Jonathan Druart [Mon, 17 Feb 2020 12:16:48 +0000 (13:16 +0100)]
Bug 24663: [19.11.x] Test OpacPublic for all OPAC scripts
Prior to this patchset there were 3 different calls to
get_template_and_user (or checkauth) with the authnotrequired param:
* authnotrequired => 0
* authnotrequired => 1
* authnotrequired => ( C4::Context->preference("OpacPublic") ? 1 : 0 )
The first one says that an unauthenticated user can access the page, the
second that the user has to be authenticated, and the last one that it
depends on the OpacPublic syspref.
Actually we must replace the first one with the third one, if the OPAC
is not public, the authentication must be forced.
To do so we are going to remove the "authnotrequired => 0" occurrences,
and check the OpacPublic syspref's value in C4::Auth
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Marcel de Rooy [Wed, 5 Aug 2020 13:48:59 +0000 (13:48 +0000)]
Bug 25360: (follow-up) Remove the https FIXME in Auth.pm
The FIXME is no longer valid since we fixed the X-Forwarded headers
for Plack. And since we do not even use using_https anymore in
the templates (see bug 21094).
Test plan:
Run Auth.t
Git grep for using_https
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
David Cook [Mon, 4 May 2020 01:12:26 +0000 (11:12 +1000)]
Bug 25360: Use secure flag for CGISESSID cookie when using HTTPS
This patch adds the secure flag to the CGISESSID cookie when using HTTPS.
This prevents the cookie being used again over a normal HTTP
request.
Bug 25360: [Follow-up] Test for "on" or "ON" value for HTTPS env var
This patch tests for HTTPS "on" or "ON" before setting the secure
cookie.
Bug 25360: [Follow-up] Fix typo in C4/InstallAuth.pm
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] Amended number of tests in Context.t Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Bug 23634: (QA follow-up) Our PUT is really a PATCH
This patch makes the controller not expect that there will always be all
the email fields. So it now checks if an email field was passed, and
changed, and renders the error if that stands.
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/patrons.t
=> FAIL: Tests written by Nick highlight a problem
2. Apply this patch
3. Repeat 1
=> SUCCESS: Problems solved
4. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Martin Renvoize [Tue, 19 Nov 2019 14:51:50 +0000 (14:51 +0000)]
Bug 23634: Prevent non-superlibrarians from editing superlibarian emails
This patchset prevents a non-superlibrarian user from editing a
superlibrarians email address via memberentry. This is to prevent a
privilege escalation vulnerability whereby a user could update a
superlibrarians contact details to match their own and then request a
password reset via the OPAC.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Nick Clemens [Wed, 24 Jun 2020 12:20:03 +0000 (12:20 +0000)]
Bug 25864: Lower case fields for searching
To recreate:
1 - Have Koha using ES5 and Elasticsearch as search engine
2 - Enable DumpTemplateVarsIntranet and DumpSearchQueryTemplate
3 - Do a search in authorities using 'Search entire record' (abduction if using sample db)
4 - Note no results
5 - View the page source and find 'search_query'
6 - Note the uppercased fields
7 - curl 'es:9200/koha_kohadev_authorities/data/417?pretty'
8 - Note all fields lower-cased
9 - Apply patch
10 - Repeat search
11 - It works!
Signed-off-by: Heather Hernandez <heather_hernandez@nps.gov> Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 2ab6018b6e14ae2153093db148f04f71405f4493)
Nick Clemens [Wed, 24 Jun 2020 12:22:48 +0000 (12:22 +0000)]
Bug 25864: Unit test adjustment
Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 579a3c11edf77d36488f352d88ae373cc4cbfa21)
Jonathan Druart [Tue, 26 May 2020 10:28:13 +0000 (12:28 +0200)]
Bug 25434: Display selections-toolbar on small screens
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4d9ca6b13d29acc088777e9df414aaa54be4e389)
Lucas Gass [Wed, 27 May 2020 21:35:16 +0000 (21:35 +0000)]
Bug 22672: Change <i> to <em> and <b> to <strong> in templates, includes, xslt
This patch attempts to replace <i> with <em> AND <b> with <strong> in
order to more accessible to screen readers. This patch makes no attempt
to change Font Awesome icons which typically use <i>. I found templates,
includes and XSLT by using 'git grep ‘<b>’
koha-tmpl/opac-tmpl/bootstrap/en/' and git grep ‘<i>’
koha-tmpl/opac-tmpl/bootstrap/en/
TEST PLAN:
There should be no visible difference on the changed pages. The files
changed are:
koha-tmpl/opac-tmpl/bootstrap/en/includes/holds-table.inc
koha-tmpl/opac-tmpl/bootstrap/en/includes/opac-note.inc
koha-tmpl/opac-tmpl/bootstrap/en/modules/clubs/enroll.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-auth-MARCdetail.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-authoritiessearchresultlist.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-browser.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-course-details.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-detail.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-downloadshelf.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-messaging.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-opensearch.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-overdrive-search.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-privacy.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-results-grouped.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-results.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-review.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shareshelf.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-shelves.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-user.tt
koha-tmpl/opac-tmpl/bootstrap/en/xslt/MARC21slim2OPACResults.xsl
koha-tmpl/opac-tmpl/bootstrap/en/xslt/NORMARCslim2OPACResults.xsl
koha-tmpl/opac-tmpl/bootstrap/en/xslt/UNIMARCslim2OPACResults.xsl
koha-tmpl/opac-tmpl/xslt/OAI.xslt
Read the changes and make sure everything looks correct, try to visit as
many pages as possible and confirm that everything looks as it should.
grep around for cases of <b> or <i> that I could have missed.
Signed-off-by: Timothy Alexis Vass <timothy_alexis.vass@ub.lu.se> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d3036d46ba4b26df040a25f960c3bc3081734c26)
Nick Clemens [Thu, 25 Jun 2020 10:38:16 +0000 (10:38 +0000)]
Bug 25875: Unit test
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit a804d4be437a5df3641f854a506642afe3501046)
Nick Clemens [Thu, 25 Jun 2020 10:38:26 +0000 (10:38 +0000)]
Bug 25875: Move check for module_bit and code to the JOIN
If we limit the JOIN to rows with the correct subpermission we won't
duplicate the returned patrons
To test:
1 - Give a patron full acquisitions permissions
2 - Also give them several subpermissions on other areas
3 - Go to Acquisitions
4 - Edit a fund
5 - Add a user to the fund
6 - Search for user above
7 - They return multiple times in results
8 - Apply patch
9 - Restart all the things
10 - Repeat search
11 - Patron appears once
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 721876785142fea84f02c7dbe4f325e2a605bd0f)
Owen Leonard [Mon, 22 Jun 2020 23:57:29 +0000 (23:57 +0000)]
Bug 25793: OAI 'Set' and 'Metadata' dropdowns broken by OPAC jQuery upgrade
This patch modifies the OAI XSLT file, correcting the path to jQuery
assets and adds a link to jquery-migrate.
To test, apply the patch and make sure the "OAI-PMH" system preference
is enabled.
1. Go to: <OPACBaseURL>/cgi-bin/koha/oai.pl?verb=ListRecords&metadataPrefix=marc21
e.g.
localhost:8080/cgi-bin/koha/oai.pl?verb=ListRecords&metadataPrefix=marc21
2. Click on the 'Sets' and 'Metadata' links. The corresponding
panels with set and metatdata information should be shown.
Tested against master, works as described. Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 23ed2e110e16f04a34c01ac866b470ec725b7522)
Slava Shishkin [Wed, 13 May 2020 17:20:27 +0000 (20:20 +0300)]
Bug 25491: Fix for "Use of uninitialized value" in InstallAuth.pm
This warning was thrown:
Use of uninitialized value $info{"invalid_username_or_password"}
in numeric eq (==) at /home/vagrant/kohaclone/C4/InstallAuth.pm
line 387.
There is the case when hash key can be undefined in numeric comparison.
Fixed by adding additional precheck for
$info{"invalid_username_or_password"} being Perl's "true".
To test:
1) Go to the first page of the web-installer where it asks to login.
2) Observe the warning in the log file.
3) Apply patch.
4) Repeat step 1.
7) Check that previous warning suppressed.
Mentored-by: Andrew Nugged <nugged@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d81438e143273a538c09cd16e7f92a83beed4027)
Jonathan Druart [Thu, 4 Jun 2020 10:12:23 +0000 (12:12 +0200)]
Bug 24986: Modify some borrowers DB fields to (TINY|MEDIUM)TEXT
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 16a5197aa9f96ee8a7fb6c63e15a6c7f9342f773)
Kyle M Hall [Thu, 18 Jun 2020 13:01:36 +0000 (09:01 -0400)]
Bug 25805: Return empty strings instead of undef in C4::SIP::ILS::Item::hold_patron_name
This bug is basically the same as bug 24966, but for hold_patron_name instead of hold_patron_bcode.
The subroutine hold_patron_bcode should always return an empty string, not undef.
Test Plan:
1) Using the SIP cli emulator, checkin an item that is not checked out
2) Note the DA field contains someting like "C4::SIP::SIPServer=HASH(0x88175c8)"
The hex number will almost certainly be different from this example
3) Apply this patch
4) Restart the SIP server
5) Run the SIP checkin again
6) Note the DA field is no longer present!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 017b67e6c52ab7b79a0187b1ca9fea220117f7ef)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 115eeada2b6f959997d21d0e0dd73606f1ca7324)
Emmi Takkinen [Thu, 19 Mar 2020 07:12:19 +0000 (09:12 +0200)]
Bug 4985: Fix Plack scope errors
This patch 'ours' several variables to fix Plack scope errors
in exceptionHolidays.pl.
This also adds '@holidays_list' as parameter to 'edit_holidays'.
Sponsored-by: Koha-Suomi Oy Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit ee3f5d5a85d93dc36d6bdeab5f092c0098d604e1)
Emmi Takkinen [Fri, 7 Feb 2020 10:43:54 +0000 (12:43 +0200)]
Bug 4985: Edit a calendar entry for all branches
This patch adds functionality to calendar tool to
make edits or deletes to all branches at once.
To test:
-Apply patch
-Add holiday for a library and copy it to all or some
libraries
-Edit previosly made holiday (edit, delete etc.) and
check out "Copy changes to all libraries." checkbox
=> Changes are made to all libraries sharing changed
holiday
Sponsored by: Koha-Suomi Oy
Signed-off-by: Christofer <christofer.zorn@ajaxlibrary.ca> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit ce2219425d9b97952f5904024fb7575a0809487b)
Owen Leonard [Wed, 10 Jun 2020 18:30:50 +0000 (18:30 +0000)]
Bug 22807: (follow-up) Update style of skip button
This patch updates the markup and style of the skip button, adapting
(i.e. stealing) the style of the skip link at https://webaim.org.
To test, apply the patch and rebuild the OPAC CSS:
https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client
Go to any page in the OPAC and hit the tab key. The "Skip to main
content" link should appear. Tabbing away from it should cause the link
to hide. Hitting the ENTER key when the link is highlighted should cause
the page to scroll to the main content.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 2e94cb26a8267df72f657fb7c1097d08318e8a21)
Martin Renvoize [Tue, 9 Jun 2020 13:10:53 +0000 (14:10 +0100)]
Bug 22807: Add 'Skip to content' option
This patch adds a 'Skip to content' link to the header bar which will
only appear upon the first use of 'tab' to navigate after any fresh page
load in the OPAC.
Test plan
1/ Load any page in the OPAC
2/ Hit the `tab` key
3/ Note the new 'Skip to main content' link appears at the top left of
the screen.
4/ Hit `Enter` or Click the button
5/ Note the page scrolls to the area of the page that has the first block
containing a .maincontent class.
6/ Note that the next available focusable element after the first .maincontent
block has been given focus.
7/ Note that the link has been hidden
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit c36560a1ad731af955c005306c2c2800057cd890)
Hayley Mapley [Wed, 10 Jun 2020 23:48:54 +0000 (11:48 +1200)]
Bug 25151: Fixing semantic headings in opac-basket.tt
Test plan:
1) Apply the patch
2) Add items to your cart/folder/basket
3) Open up the basket and check that the main heading is now an h1
4) Check that the page looks fine
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f002bd17105bab2d16aee8db8ed4f6d688192fc3)
Martin Renvoize [Thu, 11 Jun 2020 12:05:31 +0000 (13:05 +0100)]
Bug 25239: Fix semantic heading for opac-reserve.tt
Prior to this patch, the opac-reserve contained semantically incorrect headings.
Test plan
1/ Perform a search which yields some results in the OPAC
2/ Attempt to place a hold on an item.
3/ On the resulting screen, note that the headings are:
H1 (Koha page title) > H3 (Confirm holds for) > H5 (Hold levels)
4/ Apply this patch and reload the page
5/ Re-inspect the elements in question note the heading semantics are now:
H1 (Title of page) > H2 (Confirm holds for) > H3 (Hold levels)
6/ Note the appearance of the box is still reasonable
7/ Signoff
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 1a96ede5f114bd90fe1735702ca4bab77dfed9d4)
Martin Renvoize [Thu, 11 Jun 2020 12:23:32 +0000 (13:23 +0100)]
Bug 25154: Add heading where content is introduced in opac-results.tt
Prior to this patch, the search results page did not contain a
semantically accurate heading to introduce he main content of the page.
Test plan
1/ Perform a search in the OPAC that yields results
2/ Inspect the page and note that the 'title' stating how many results
are found is not semantically marked up as a heading to introduce the
content.
3/ Apply the patch
4/ Reload the page
5/ Inspect the page and note that the 'title' stating how many results
are found is now properly marked up as a second level heading and
appropriately designated as the start of the 'maincontent' block with an
associated '.maincontent' class.
6/ Perform a search which yields zero results
7/ Note that the 'No results found' title is properly marked up as a
second level heading.
8/ Signoff
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 972aeaa0143dcdedc7ae23314a72991d5e4a6490)
Martin Renvoize [Thu, 11 Jun 2020 10:54:22 +0000 (11:54 +0100)]
Bug 25236: Fix semantic heading for opac-full-serial-issues.tt
Prior to this patch, the opac-full-serial-issues side navigation box contained
semantically incorrect headings.
Test plan
1/ Search for a serial with many linked issues
2/ Navigate to the detailed view of that serial
3/ Click on the 'More details' link after all the listed issues
4/ Inspect the 'Refine your search' elements on the left side of the screen.
Note that the headings are H1 (Koha page title) > H4 (Refine your search)
3/ Apply this patch
4/ Reload the page
5/ Re-inspect the 'Refine your search' elements and note the heading
semantics are now H1 (Title of page) > H2 (Refine your search)
6/ Note the appearance of the box is improved and consistent with elsewhere
7/ Signoff
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0550e0b7f788b65b50ed4689d677600be3f9c7c2)
Martin Renvoize [Thu, 11 Jun 2020 10:44:53 +0000 (11:44 +0100)]
Bug 25236: Fix semantic heading for opac-topissues.inc
Prior to this patch, the opac-topissues side navigation box contained
semantically incorrect headings.
Test plan
0/ Enable 'OpacTopIssues'
1/ Navigate to the top issues page via the 'Most popular' link
2/ Inspect the 'Refine your search' elements on the left side of the screen.
Note that the headings are H1 (Koha page title) > H4 (Refine your search)
3/ Apply this patch
4/ Reload the page
5/ Re-inspect the 'Refine your search' elements and note the heading
semantics are now H1 (Title of page) > H2 (Refine your search)
6/ Note the appearance of the box is still reasonable
7/ Signoff
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 62795521eedc02e11bef520c8b980d480b7e02ae)
Martin Renvoize [Thu, 11 Jun 2020 10:37:26 +0000 (11:37 +0100)]
Bug 25236: Fix semantic heading for opac-facets.inc
Prior to this patch, the opac-facets side navigation box contained
semantically incorrect headings.
Test plan
1/ Perform a search which yields some results in the OPAC
2/ Inspect the 'Refine your search' elements on the left side of the
screen. Note that the headings are H1 (Koha page title) > H4 (Refine
your search) > H5 (Headings within 'Refine your search' box)
3/ Apply this patch and follow
https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client
4/ Reload the page (Flushing the cache to ensure the CSS change load)
5/ Re-inspect the 'Refine your search' elements and note the heading
semantics are now H1 (Title of page) > H2 (Refine your search) > H3
(Headings within 'Refine your search')
6/ Note the appearance of the box is still reasonable
7/ Signoff
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f88d56f689e514b47930d617049358fdf9b68608)
Martin Renvoize [Thu, 11 Jun 2020 11:15:21 +0000 (12:15 +0100)]
Bug 25238: Fix semantic heading for opac-details
Prior to this patch the opac-details view contained multiple h1 level
headings.
Test plan
1/ Perform a search in the OPAC that will yield results
2/ Navigate to any results detailed view
3/ Inspect the page and note that two H1 level headings are present
(Page title + Item title)
4/ Apply the patch
5/ Reload the page
6/ Inspect the page and ntoe that the 'Item title' is now a level 2
heading
7/ Note the page still appears nicely
8/ Signoff
Bonus points: Check with XSLT views enabled and disabled, MARC21,
UNIMARC and NORMARC variations.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 3e18402c240814d7f00a62c3f2359bd9b9d0a098)
Emmi Takkinen [Thu, 18 Jun 2020 06:36:55 +0000 (09:36 +0300)]
Bug 25789: Don't allow past date as holds expiration date
When editing existing holds expiration date it's possible to select
past date from datepicker. This patch changes expiration inputs class
as "datepickerto" to make past dates unselectable.
To test:
1. Find item with holds
2. Edit holds expiration date
=> Note that past dates are selectable
3. Apply patch
4. Edit again
=> Past dates are no longer selectable
Sponsored-by: Koha-Suomi Oy Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit c3365a35963742b294a4c8631b22aa34dac228d9)
Andreas Roussos [Mon, 15 Jun 2020 14:58:38 +0000 (16:58 +0200)]
Bug 25756: remove erroneous hyphen
In the Staff Client, the OPAC "Appearance" preferences table has an
extra, empty HTML table row at the end.
Test plan:
0) Observe the empty HTML table row at the end of the table that lists
OPAC "Appearance" system preferences.
1) Apply this patch.
2) Observe that the empty table row is now gone.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 251197ad73ba2be88ac2154db46748b58a0597f8)
Jonathan Druart [Fri, 5 Jun 2020 09:15:33 +0000 (11:15 +0200)]
Bug 25611: Use selected vendor when creating a basket
We did not take into account the vendor selected.
Test plan:
1. Choose Vendor
2. Create Basket
3. Assign a new vendor
Without the patch this new vendor is not changed
With the patch applied the vendor is changed
4. Edit the basket, change the vendor
Reported-by: Kelly McElligott <kelly@bywatersolutions.com> Signed-off-by: Rhonda Kuiper <rkuiper@roundrocktexas.gov> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit cd716269a7b2b1b6165154ea7e85844201402a8d)
Katrin Fischer [Fri, 1 May 2020 20:11:29 +0000 (20:11 +0000)]
Bug 11994: (follow-up) Make things work when LibraryName is empty
When LibraryName system preference was not set, the installation
of the plugin would fail with:
Firefox could not download the search plugin from: ...
Now if the pref is empty, the description 'Library catalog'
will be used instead.
To test:
- Empty your LibraryName pref
- Verify the search plugin can still be installed
(see first patch for further instructions)
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 1e0dd6d0783a66514fc92cc0a34ca0882a5ce62f)
Katrin Fischer [Fri, 1 May 2020 17:20:43 +0000 (17:20 +0000)]
Bug 11994: OpenSearch plugins needs to be delivered with Content-Type application/opensearchdescription+xml
https://developer.mozilla.org/en-US/docs/Web/OpenSearch
Your server should serve OpenSearch plugins using
Content-Type: application/opensearchdescription+xml.
To test:
- Verify the Content-Type the file is delivered with
is correct, for example using wget
http://127.0.0.1:8080/cgi-bin/koha/opac-search.pl?format=opensearchdescription
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f090c1d2cb9253d77c5bac3b8fa03c775af2f0f6)
Owen Leonard [Tue, 28 Apr 2020 14:41:47 +0000 (14:41 +0000)]
Bug 11994: Fix OpenSearch discovery in the OPAC
This patch corrects the markup for the OpenSearchDescription XML
document and adds (back) the link in the OPAC header which points to it.
This will enable compatible browsers to offer the addition of the OPAC's
keyword search as a search engine option.
I've found documentation suggesting this feature is available (or at
least was at one time) in Chrome and Safari, but in my test it only
works in Firefox.
To test, apply the patch and make sure the OPACBaseURL preference is
set correctly.
- Open the OPAC in Firefox (these instructions assume the latest
version, currently v.75).
- On the right side of the address bar you should see ". . ." Click it
to trigger the menu.
- You should see an "Add search engine" entry with your OPAC's icon.
- Click to add the search engine.
- Type a keyword to search in the address bar
- A box should pop up below the address bar showing icons at the bottom
for performing a search in various search engines. One of these icons
should be the icon for your Koha OPAC.
- Click the Koha OPAC icon and confirm that it triggers a keyword
search in your OPAC.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 0ef7b3db4cab73797ba3386b4951c0d86addf871)
Owen Leonard [Tue, 16 Jun 2020 19:48:48 +0000 (19:48 +0000)]
Bug 24352: Correct location and collection labels in OPAC search results
This patch modifies the OPAC's MARC21 search results XSLT so that
OPAC search result information is correctly labeled
based on the OpacItemLocation preference.
Previously, search results showed the label "Location(s)" whether the
setting was "collection code" or "location."
To test, apply the patch and set the OPACXSLTResultsDisplay system
preference to 'default.'
On the OPAC search results page, each result with items should show
information in this format:
With the OpacItemLocation preference set to 'call number only,'
- "Availability: Items available for loan: {library} [Call number:
{call number} ]
With the OpacItemLocation preference set to 'collection code,'
- "Availability: Items available for loan: {library}
Collection(s): {collection description} [{ call number }]"
With the OpacItemLocation preference set to 'location,'
- "Availability: Items available for loan: {library}
Location(s): {shelving location} [{ call number }]"
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 897948cff5812a67144355829cf8915af17465d0)
David Cook [Fri, 15 May 2020 04:55:49 +0000 (14:55 +1000)]
Bug 25509: Remove useless libjs-jquery dependency
We don't use the libjs-jquery package, so we should remove
the dependency.
To Test:
1) Build package (out of scope of test plan)
2) Install package
3) Note that libjs-jquery is marked by apt as no longer required
4) Remove libjs-jquery package from system and note how it
doesn't take koha-common with it
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 9e923e57ed18a104c33cc10a4704450ec4c71c28)
This patch fixes the libraries tests, that expected the old behaviour
To test:
1. Run:
$ kshell
k$ prove t/db_dependent/api/v1/libraries.t
=> FAIL: Tests fail
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit b115dfeca649f2f35e0290ead85f2626eabd0829)
Bug 25570: Paginate results by default in objects->search
This patch makes the helper paginate the resultsif no pagination
parameters are passed.
Page number defaults to 1, and the page size to the RESTdefaultPageSize
syspref value.
To test:
1. Apply the regression tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/REST/Plugin/Objects.t
=> FAIL: Pagination is not enforced by default
3. Apply this patch
4. Repeat 2
=> SUCCESS: Results are paginated
5. Sign off :-D
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 451ae76431d3d580494f917ed397f259cd96a876)
This tests verify that the default behaviour is to paginate the results.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/REST/Plugin/Objects.t
=> FAIL: $c->objects->search doesn't paginate results by default
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 2220ce4d50998bef1dcea787d212a287a802b0aa)
Kyle M Hall [Tue, 16 Jun 2020 12:00:45 +0000 (08:00 -0400)]
Bug 25769: Patron self modification triggers change request for date of birth to null
If PatronSelfModificationBorrowerUnwantedField contains dateofbirth, all
patron self modification requests will attempt to set dateofbirth to
null instead of ignoring the field.
Test Plan:
1) Add dateofbirth to PatronSelfModificationBorrowerUnwantedField
2) Run a patron self modification
3) Note the request sets dateofbirth to null on the staff side
4) Apply this patch
5) Restart all the things!
6) Run another self-modification
7) Note of the staff side that dateofbirth is unaffected
Signed-off-by: Emmi Takkinen <emmi.takkinen@outlook.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 73c421a5164a3af4b2b8e1001b49f29213a94e3a)
Jonathan Druart [Fri, 22 May 2020 09:02:39 +0000 (11:02 +0200)]
Bug 25553: Make date columns sortable on the edit items table
When editing items, the table at the top contain several columns that
have date values, but they cannot be sorted by dates correctly.
Test plan:
Have several items with different dates in columns that contain dates,
like items.dateaccessioned, items.datelastseen)
Sort the column and confirm that with this patch the lines are sorted
correctly
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 31800ba46b2ed03cc2e4431c4d3c56fce678a0ec)
Owen Leonard [Mon, 11 May 2020 19:17:57 +0000 (19:17 +0000)]
Bug 25447: Terminology: Fix button text "Edit biblio"
This patch changes the cataloging main page so that in the menu for
reach search result the "Edit biblio" link is now "Edit record."
To test, apply the patch and do a search in cataloging. In the list of
search results verify that the "Actions" menu contains a link labeled
"Edit record."
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 679dcd1574de88cb8b7002c5020e0b4488233943)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit f918bee5f612b3eef54bd81999373ed023e737b4) Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Aleisha Amohia [Wed, 24 Jun 2020 21:08:16 +0000 (09:08 +1200)]
Bug 25861: Removing non-existent 'important' field from SQL
Bug 17232 updated some SQL queries used when adding new MARC
bibliographic frameworks. When backported to 19.11.x, it referenced a
column `important` that does not exist in marc_tag_structure or
marc_subfield_structure in 19.11.x. This patch removes the references to
`important` so that adding new bibliographic frameworks works again.
To test:
1) Ensure you have checked out 19.11.x branch
2) Go to Admin -> MARC bibliographic frameworks
3) Add a new framework and save
4) Go to Actions -> MARC structure for your new framework
5) Use the 'create framework using' dropdown to import the structure
from an existing framework
6) Note that the structure does not populate, and there is now an error
in the logs "Unknown column 'important'"
7) Apply this patch and restart services
8) Repeat steps 3-5
9) Confirm the structure is populated correctly and there is no error in
the logs
Sponsored-by: Catalyst IT Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
David Roberts [Sat, 9 May 2020 16:07:03 +0000 (16:07 +0000)]
Bug 22470: Missing the table name on misc/migration_tools/switch_marc21_series_info.pl
This patch adds the table name to the SQL update statements.
To test:
1) Apply the patch
2) Run the script. Check that there are no errors, and that the script
behaves as expected.
Signed-off-by: Andreas Roussos <a.roussos@dataly.gr>
Created a test record with values in field 440. Applied the patch, ran the
script with the -c -f flags and observed that the values were moved to field
490. Also, the relevant Koha to MARC mappings were changed accordingly.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 051b0b8d2fb3dc3593147e5ac80bc394dcf48e58)
Bug 25394: Cronjob path in the AuthorityMergeLimit syspref description is wrong
Test plan:
1- Apply patch
2- Go to Administration > Global system preferences > Authorities
3- The path to merge_authorities.pl in the AuthorityMergeLimit
description should now read misc/cronjobs/merge_authorities.pl
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 772205bab5c7d6720ca6d25244c04cdf7649a96f)
Kyle M Hall [Thu, 21 May 2020 17:52:32 +0000 (13:52 -0400)]
Bug 25537: Page reload at branchtransfers.pl loses destination branch
At branchtransfers.pl, one selects a destination branch and scans in any
number of items to generate transfers to that branch. However, anything
that makes the page reload causes your branch selection to be lost,
reverting you back to whichever branch comes first alphabetically.
This is an invitation to error when one has a stack of books to
send all to the same branch. Could that error handling get moved
into a modal or something that won't reload the page?
Test Plan:
1) Place a hold on an item and set it to waiting
2) Initiate a branch transfer from branchtransfers.pl for any branch but
the first in the pulldown branch selector
3) Choose to cancel the hold and transfer
4) Note the pulldown reverts to the first option
5) Apply this patch
6) Repeat steps 1-3
7) Note the pulldown retains your preveiously selected branch!
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 8ab8df3866352568509ed34f02a5566e750dee21)
Jonathan Druart [Fri, 22 May 2020 08:23:55 +0000 (10:23 +0200)]
Bug 25576: Add link to the manual for the ILL module
Test plan:
Enable ILLModule system preference.
Go to ILL requests
Click Help
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 50b6e447735ee31a2fbba5b116959cdb6d451c19)
Petro Vashchuk [Fri, 22 May 2020 15:11:28 +0000 (18:11 +0300)]
Bug 25587: fix for "clear" button to reset all selects
Button "clear" on cgi-bin/koha/admin/smart-rules.pl did not reset fields
with a dropdown selector except the first one.
This happens because jQuery selector .find("select option:first")
in koha-tmpl/intranet-tmpl/prog/en/modules/admin/smart-rules.tt
selects only single first element in the whole group, as from jquery
doc:
> The :first pseudo-class is equivalent to :eq( 0 ). It could also be
> written as :lt( 1 ). While this matches only a single element,
> :first-child can match more than one: One for each parent.
> (https://api.jquery.com/first-selector/)
And it works if replaced by: .find("select option:first-child")
To reproduce:
1) Go to /cgi-bin/koha/admin/smart-rules.pl
2) Start editing one of existing rules or filling a new one, change
all selects to have non-first option selected. Fill text input
fields with sample data.
3) Reset all fields with the "clear" button.
4) Observe that only the first dropdown field was reset to the first
option while all others still contain previously given values,
meanwhile all text input fields are cleared as expected.
5) Apply the patch.
6) Repeat steps 1, 2 and 3.
7) Check that all dropdown fields were reset to first option, as
expected.
Mentored-by: Andrew Nugged <nugged@gmail.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 58c389bf279ca6ffdea199ada8d65ce92baaf952)
Jonathan Druart [Thu, 28 May 2020 10:11:37 +0000 (12:11 +0200)]
Bug 25615: Remove empty entries in the filter dropdowns of "holds to pull"
On the "Holds to pull" view there are filters that are built on the
value of the cells.
Bug 22536 improved the ergonomic by adding a ul list, but the filters
are now broken, the ul and li tags are retrieved and put in the filter
list.
The idea of this patch is to remove the HTML tags and skip if the value
is then empty.
Test plan:
Place a hold on an item
Go to Home › Circulation › Holds to pull
Open the "libraries" filter
=> Without this patch you see empty entries
=> With this patch the filter contain only the libraries
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4f70682c56dddd42f24c62d7634f5cd3b7119702)
This patch adds a missing transaction wrapping one of the subtests. This
is probably an oversight when refactoring this file.
To test:
1. Open the patron categories page
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass
3. Reload the patron categories page
=> FAIL: There's random data in there
4. Apply this patch and repeat 2
5. Reload the patron categories page
=> SUCCESS: The random data from the previous tests is still there, but
no new random data
=> SUCCESS: Tests still pass
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f898cef4f4b5a9f424f968a58b96898f26f80035)
Bug 25675: Reword and reorganize sysprefs related to patron self modification
To Test:
1: apply patch
2: restart all
3: go to System Preferences > OPAC
4: confirm "Self registration" section is now labeled "Self registration and modification"
5: confirm OPACPatronDetails is now in the "Self registration and modification" section
6: confirm PatronSelfRegistration now reads "(Allow / Don't allow) library patrons to register for an account via the OPAC."
7: set OPACPatronDetails to Don't allow
8: set PatronSelfRegistration to Allow
9: log into the opac and verify you're not able to edit your patron details on an existing account
Signed-off-by: DonnaB <donna@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 3e4b92d84c50bee27b2f331e5fbbc04813e469bb)
David Cook [Tue, 9 Jun 2020 05:38:27 +0000 (15:38 +1000)]
Bug 25696: Correct "Test prediction pattern" HTML button
This patch corrects the closing tag for the "Test prediction pattern"
button from "</a>" to "</button>"
Test plan:
1. Apply the patch
2. Create a serial subscription from a new or existing bib record
3. Choose any frequency, numbering pattern, and subscription start
date you choose (ie fill out all mandatory subscription fields)
4. Click "Test prediction pattern"
5. Note that the prediction pattern appears on the right of the screen
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 4116ca4097732977d7b954a881f191174c28d651)
Jonathan Druart [Wed, 20 Nov 2019 14:40:10 +0000 (15:40 +0100)]
Bug 23276: Do not display tag if pref TagsEnabled is off
If the pref TagsEnabled is off we should not display the tags at the
OPAC.
There is a message to tell that tags system is disabled, but the tags
are displayed.
We should redirect to 404 like we do in opac-topissues.pl and
opac-suggestions.pl.
Test plan:
- Turn TagsEnabled on
- Add some tags
- Turn TagsEnabled off
- Hit /cgi-bin/koha/opac-tags.pl
=> Without this patch you see a warning messaging saying that the tag
system is disabled, but the tags are displayed
=> With this patch you get a 404 redirect
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 6fc316d2eef5945b20a14bec81e2daa57696dd81)
Bug 25327: Do not call authenticate_api_request to render the spec
The original code for Koha::REST::V1::Auth::under called
authenticate_api_request when requesting the API spec. This didn't make
sense, and recent changes on what conditions are tested for public
routes, broke the route.
We could add another condition, but it really doesn't make sense to call
authenticate_api_request if it should be publicly available in any
configuration, as discussed on the bug.
This patch adds a trivial check and the requested route, and lets the
request through in any case in 'under'.
To test:
1. Point your browser to:
http://kohadev.myDNSname.org:8080/api/v1/
http://kohadev.myDNSname.org:8080/api/v1/.html
=> FAIL: In both cases you get an authorization error.
2. Apply the regression tests patch
3. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth.t
=> FAIL: The tests reflect the situation, and fail
4. Apply this patch
5. Repeat 1 and 3
=> SUCCESS: All good!
6. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
This patch makes the API set more userenv params than just the
borrowernumber. To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_*
=> SUCCESS: All tests pass
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Bug 24003: (follow-up) Move interface setting to a more readable place
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Bug 24003: Make the API set userenv on authentication
This patch makes the authentication step stash the user that got
authenticated so code outside the Mojo part of Koha can use it (i.e.
through the use of C4::Context->userenv).
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
This patch adds regression tests for the different authentication
mechanisms Koha supports. It highlights the fact that Koha expects
userenv to be set on authentication.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Bug 25411: Add special handling for public plugin routes
This patch implements the required logic in the API code so plugins are
not affected by the new RESTPublicAnonymousRequests system preference.
It is up to the plugin develpers to handle this
To test:
1. Apply the tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/REST/Plugin/PluginRoutes.t
=> FAIL: Notice the tests fail
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! Yay! Not bad for a friday evening!
5. Sign off :-D
Sponsored-by: ByWater Solutions Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
This patch tweaks the OpacPublic system preference description so users
don't expect, incorrectly, this syspref to disable the public API
anonymous access.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 3d3a07c5ee0098c3fe504009144b5c0545c0e75f)
Bug 25045: Allow restricting anonymous requests on the public API
This patch introduces a check on the authenticate_api_request method for
the RESTPublicAnonymousRequests system preference. If disabled,
anonymous requests get rejected.
The idea is to replicate the homologous OpacPublic system preference
behaviour.
To test:
1. Apply the Unit tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail, 200 is answered instead of 401 on the route.
3. Apply this patch
4. Repeat 2.
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit ec99043a2ede2f994dae72ee2f68884174f94d4c)
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 78cb447c7cd13bd37a48f7b3e2d2aa47b5d7b4d9)
Bug 25045: Add the RESTPublicAnonymousRequests syspref
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 5394e8443fcba3e307c4add97bef1216fcaa2b11)
This patch introduces code to detect (cookie) annonymous sessions and
act as expected.
Right now, as check_cookie_auth is not passed the required permissions
(because there aren't always required permissions, and the code to check
permissions is shared with other authentication mechanisms) it returns
'ok' and the session id. This use case was overlooked when this was
coded, and yeilds unexpected error codes (500) when the user logs out
and the annonymous session cookie is used to hit the API. The end result
doesn't pose any security issue (i.e. the resource access is rejected)
but the returned error code is not correct and should be fixed.
This patch verifies for an anonymous session (and avoids querying the
corresponding patron) and then verifies if there is an authorization
config on the route and if the patron object is defined.
To test:
1. Apply the tests patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail, 500 instead of the expected 401
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Repeat the original 'steps to reproduce' from the bug report using
the browser
=> SUCCESS: Problem solved!
6. Sign off :-D
Sponsored-by: ByWater Solutions Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit de07356028d5b98af3a7cd7cbae02a7ad6402a43)
This patch introduces tests for the expected behaviour on API routes
that expect a logged in user, but the request is made with an anonymous
session cookie.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/api/v1/auth_authenticate_api_request.t
=> FAIL: Tests fail because the situation is not handled correctly in
the code
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 0547ad34dfe01ca7d7660df59e29bc30fdf3cf1d)
Katrin Fischer [Fri, 22 May 2020 23:22:53 +0000 (01:22 +0200)]
Bug 25507: Fix table in basket group PDF German 2-pages
A variable was doubled up which made the columns in the
table of orders no longer line up (different number of headers
to columns).
To test:
- Create at least one basket with one or more orders
- Close the basket
- Add the basket to a basket group manually or let Koha do it
on closing
- Change the OrderPdfFormat system preference to 'German 2-page'
- Go to the basket group page and print the PDF of the basket
- Verify the table of orders doesn't look right and runs outside
the page
- Apply patch
- Repeat the PDF print - now table should look right
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 7de78ab092f7355a15de60e9a2842d9577777581)
Bug 25521: Remove cart_to_shelf note from NewItemsDefaultLocation syspref
To test:
1- find the NewItemsDefaultLocation syspref
2- confirm it says "NOTE: This system preference requires the misc/cronjobs/cart_to_shelf.pl cronjob. Ask your system administrator to schedule it."
3- apply patch
4- restart all
5- reload syspref, it doesn't say that anymore!
Signed-off-by: Holly Cooper <hc@interleaf.ie> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit d21ad9fe11bdbd8c49eb3d64bb24c414bea8a1f7)
Katrin Fischer [Sat, 30 May 2020 00:56:04 +0000 (00:56 +0000)]
Bug 25545: (follow-up) Fix capitalization
Total + Adjustments + Shipment cost ($)
changed to:
Total + adjustments + shipment cost ($)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit f98f2edf0a1515ce727e670ecaecd4f9295f34cb)
Nick Clemens [Wed, 27 May 2020 10:38:03 +0000 (10:38 +0000)]
Bug 25545: Add adjustments to total tax included
Adjustments are not affected by tax, they are meant as a way to alter invoice
values after receiving (damaged items, refuneds, extra charges, etc)
When adjustments were added the tax included column was missed
To test:
- Add a basket with at least one order
- Close it
- Receive shipment
- Receive the order
- Finish receiving
- Add an adjustment of any amount
- Verify in the invoice details table:
- Total tax exc. is showing including the adjustmnt
- Total tax inc. is missing the adjustment
- Apply patch
- Reload
- Total tax exc. is showing including the adjustmnt
- Total tax inc. is showing including the adjustment
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 286a739b5cd906a55b2dc97e6ab1ef9ffb00a6f7)
David Cook [Mon, 25 May 2020 06:25:06 +0000 (16:25 +1000)]
Bug 25597: Add missing Javascript libraries to sco printslip
This patch adds missing Javascript libraries to the self-checkout
print slip. These missing libraries were preventing the auto print
prompt and close. There was also a font error.
To Test:
0) Apply patch
1) Turn on system preference SelfCheckReceiptPrompt
2) Check out item via /cgi-bin/koha/sco/sco-main.pl
3) Click "Finish"
4) Press F12 on keyboard and choose Console
5) Note no Javascript errors
6) Note that print dialog appears and closes after
a print option is chosen
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Alex Arnaud <alex.arnaud@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 8e00a96cf17f9c429050ce2ce5e3095fe566121a)
Nick Clemens [Wed, 10 Jun 2020 10:58:25 +0000 (10:58 +0000)]
Bug 25701: Remove sort on removed field
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
(cherry picked from commit 35bb41dfc14603d85a6ddb85fec9b4de8d1a4001)