4e96377f4404a53df589138efd) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit df9272bbef539b04640439bda6a9c6a8f7bc6b8c)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Mon, 19 Aug 2019 22:24:56 +0000 (18:24 -0400)]
Bug 16111: [CHANGED] Replace link href by link in rss part
Original patch title: Replace & with &
Signed-off-by: Liz Rea <wizzyrea@gmail.com>
EDIT:
Reverting the changes to C4/Search and opac-search.pl.
This requires a few changes, as supplied in the 5th patch.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0e1e5ca31fab861c85c9b6e0d3b788f0208402d4) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 48aaf09849a7d0785b54e10cc84c72b03d288ab0)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Mon, 18 Jun 2018 20:31:27 +0000 (17:31 -0300)]
Bug 16111: Fix content type for RSS feed
Test plan:
GET http://catalogue/cgi-bin/koha/opac-search.pl?idx=kw&q=perl&count=50&sort_by=acqdate_dsc&format=rss2
=> Without this patch it returns content type text/html
=> With this patch it returns text/xml
GET http://catalogue/cgi-bin/koha/opac-search.pl?idx=kw&q=perl&count=50&sort_by=acqdate_dsc&format=rss
=> Without this patch it does not work
=> With this patch it returns text/xml
Bug 16111: Fix atom support
Bug 16111: Remove 'rss2' which should be 'rss' or 'atom'
Bug 16111: Replace <link> with <link href...
Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit b946e996ff208e71bbfd5cfb7714f9a656065093) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 5a30719f84857832fc737c287173cdaec5fb30e9)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Mason James [Tue, 3 Sep 2019 04:02:32 +0000 (16:02 +1200)]
Bug 23530: Fix cart showing only hidden items
Items hidden with the OpacHiddenItems system preference
were still displayed in the OPAC cart and the normal items
were hidden instead. This patch corrects the display.
To test:
- prep a test bib with hidden and other items using
the OpacHiddenItems system preference
- add bib to cart
- observe that hidden items are displayed - non-hidden items are hidden
- apply patch, reload page
- observe that hidden items are hidden, non-hidden items are displayed
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 60ce66b6b658bfbe0d9ca459afc673042c7a854f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 6e013cf383f1f23b34e9878a86ea0b945833132f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Jonathan Druart [Sun, 23 Jun 2019 00:29:42 +0000 (19:29 -0500)]
Bug 22786: Prevent fund creation for locked budgets
If a budget is locked, there is a "New fund for $budget" link that is
disabled but clickable.
We should ensure that the link is not clickable and prevent it at
controller level (do we need it at module level, ie.
Koha::Acquisition::Fund->store?)
Test plan:
- Create a budget, lock it
- Go to /cgi-bin/koha/admin/aqbudgetperiods.pl
- Click on the name of the budget you just created
=> The "New > New fund for $budget_name" button should be disabled
- Click it anyway
=> Without this patch the form to add a new fund is displayed
=> With this patch applied nothing happens
- Hit /cgi-bin/koha/admin/aqbudgets.pl?op=add_form&budget_period_id=XXX
With XXX the budget's id
=> Without this patch the form is displayed
=> With this patch applied you get a message:
"The budget is locked, fund creation is not possible."
And you are not able to create a new fund
QA notes:
1. See description
2. The add_validate op can still be forced, let trust librarians with
administration permissions for now.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 9215ca42d28bec10f55a9c660bb5816045bb9656) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 8d5a50384fb65a508b0cf944e6f6c070df888aaf)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Owen Leonard [Mon, 5 Aug 2019 14:25:51 +0000 (14:25 +0000)]
Bug 23210: (follow-up) Log in for tags link should trigger modal
This patch modifies the "Log in to add tags" link on the OPAC search
results page, adding the class which is used elsewhere in the OPAC
templates for triggering the login modal.
Also: Removed an unnecessary period.
To test, apply the patch and follow the original test plan. Clicking the
"Log in to add tags" link should trigger the login modal. After logging
in you should be returned to the page you were on.
Signed-off-by: Michal Denar <black23@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 66b6c76d96b172bbd2b9f90640f7701a6ba4530c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 5a20e111e2e26138dc2ecb7a67e9d6fd69be8c97)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Lucas Gass [Fri, 2 Aug 2019 22:21:40 +0000 (22:21 +0000)]
Bug 23210: login4tags should be a link and included in every search result
TEST PLAN:
1. Make sure TagsEnabled and TagsInputOnList are set to allow.
2. Don't be logged into the OPAC.
3. Make a search and notice the 'Log in to add tags' text is not a link
on the results page.
4. Apply patch
5. Refresh OPAC results page
6. 'Log in to add tags' takes you to the login page.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Michal Denar <black23@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 99d8d2db2c4f44cbb91a069ed3a8dd7894e0218a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
(cherry picked from commit 48b479d4893e03c3ca8b995136621f3409bb363f)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>