git.koha-community.org Git

Bug 34967: Remove Test::DBIx::Class

Move everything in one subtest

Test plan:
Run t/Prices.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 7378865f4e5a8430f54169825e20e4d6c71fb2cd)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34801: Fix incorrect use of __() in .tt and .inc files (bug 34038 follow-up)

__() should be used in .js files, not .tt files

To test, apply the patch and update a translation, e.g. fr-FR:

  > cd misc/translator
  > perl translate update fr-FR

- Open the corresponding .po file for JavaScript strings, in this case
  misc/translator/po/fr-FR-staff-prog.po
- Confirm that the strings are now in the .po file for translation. You
  should find the lines in the commit

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 3b190d625b378de451dd1ca6d1db636dc5f56741)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34917: Fix default sort column of table in suggestion.tt

Test plan:
1. Navigate to Acquisitions and load the suggestions management page
2. Ensure that there are some suggestions in the table
3. Observe that the default sort is on the "Suggester Category" column
4. Apply Patch
5. Observe that the default sort is now on the "Suggested on" column
instead

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 20524530c8308ea44e27c44d7e75861b0b923cae)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34942: Fix typo - 'brower' to 'browser'

This fixes a typo in a message used in the advanced cataloguing
editor when macros are converted from being stored in the browser to
being stored in the database (bug 17268 - Advanced cataloging editor
- rancor - macros are lost when browser storage cleared).

Test plan:
1. Search for 'brower' in the codebase - there should be one occurance:
grep -rn --exclude=*.po brower *
2. Apply the patch.
3. Run the search in step 1 again, there should now be no occurances.
4. Review the diff for the patch a nd make sure that the change makes
sense.
5. Sign off! 8-)

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 7ec0a8ae60190c1d2baf716bb4c922ded0ef24b7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34918: Fix userenv for safe_to_delete tests

Instead of the fallback to 51, we pass a borrower that has
permission for editing items.

Test plan:
Do not apply patch.
Run test without a borrower 51 in db. (FAIL)
Apply patch.
Run test again. (PASS)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit f8233f44a5e4871be38d9b850d97166dcf99c981)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34918: Fix hardcoded borrowernumber 42

Test plan:
Run t/db_dependent/Koha/Item.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 3298b2798520b9e9d7d37848739dc0b24b5f2e0d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34930: Change timezone in Koha/Object.t where tests assume it

This is the case for subtest: attributes_from_api() tests.

Test plan:
export TZ='Europe/Amsterdam'
prove t/db_dependent/Koha/Object.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 0fb84e424e005179480faddb5d7d646bb594ea7b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34489: Fix timezone problem in Patrons.t

See also bug 34930. Using same approach.

Test plan:
export TZ='Europe/Amsterdam'
prove t/db_dependent/Koha/Patrons.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6109a41ca607f826bb7bce5083009c74139d898a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34934: Remove the use of event attributes from OPAC lists page

This patch removes the use of event attributes (onclick, onchange) from
the OPAC lists template. These events are defined now along with the
other in-page JS.

The patch also removes a "delete list" button which was only shown
when viewing an empty list and which was redundant.

To test, apply the patch and log into the OPAC.

- Go to Lists -> New list.
- Change the category to "Private" and the "Allow changes" dropdown to
  "Staff only."
  - You should see a message, 'The "Staff only" permission has no actual
    effect while this list is strictly private'
- Change the category to "Public." The message should disappear.

- View the contents of a list.
  - Click the "Send list" button at the top of the table of titles.
  - It should trigger the "Sending your list" popup window.

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 56348379ec35bbccbb54e205cc180cc0bd4f9297)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34936: Remove the use of event attributes from OPAC detail page

This patch removes the use of event attributes (onclick) from the OPAC's
bibliographic detail page template. These events are defined now along
with the other in-page JS.

The patch also adjusts the global "Dopop" function so that the popup
window is a litte bigger. The comments form did not fit well.

In checking for use of the "Dopop" function I found that it was being
redefined in opac-topissues.tt for no reason so I removed it.

To test you must have the OPACComments system preference enabled.

- Log in to the OPAC, locate a bibliographic record, and view the detail
  page.
- Under the "Comments" tab, click the "Post your comments on this title"
  link. It should trigger a popup window.
  - Submit your comment. When the detail page reloads, return to the
    "Comments" tab and click the "Edit" link on your comment. The same
    popup window should be triggered.

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit f03cf6cc108022a05d036d4c197760203d31468b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34836: Add patron check to isbd and marc detail pages

Test plan:
- Go to circulation rules and set On shelf holds allowed to If all unavailable
- Log out
- Visit a MARC detail or ISBD detail bib record on OPAC:
http://localhost:8080/cgi-bin/koha/opac-MARCdetail.pl?biblionumber=76
http://localhost:8080/cgi-bin/koha/opac-ISBDdetail.pl?biblionumber=76
- Notice it blows up with error 500, on both occasions
- Apply patch. Repeat.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 4fadf73a95f82ca7abd3d27f490a51825949f7b0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 30843: Add unit test for Koha::Auth::TwoFactorAuth::verify

This change adds a unit test to test Koha::Auth::TwoFactorAuth::verify

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 7ac91b24cfb49e094a1d13008bd0efda0b63e288)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 30843: Add mfa_range configuration option for TOTP

This change adds a mfa_range configuration option for TOTP
to koha-conf.xml, and overrides the "verify" method from
Auth::GoogleAuth in order to provide a new default for "range"

Test plan:
0. Apply the patch
1. koha-plack --restart kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=TwoFactorAuthentication
3. Change the syspref to "Enable"
4. Go to
http://localhost:8081/cgi-bin/koha/members/moremember.pl?borrowernumber=51
5. Click "More" and "Manage two-factor authentication"
6. Register using an app
7. In an Incognito window, go to
http://localhost:8081/cgi-bin/koha/mainpage.pl
8. Sign in with the "koha" user
9. Note down a code from your Authenticator app
10. Wait until after 60 seconds and try it
11. Note it says "Invalid two-factor code"
12. Try a new code from the app
13. Note that it works

14. Add <mfa_range>10</mfa_range> to /etc/koha/sites/kohadev/koha-conf.xml
15. Clear memcached and koha-plack --restart kohadev
16. Sign in with the "koha" user
17. Note down a code from your Authenticator app
18. Wait 4 minutes and then try it
19. Note that it works

20. Disable your two-factor authentication and click to re-enable it
21. Use a code older than 60 seconds when registering for the two
factor authentication
22. Note that the code works

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6a0955946e06354ecd05f714057a878794314155)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34446: (QA follow-up) Add colons on delete confirm page

This adds the missing colon on the 'confirm deletion' page.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit f4ee7f2bb9bedfbe24073d0385cfcc67726b8054)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34446: Added missing colon to Can be guarantee

To test:

1. Go to Administration > patron categories and edit or create a new category. Notice that “Can be guarantee” does not have a colon.
2. Apply patch and refresh the page.
3. Can be guarantee now has a colon — yay!
4. Sign off and have a great day. :)

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit f9a4097200fdc9762593b674b4bf70bb76d33d53)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34885: Improve confusing pref description for OPACHoldsIfAvailableAtPickup

Changes pref description and sysprefs.sql.
The change is not important enough for a dbrev.

Test plan:
Look at the changed text in Systempreferences.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 1a398c5e9dab3a31d827ab7980899e0366353a37)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34804: Fix translations

This patch fixes some translations in the ERM module

Translations should be wrapped in this.$__()

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 7c736793cba2e763cca2dca1528e57a835bda817)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34781: Add a span tag in opac-memberentry

Test plan:
Enable self registration and GDPR consent (privacy policy).
Look at selfreg page on OPAC. Scroll to bottom.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 3db74c80866cb9252d13885d2cc09566e9c5a22c)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34794: Fix typo in recalls_to_pull.tt

Fixed typo - it's v its

Test plan:
Look at the bug patch and confirm the change is correct

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 9b385a2c36f433bc9fe1a2b5c6896eca28aae447)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34716: Fix typo

Fixes a typo where "it's" should be "its"

Test plan:
1) Check the commit and observe that the change has been made correctly

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit b5540d8c949a2ea3f7e95667821e2a1668a58e18)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34443: Spelling: Patron search pop-up Sort1: should be Sort 1

This patch instances of "Sort1" and "Sort2" being used
as labels in the interface, replacing the strings with "Sort 1" and
"Sort 2"

To test, apply the patch and test this page:

With the borrowerRelationship system preference populated, edit a
child record and click the "Add guarantor" button. There are two
fields in the form with the updated labels.

Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 93d4defeda79349d57be209bfb8fa4132cae3b77)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Update release notes for 23.05.04 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Increment version for 23.05.04 release

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Translation fixes for Koha 23.05.04

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Merge remote-tracking branch 'translate/23.05.04-translate-20230928' into 23.05.x-security

Translation updates for Koha 23.05.04

Bug 34369: Fix 'Did you mean'

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit ea91896f1531f2c042897849cf313e18aaa5bd64)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34369: Pass csrf token from syspref API client (for Vue app)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 3c6dd02acbfc021c85b23e38d1ef605e09e65764)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34369: Require CSRF token for updating system preferences

This patch adds the requirements that updating a system preference
requires a CSRF token. (Also, adding and deleting local system preferences.)

0. Apply patch
1. koha-plack --reload kohadev
2. Add local system preference
3. Update local system preference
4. Delete local system preference
5. Update normal system preference
6. Note no errors

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit c6ef2aba6bf93b3f17b57b384859edee54f99a72)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34761: Prevent XSS for searches and saved search filters

</script> tags are interpreted in JSON strings as HTML, which can
lead to XSS attacks.

This patch puts HTML escaped JSON in the value of a hidden HTML element.
The Javascript then takes the value as a string, parses it as JSON,
and is able to use it to save search filters without triggering a
XSS attack.

This patch also adds DataTable's built-in HTML escaping for the query
and limits on the admin UI for the search filters.

Test plan:
0. Apply patch
1. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=SavedSearchFilters
2. Enable the system preference
3. Go to http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=e
4. Click "Save search as filter"
5. Checkbox "Show in staff interface?"
6. Type "E-TEST" into box and click 'Save'
7. Go to
http://localhost:8081/cgi-bin/koha/catalogue/search.pl?q=e
8. Click "E-TEST" under "Custom search filters"
9. Note that you see search results
10. Go to
http://localhost:8081/cgi-bin/koha/admin/search_filters.pl
11. Note that for "E-TEST" you see a "Query" like
{"operators":[],"operands":["e"],"indexes":[]}
12. Note that for "E-TEST" you see a "Limits" like
{"limits":[]}

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 4e32b761986f5de28df4f1125b5d16c6c2f24306)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34349: Validate/escape inputs for task scheduler

This change validates and escapes inputs for task scheduler.

Test plan:
0. Apply patch
1. koha-plack --reload kohadev
2. Go to http://localhost:8081/cgi-bin/koha/tools/scheduler.pl
3. Input a time a minute in the future and leave the date blank
4. Choose an existing report and output format
5. Type a malicious string which is also a valid email address
into the Email field
6. Click "Save"
7. Note that the job is added but the Email is wrapped in single
quotes
8. Try using a non-malicious email address with a single quote.
9. Note that the single quote is escaped, so that it will still
be used by runreport.pl

JD amended patch: tidy

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Removed pars for $email =~ regex, removed old commented lines.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit dcd698a4b4ed7f3a714ef35fe83c007fce9d52ae)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34513: (QA follow-up) Tidy

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 332b95b2507184e20cd70ddfb16c6f5a260d6dc0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34513: Add checkauth unit test for resetting auth state when changing users

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit abbbc5924de287a73c7d91c0f8ab70f8d7461508)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34513: Add end-to-end test for authorization check after first failed authorization

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit bb581fe78be9dacb9215366f3a54ab9b640f783f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34513: Set auth state correctly when changing auth sessions

This patch sets the $auth_state to failed when changing auth sessions,
so that the new login attempt gets processed correctly (instead
of skipping the authorization step).

Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?tab=&op=search&searchfield=baseurl
3. Log in as an OPAC user with 0 permissions
4. Note the auth screen "Error: You do not have permission to access this page"
5. Click "Log in"
6. Note that you're still shown a login screen (and that you've been logged out of
your previous authenticated session)

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 16da12cbbc200d9ef07a87ee7f9bdf8e61ae06f3)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34653: Make koha-foreach return the correct status code

I think the correct behavior for this script should be that koha-foreach
will return 0 (success) if all the commands it tried to run succeeded, but
1 (failure) if any of the commands failed.

To test:
1. $ koha-create --create-db test
2. $ vi test.sh
if [ $USER = 'kohadev-koha' ]; then
    echo "FAILED";
    exit 1;
else
    echo "SUCCESS";
    exit 0;
fi

3. $ debian/scripts/koha-foreach sh test.sh
FAILED
kohadev: 1 status returned by "sh test.sh"
SUCCESS
4. $ echo $?
5. Note that the exit status is 0 (success)

6. Apply patch

7. $ debian/scripts/koha-foreach sh test.sh
FAILED
kohadev: 1 status returned by "sh test.sh"
SUCCESS
8. $ echo $?
9. Note that the exit status is 1 (failure)

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit d9849aaa3aa777072c846526c772a896b5424cfb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34748: DBRev 23.05.03.005

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit a06396c2826c604fc9dfe79c22256b6d69edc415)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34748: Fix column name in columns configuration for basket table

The first column was named basket_number, but it's actually the
order_line.

To test:
* Edit column configuration for acquisition > basket
* Make sure to set at least one checkbox for 'basket_number'
* Apply patch, run database update
* Verify that the first column is now 'order_line', but your
settings have been preserved

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit f9f9c3a7faeba4a36e233d867019dad495a09c25)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 21828: build $bib_heading_fields only once per invocation

In UNIMARC instances, the run time of link_bibs_to_authorities.pl
can be reduced by up to 80% and the number of DBI calls
can be reduced by up to 90% with a very simple fix that
optimises the constructor of the C4::Heading::UNIMARC object.

Currently, the constructor resets the $bib_heading_fields hash
*in each invocation* (i.e. for every field the bibliographic
record contains), then populating it again with the results
fetched from the database! This is inefficient.

The patch/fix is trivial: we take advantage of the fact that
$bib_heading_fields is declared at the top of the
C4::Heading::UNIMARC module and is thus a package variable
that is in scope for the entire execution of the program
(more info here: https://stackoverflow.com/q/75317862).

Placing the section that generates the $bib_heading_fields
hash inside a "unless ( defined $bib_heading_fields )" code
block is enough to cause a significant reduction in the
number of "expensive" SQL SELECT queries that must be run.

Test plan:

0) Have a UNIMARC instance with some sample data (the KTD one
   will do just fine for this experiment).

1) Run the following commands:

    $ ktd --shell
   k$ DBI_PROFILE=1 ./misc/link_bibs_to_authorities.pl -t

   Observe the output from the script and the DBI profiling info.
   [You may want to play with different DBI_PROFILE levels (such as
   2, 4, 6, 8, etc.) to see what's going on under the hood DBI-wise,
   for reference see: https://metacpan.org/pod/DBI::Profile]

2) Apply this patch.

3) Rerun the script from step 1), it should run a lot faster!

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit fe18b0569298502dc20ca1322d919baab5526281)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34302: (bug 28653 follow-up) Do not refresh the table if an error happened

If checkin or renew failed, we should not refresh the table or it will
hide the error message.

Test plan:
Apply the DO NOT PUSH patch
Do a renew
=> No error in the table
Apply this patch
Do a renew
=> You see the error
Revert the DO NOT PUSH patch
Do a renew
=> The table is refreshed

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 7d80a1df25a1c4e726bcf148e1c2432ea8c9a007)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34835: Highlight logged-in library in patron searches fix for new staff interface

Since Bug 30952 the feature from Bug 10902 does not work anymore.
The class "currentlibrary" is there but no background color in CSS.
Bug 30952 removed it :
- background-color: #E6FCB7;

This patch restores this rule plus '!important' that is used by
class 'ac-currentlibrary'

Test plan:
1) Perform a patrons search
2) Check you see green background color for patrons with same branch as
currently logged in.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 9f59ea2f61a4660a9e1f5c27a2ecca33bea89b0b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34720: DBRev 23.05.03.004

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 2ff3b14e935f4ebe016ab4b1924c6cfb11064b4b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34720: Say if syspref has been inserted

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit cd79c78dbdbddb6b4de548b79975bc68828c4169)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34720: Fix bug 30403 atomic update

Bug 30403 had wrong syspref name in its
atomic update file. This patch fixes this in
db_rev 221200018.pl and adds new atomic
update file.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit d91ea53e901a5bacfb42aa3923e37186cb41c877)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34848: (QA follow-up) Resolve warn on useless constant

Useless use of a constant ("Dies if sip user cannot be found") in void context at t/db_dependent/SIP/Message.t line 582.

We should remove the comma..

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit b07842d243bd45b0c11fa7b4d0b02c0589ee44fb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34848: Fix SIP/Message.t if DB has been upgraded

There were a lot of failures (in the context of bug 34841)

t/db_dependent/SIP/Message.t .. 2/16
    #   Failed test 'Found AH field as timestamp in response'
    #   at t/db_dependent/SIP/Message.t line 820.

    #   Failed test 'Found AH field as SQL date in response'
    #   at t/db_dependent/SIP/Message.t line 825.
    # Looks like you failed 2 tests of 8.
t/db_dependent/SIP/Message.t .. 3/16

    #   Failed test 'Desensitize flag was set for patron category not in inhouse_patron_categories'
    #   at t/db_dependent/SIP/Message.t line 1133.
    #          got: 'N'
    #     expected: 'Y'

    #   Failed test 'Desensitize flag was set for empty inhouse_patron_categories'
    #   at t/db_dependent/SIP/Message.t line 1139.
    #          got: 'N'
    #     expected: 'Y'

Because renewalsallowed is 0 for upgraded DB, when it's 5 for new
install.

We need to set the value.

This patch also adds some missing transaction

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 4fd7857e3fcc0314aba2fe851082e6e125a16650)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34843: DBRev 23.05.03.003

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit aea9fce4b0320fa57bc729042286c655580735e3)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34843: Fix database comment inconsistency on toc_request

Bug 29093 had a dbrev without comment, but added comment to
kohastructure.

Test plan:
Check (or remove) comment on article_requests.toc_request.
Run dbrev.
Check if comment was added (if you removed).
Run t/db/Koha/Database/Commenter.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit f809c272af42864b48d2d650ba5ddd0cf03d6b06)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34054: Allow to embed biblio on GET /items

Test plan:
Request the /items REST API endpoint and ask for the biblio's info to be
embeded into the response passing x-koha-embed

curl -u koha:koha --request GET 'http://localhost:8081/api/v1/items' --header "x-koha-embed: biblio" --header "Content-Type: application/json"

Sponsored-by: BULAC - http://www.bulac.fr/
Signed-off-by: Andreas Roussos <a.roussos@dataly.gr>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 9afc411a150ab5bdf9337d73e82b2ac39e851e91)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34054: Add tests

Sponsored-by: BULAC - http://www.bulac.fr/
Signed-off-by: Andreas Roussos <a.roussos@dataly.gr>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit bd0380c272e83f7da60f24ab7205a65a693cab7d)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34846: Fix SIP/ILS.t if DB has been upgraded

t/db_dependent/SIP/ILS.t .. 12/15
    #   Failed test 'Renewal succeeded'
    #   at t/db_dependent/SIP/ILS.t line 346.
    #          got: '0'
    #     expected: '1'
    # Looks like you failed 1 test of 2.
t/db_dependent/SIP/ILS.t .. 15/15
#   Failed test 'renew'
#   at t/db_dependent/SIP/ILS.t line 348.
# Looks like you failed 1 test of 15.

Because renewalsallowed is 0 for upgraded DB, when it's 5 for new
install.

We need to set the value.

Test plan:
perl /kohadevbox/misc4dev/run_tests.pl --run-db-upgrade-only

prove t/db_dependent/SIP/ILS.t

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5f55775f402d4f4b56ab82426588b202d6f327ce)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34844: DBRev 23.05.03.002

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit aacbadb22f21dbb427e62ee2a2b6bb2da54012a7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34844: Add db update file

JD amended patch: tidy

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 7b46b319980cd236e85e75c88e8a1428e1bb8bbb)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34844: Add manage_item_editor_templates to userpermissions.sql

Test Plan:
1) perl /kohadevbox/misc4dev/run_tests.pl --run-db-upgrade-only; prove t/Koha/Auth/Permissions.t
2) Note failure
3) Apply this patch
4) perl /kohadevbox/misc4dev/run_tests.pl --run-db-upgrade-only; prove t/Koha/Auth/Permissions.t
5) Tests pass!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5d2f3ffe7d2dfb796a4ec7e0b4503a3266f3ee80)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34847: Fix t/db_dependent/Search.t

If 01e still exists then the test will fail with
Truncated incorrect DECIMAL value: '01e' at t/db_dependent/Search.t line 945

Test plan:
% perl /kohadevbox/misc4dev/run_tests.pl --run-db-upgrade-only
% prove t/db_dependent/Search.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit ca3243d00ff094c86fcd02406543b6b3d06627ee)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34880: (follow-up) Make condition more specific

To test (applies to both patches):

* Add a new basket as 'standing order' and with 'items created in cataloguing'
* Create an order line
* Receive shipment and create an invoice
* Receive your order
* Verify:
  * Quantity ordered: 1
  * Quantity received: 1 (pre-filled)
  * No item form on the right
* Confirm
* Receive error:
  Order X: No quantity to receive set. No items will be created.
* Verify no receive was processed (received orders remains empty)
* Apply patch
* Verify receive works as expected

Other possible combinations to test:

* Standing order, items on receive
* Standing order, items on order (no items are created)
* Standing order + order from subscription + any item setting (no items are created)
* No standing order + items in cataloguing
* No standing order + items on receive
* No standing order + items on order
* No standing oder + order from subscription + all item settings (no items are created)

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit e28ea9c4af380cae9b29b56ebe03ab0f244d2c47)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34880: Fix order receive for standing orders

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 9dd6fa2d8d015b16a60bb1f1cc6bda8dba3ce662)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34730: Add responsive behavior to more tables in the OPAC

This patch adds responsiveness to several DataTables which were not
updated in 32341. The patch removes the CSS-based responsive styling
which was previously used for these tables.

This patch also adds some additional configuration to the tables on the
user home page so that the title column is always prioritized when
DataTables collapses columns in narrow views.

To test, apply the patch and rebuild the OPAC CSS. Ideally this should
be tested with a user who has checkouts, overdues, holds, tags, and a
checkout history.

- Log in to the OPAC and test the user summary page. Check that each
  table adjusts well to narrow browser widths. In each case the column
  containing the title should never be hidden no matter how narrow the
  window:
  - Checkouts
  - Relatives' checkouts (requires that the user is a guarantor for a
    patron with checkouts and that the guarantee's account is set up to
    show checkouts to the guarantor).
  - Overdues
  - Holds
  - Article requests

The new places the responsive DataTables extension is being used:

- Checkout history
- Suggestions
- Tags (in the table of user-submitted tags)
- Most popular

Again, in each case the table should be responsive and the title column
should be prioritized so that it doesn't get hidden at narrow page
widths.

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 266194321453d096a1fd1a9f80195dfb77ad5258)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34760: Confirm session ID is set to save OPAC search history to logged in user

This patch confirms that a session ID has been set before trying to save search history to a logged in user on the OPAC.

This depends on EnableOpacSearchHistory system preference being enabled.

Apply the patch and test that you don't see an Error 500 page at any point through this plan:

1. Do an OPAC search, ensure you are not logged in
2. Confirm your search was saved to search history
3. Do another search, then log in
4. Confirm you are brought back to the search results after logging in
5. Confirm all search history from the session is visible

Sponsored-by: Toi Ohomai Institute of Technology
Signed-off-by: Salah Ghedda <salah.ghedda@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit e7707b768ba50f2128e8efc50378ec3117962a60)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 33734: Remove incorrect URL escaping on search filters

This patch removes an incorrect URL escaping on search filter
facet URLs.

Without this patch, search filters using non-ASCII characters won't
return results.

To test:
0. Apply patch
1. Enable SavedSearchFilters syspref
2. Search for "the"
3. Save as search filter (to show on both OPAC and staff interface)
4. Search for "ü" in staff interface
5. Apply the "the" filter
6. Note that search results appear
7. Search for "ü" in OPAC
8. Apply the "the" filter
9. Note that search results appear

Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 51e602e61cc5dc46188aa298f276e6410678fdf7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34732: (QA follow-up): tidy up code

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 703ecab2c6911175f673565249d7c0c6f13bbe56)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34732: For Code39, append or prepend asterisk if missing from barcode

This patch appends or prepends an asterisk on Code39 barcodes if
they are missing from the input. This is so that they form correct
Code39 barcode images.

Test plan:
0. Apply the patch
1. koha-plack --reload kohadev
2. Go to http://localhost:8081/cgi-bin/koha/labels/barcode-print.pl
3. Type 39999000001310 into "Barcode" and click "Show barcode"
4. Note that the barcode text on the right includes asterisks around it
5. Type *39999000001310 into "Barcode" and click "Show barcode"
6. Note the same as above
7. Type 39999000001310* into "Barcode" and click "Show barcode"
8. Note the same as above
9. Type *39999000001310* into "Barcode" and click "Show barcode"
10. Note the same as above

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 0f888f48fa0f839aa62eda7a457ed5c6f50c5a8a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34622: Fix store default query

Exclude self smtp server from all the servers being updated to not default if self is_default

Signed-off-by: Émily-Rose Francoeur <emily-rose.francoeur@inLibro.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6d54d2419f98d7d473c0a0ef888aea00be5f9eb7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: (follow-up) Restore missing statuses

At some stage we lost some of the core statuses. This patch simply
adds them back into the list.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 4e33042105435078222aab1b72a1e7a1d0a8ff56)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: (follow-up) Fix typo

Spelling typo fix

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 07a602d995db1aec4067a47116cfa5d91800747f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: (follow-up) Fix test

I missed a test case when doing follow-ups before.. this patch catches
that case and create the required authorized value to allow
ModSuggestion to succeed.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 078e98a7a35d6e5f598c51cd7c94b917f68128d1)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: (QA follow-up) Fix regression test

With the move to checking status during store, we broke the api
regression test introduced earlier in the patch set.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 8eb27c40e6fd771e8d4c2bff28cc1a45838af712)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: (QA follow-up) Moving Suggestion->STATUS check to Suggestion::store

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 40ca7aa06c166b005fda5b6ff38f4cbf20b3d081)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: (QA follow-up) Add tests for STATUS checking in Suggestion::store

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 672e8a9d715d144812329aeb07cea5c915c50377)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: (QA follow-up) Document possible values

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 54c8aa9471e83b380e455dafe2e8cbf208cb6f36)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: Suggestion API route when non 'standard' status are present

The API route for listing all suggestion:

/api/v1/suggestions

send back an error message when there is a suugestion with non standard
status (ASKED, CHECKED, ACCEPTED, REJECTED).

This patch fixes this too restrictive restriction.

TO TEST:

1. Add a status in SUGGEST_STATUS AV list.
2. Create a suggestion, and assign it to the previsous status.
3. Call /api/v1/suggestion
3. You get an error message:
   {
    "errors": [ {
      "message":"Not in enum list: ASKED, CHECKED, ACCEPTED, REJECTED.",
      "path":"\/1\/status"
    }],
    "status":200
   }
4. Apply the patch. Call /api/v1/suggestion

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 3dc9bf900bd666eb17272060e071422a35267ada)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32942: Regression tests

Having a custom status shouldn't cause issues

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit e13f68965efab9b5f25daf1ec9926386fd386800)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34789: (follow-up) Fix atomic update file

Atomic update file had a versioning issue - now changed to be compatible with older versions

Please backport

(cherry picked from commit b593f6b806c8f2ec000470b9221ffcdb22aa7ac6)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34694: Only check for IsAvailableForItemLevelRequest if is authenticated

- Go to circulation rules and set On shelf holds allowed to If all unavailable
- Log out
- Visit a bib record on OPAC:
http://localhost:8080/cgi-bin/koha/opac-detail.pl?biblionumber=76
- Notice it blows up with error 500
- Apply patch. Repeat

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 1742913a0522c589705c5e54ce13c6ef1c7463ea)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34740: Update sort options in ES config to by Yes/No

At some point the option for 'undef' was removed from te sort options
and was collapsed to yes/no

The dropdowns when adding a new field were missed, this patch corrects that.

While undef in a mappings file wil stil load, when saving we should not privde undef any longer

To test:
1 - Browse to bottom to add a new field on the 'Bibliographic records' tab in
Administration > Search engine configuration (Elasticsearch)
2 - Set sortable column to undef, set other columns and provide a valid field
3 - Click '+Add'
4 - Click 'Save'
5 - At top of page you receive an error:
An error occurred when updating mappings: DBIx::Class::Storage::DBI::_dbh_execute(): DBI Exception: DBD::mysql::st execute failed: Column 'sort' cannot be null at /kohadevbox/koha/Koha/SearchField.pm line 37 .
6 - Apply patch, restart all
7 - Add a new mapping, your only choices are Yes/No
8 - Save mapping
9 - Confirm it saves correctly

Signed-off-by: Salah Ghedda <salah.ghedda@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 5f6e1a1cf77dfc893de08b66840f2ea16abf1998)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 32048: Added clear cache routine to delete_holiday_range_repeatable

When adding and deleting holidays, holidays might return
unexpectedly.

To test:
1 - Enter a holiday repeated yearly on a range from the 1st of the month to the 5th
2 - Delete it
3 - Add a new holiday from the 20th to the 25th
4 - When saved, the holiday from the 1st to the 5th is also added again.
5 - Apply patch and restart_all.
6 - Repeat steps 1-3. Notice that the holiday from the 1st to the 5th is no longer added and it has properly been cleared from the cache.
7 - Sign off! :D

Signed-off-by: Salah Ghedda <salah.ghedda@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit d4be7b10aca91a5af3e9614f465429c78a28fb13)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34728: (QA follow-up) Remove o modifier, bit more compact

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit bda428399aa76057f0596883d5a619a27520a7c7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34728: Make pre tag conditional

This patch makes the pre-formatting of notice templates conditional on the content type.

Test plan:
1) Navigate to tools > Notices and slips
2) Edit the notice with the code of HOLD
3) Under print, paste the following
<p>Please collect within 10 days from the date of this letter and don't forget to bring your library card with you.</p>
<p>Be aware that opening hours vary at different library branches so if in doubt double check the times before you visit.</p>
<p>Should you no longer require this item please contact us so we can make it available for another customer.</p>

<p>Thank you</p>
4) Check the box that says HTML message and save the notice
5) In Patrons, select a patron and in Patron messaging preferences, check the box in the Email column for Hold filled
6) Find a record in the catalogue
7) Copy the barcode for one of the items
8) Place a hold on the item for the patron you selected
9) Navigate to Circulation > Check-in
10) Paste the barcode in the Check-in box and click Check-in
11) In the pop-up box, click Confirm hold
12) In the command line, run perl misc/cronjobs/gather_print_notices.pl --letter_code=HOLD --html /tmp
13) cd /tmp
14) There should be a file in there called 'notices_HOLD-date.html
15) cat this file
16) The html you pasted in the template will be wrapped in a <pre> tag
17) Apply patch and restart_all
18) rm the notices file that was created
19) cd /kohadevbox/koha
20) Select a new record from the catalogue and repeat steps 7-15 for this record, using the same patron
21) This time, the html file should not contain the <pre> tag
22) Sign off!

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit d947ae3c1a62a8abaabcba67d655084ecff8aa58)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34333: Add embed option for `cancellation_requested` for holds

This patch adds the `cancellation_requested` attribute to the hold
object definition, and allows embeding it as on the different holds
endpoints that migt be useful.

To test:
1. Apply this patches
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Hold.t \
           t/db_dependent/api/v1/*holds.t
=> SUCCESS: Tests pass!
3. Play with your REST tool (Postman?) on the following endpoints:
   GET http://localhost:8081/api/v1/holds
   GET http://localhost:8081/api/v1/patrons/:patron_id/holds
on both, pass and not pass the `x-koha-embed` header with
`cancellation_requested` on it.
=> SUCCESS: It is easy! You see the attribute and you don't, and the
content makes sense!
4. Sign off :-D

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 4ce7ce2a158d9c61ac176660e341b4111e76a2ca)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34333: Add Koha::Hold->cancellation_requested

This patch adds a helper method for telling if a hold has cancellation
requests. To be used for embedding such information.

To test:
1. Apply this patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/Koha/Hold.t
=> SUCCESS: Tests pass, the new method is covered by tests.
3. Sign off :-D

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 23cfdf97e379255139a6a3a73d74ee60f36aa5a2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34786: after_biblio_action hooks - No find when action is delete

Test plan:
Run t/db_dependent/Koha/Plugins/Biblio_and_Items_plugin_hooks.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit ac7581e90a79961a4de915f0592834eb9f2611c5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34613: Replace onclick attributes in midiplayer.js

This patch replaces the onclick attributes in midiplayer.js
with Javascript click handlers.

To test:
0. Apply patch
1. Clear browser cache (it may be necessary to go into the
   Network tab and explicitly disable cache)
2. Add 031 subfields 2gopnu to Default framework
3. Create a catalogue record with a 031 like follows:
2: pe
g: G-2
o: 4/4
p: 4bB''C2bE/2F4GbB/'bB2''C4D/F2.bE/4GG2bB/4'''C2C4''bB/4bE2G4bB/4bE2.F/
n: xFCGD
4. Enable the following sysprefs:
   OPACShowMusicalInscripts
   OPACPlayMusicalInscripts
5. Go to OPAC record view and click "Play this sample"
6. Play with the "Pause/Start" and "Stop" buttons
7. If the buttons work, it means the patch worked

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit a4bdd27fd9d953a8ae086a6f3e8b7960f9b7160b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 33876: Add class for styling

To test:
1. Checkout and item that has a public and nonpublic note.
2. In the checkout table ( Title column ) notice the notes display. If you use the browser dev tools to inspect you'll notice a "-" outside of any HTML element.
3. Apply patch.
4. See the '-' is now inside of a html element with class of seperator.

Signed-off-by: Sam Lau <samalau@gmail.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6091a938c1c148cbeab6ff27f5261c6fe64d1463)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34552: Don't exclude payments with no status

Bug 29664 removed payments with a void status, however, the query also
removed any payments with no status set

Test Plan:
1 - Set up your cash registers and enable POS and add a debit type that is able to be sold
2 - Take 2 payments via POS
3 - Void one payment
4 - Go to Reports->Statistics wizards->Cash register
4) Verify neither shows for the "All payments to the library" and
"Payment" transaction type filters
5) Apply this patch
6) Restart all the things!
7) Verify the non-voided fee shows for the "All payments to the library" and
"Payment" transaction type filters and the voided fee does not

Signed-off-by: Christopher Brannon <cbrannon@cdalibrary.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6ee6bea6bfee301146dc2f631480b227d237e43a)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34711: Remove use of onclick for opac-privacy.pl

This change removes the "onclick" attribute for the buttons
on opac-privacy.pl.

Note: The Javascript is placed in a separate file, which is
the preferred way for Javascript to be handled by
Content-Security-Policy

Test plan:
0. Apply the patch
1. Go to http://localhost:8081/cgi-bin/koha/admin/preferences.pl?op=search&searchfield=OPACPrivacy
2. Set syspref to "Allow"
3. Go to http://localhost:8080/cgi-bin/koha/opac-privacy.pl
4. The confirmation modal appears and "OK" and "Cancel" buttons work as
expected

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit c997fe863f70fa951c71dca73296ed1f497aeca7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34724: (QA follow-up):

Replace href from thumbnail link with a # to keep pointer event. The href link gets reconstructed by showCover anyway
Remove return false from on click event, its not triggering a location change anymore because of the above
Remove check for imagenumber, its a non-null primary key, if the image exists, then the imagenumber must also exist

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit bc8a0620012a79567c44d863c029a4b0025a2fbd)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34724: Remove inline onclick handler for opac-imageviewer.pl

This patch moves the click handler for thumbnails for opac-imageviewer.pl
out of the inline HTML and out to an existing <script> element.

Test plan:
0. Apply the patch (including dependent patches)
1. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?tab=&op=search&searchfield=localcover
2. Change both *LocalCoverImages sysprefs to "Show"
3. Go to
http://localhost:8081/cgi-bin/koha/admin/preferences.pl?tab=&op=search&searchfield=AllowMultipleCovers
4. Change "AllowMultipleCovers" to "Allow"
5. Go to
http://localhost:8081/cgi-bin/koha/catalogue/detail.pl?biblionumber=29
6. Click "Images (0)" tab
7. Download or make two JPEG images
8. Upload the images
9. Go to http://localhost:8080/cgi-bin/koha/opac-imageviewer.pl?biblionumber=29
10. See one large image in the centre and two smaller thumbnails on the right side
11. Click on the thumbnail of the image that isn't displayed in the centre
12. Note that the image changes
13. Click the other thumbnail and note that the image changes back

PA amended patch: Added missing test plan step

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 847b5f0777c51a56100108ac44351de8a81660e0)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34725: Remove use of onclick for OPAC cart

This patch moves the click handler in the OPAC cart from the inline HTML
and out to an existing <script> element.

Test plan:
0. Apply the patch
1. Go to http://localhost:8080/cgi-bin/koha/opac-search.pl?idx=&q=test&weight_search=1
2. Add the results to the cart
3. Click on the "Cart"
4. One by one click on the title of each row
5. Notice how the parent window changes to the detail record for that title

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 9e39d2d67135186b2202d42004b31f9fcfa9eb58)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34789: DBRev 23.05.03.001

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit b952d2eb9922ed1afc5c52a2706290f94bb83e03)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34789: (QA follow-up) Improve output of database update

* Adds description
* Adds column names to success messages

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit c1b344b002b3ff2471c72f18a9746f71f7900978)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34789: Update unit tests

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 4ec7c6a62ec12abe1ea092e0fbbdcc6e7ecee110)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34789: Update usage throughout Koha modules and Vue components

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 7d2ce611f71958d31b6b3592e305bea415e50ef5)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34789: DBIC file

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 6989d25df7dcb1bc1f4a9b2897b107c38a583053)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34789: Database and API update

Currently the erm_eholdings_titles table has a field called preceeding_publication_title_id. This should be preceding_publication_title_id

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit cf94eae1ff89d1c99604dd68429c77f7247aa9a7)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 33406: (follow-up) Mock SearchEngine to ensure using ES

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 766bdd638acbf8870c3f6eb21d03d8195040e54f)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 34719: Add middle_name to patron autocomplete

To test:
1. Apply patch and clear browser cache.
2. Find some patrons with middle_name populated or add new patrons with a middle_name.
3. Make sure PatronAutoComplete is on
4. Try searching for a part of one of the patron's names who has a middle_name.
5. It should appear in the autocomplete dropdown

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit a6c77f664c6b21b3d7c9ee4590a8b8b21a18a9b2)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 33406: (QA follow-up) Adjust tests and tidy

Rather than test that nothing is returned, we want to test that the terms are filtered as expected. This also avoids the possibility of the tests failing in a db where there is a record for Donald Duck

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 3d7b60dc90142b171b6aaa268bdf2abf917b3739)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 33406: Filter out some known isolated trouble makers

Test plan:
1) Launch k-t-d with ES:
-- ktd --es7 pull
-- ktd --es7 up
2) Visit /cgi-bin/koha/authorities/authorities-home.pl and search for 'tim'
3) Edit that, add a dash '-' to 100$a, like 'Bunce, Tim - name'"
4) Do a authority search for 'tim - name', notice it errors out
5) Apply patch
6) Perform the same search, notice it doesn't error and returns the correct record

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 27c6171222bf3abb5ed91e399bb2663579e8e367)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

Bug 33406: Handle ES search errors for authorities

We are dealing ok with ES exceptions for biblio records search,
catching them and raising them to the end user. But we don't for
authorities, where we explode with an ugly 500.

Test plan:
Search for "(term_1*) AND (-) AND (term_2*)" in the authority search and
notice that you don't get a 500 but an error instead saying that you
should try again

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 09b29d06da5fac2bd1315d849f1b9bf924576700)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>