Marcel de Rooy [Thu, 16 May 2024 07:19:30 +0000 (07:19 +0000)]
Bug 36875: Do not pass unsanitized language to $page->translated_content
Test plan:
Try to access opac-page.pl with a language not in OPACLanguages.
Verify that this 'language' was not passed to sql. Simplest perhaps
by debugging AdditionalContent.pm. Something like:
sub translated_content {
my ( $self, $lang ) = @_;
+warn "L137: $lang";
Now have a public additional_contents page and hit it:
/cgi-bin/koha/opac-page.pl?page_id=5&language=badsql
Check your log and find:
[2024/05/16 07:25:53] [WARN] L137: en at [etc] line 137.
So badsql was caught.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 1a9e3647095eaf9563db59bd8b3a759a0875cc39) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Wed, 8 May 2024 22:41:43 +0000 (22:41 +0000)]
Bug 36818: Escape characters in file names uploaded
To test:
1/ create a file named something like 'execute`curl blog.bigballofwax.co.nz`.zip'
Where the domain is one you can watch the logs from
2/ Upload this file as a cover image
3/ Check /var/lib/koha/sitename/tmp/koha_sitename/ and see unescaped filenames
4/ Choose process, check the logs of the webserver see the connection has been made
5/ Apply the patch
5/ Repeat 2 & 3 and see the filename is now escaped
6/ Choose process and check no errors but no no remote execution occurs
7/ Test uploading actual zip file and images still works
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 14bdaae3f257a321f8ec0d32c6b1e9bc6ed6033d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Chris Cormack [Mon, 13 May 2024 02:26:13 +0000 (02:26 +0000)]
Bug 36520: Sanitize input in opac-sendbasket.pl
To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+- to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent
Signed-off-by: Amit Gupta <amit.gupta@informaticsglobal.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 2f3f42ba98b698871bc473d65a14b5e89d0ae86c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Mon, 13 May 2024 12:47:28 +0000 (14:47 +0200)]
Bug 36520: Prevent SQL injection in GetPreparedLetter
Actually in _get_tt_params
The following query will delay the response
SELECT `me`.`biblionumber`, `me`.`frameworkcode`, `me`.`author`, `me`.`title`, `me`.`medium`, `me`.`subtitle`, `me`.`part_number`, `me`.`part_name`, `me`.`unititle`, `me`.`notes`, `me`.`serial`, `me`.`seriestitle`
, `me`.`copyrightdate`, `me`.`timestamp`, `me`.`datecreated`, `me`.`abstract`
FROM `biblio` `me`
WHERE `biblionumber` = '1) AND (SELECT 1 FROM (SELECT(SLEEP(6)))x)-- -'
ORDER BY field( biblionumber, 1 ) AND (
SELECT 1
FROM
SELECT SLEEP( 6 ) x
) -- - )
To test
1/ Add some items to your cart in the opac
2/ Choose send cart
3/ Open firefox developer tools and switch to the network tab
4/ Send cart
5/ In the network tab, find the post request and choose copy as curl
6/ Edit the curl command to add )+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))x)--+- to the bib_list parameter
7/ Run the curl notice it takes a long time to respond, if you want to check run the curl without the above part added
8/ Apply the patch and restart plack
9/ Run the modified curl and notice no longer the slow down
10/ Test in browser and make sure the basket is still sent
Signed-off-by: Chris Cormack <chris@bigballofwax.co.nz> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit 0b3c98b0ba01ea5c886ecfe8eef174b5b7c6ec25) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Wed, 24 Apr 2024 15:06:22 +0000 (15:06 +0000)]
Bug 36575: Adjust checkpw_internal to return patron
This patch refactors checkpw_internal to remove the SQL code, use patron ojbects, and return the
patron that correctly matches the userid/caerdnumber when auth is successful
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit fe78f06a50c41a7dbac24206e31bc5b1189ee185) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Thu, 11 Apr 2024 10:18:30 +0000 (12:18 +0200)]
Bug 36575: (QA follow-up)
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit fffc5600cad077e8b4d8d5211263f1935c5b07cd) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Thu, 11 Apr 2024 09:39:03 +0000 (09:39 +0000)]
Bug 36575: Return correct patron when there is a shared userid / cardnumber
This patch moves some patron fetching code in C4/Auth to use to patron returned from the validation
methods and only try to fetch the patron (to check if locked, update attempts, etc) if we didn't authenticate
To test:
1 - Set a user to have userid = BANANA password = Password1
2 - Set a user to have cardnumber = BANANA password = Password2
3 - Hit the patron authentication API:
http://localhost:8080/api/v1/auth/password/validation
with data:
{ "identifier": "BANANA", "password":"Password1" }
and:
{ "identifier": "BANANA", "password":"Password2" }
4 - Note you receive the same response for both
5 - Apply patch, restart all
6 - Repeat the API and confirm you get the correct patron for the password submitted
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
(cherry picked from commit ff4e0c4293486d2db31d2f48d9f6f31d6470965a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Thu, 6 Jun 2024 06:30:37 +0000 (07:30 +0100)]
Bug 36986: (follow-up) Ensure idempotency
MySQL/MariaDB checks the primary key/unique constraint before WHERE
clause when performing an UPDATE. As such, the lack of AutoLocation
existing will not prevent a failure on a second run of the update.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit 73634e93fd044d68e6415601ebeab7dbcca5286e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Wed, 5 Jun 2024 17:10:33 +0000 (18:10 +0100)]
Bug 36986L (follow-up) Ensure idempotency
MySQL/MariaDB checks the primary key/unique constraint before WHERE
clause when performing an UPDATE. As such, the lack of AutoLocation
existing will not prevent a failure on a second run of the update.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit dc2388281c8e0e9c11ee5829cf09b7737a2f1c6c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Wed, 29 May 2024 15:29:21 +0000 (17:29 +0200)]
Bug 36986: (Bug 26176 follow-up) Fix rename StaffLoginBranchBasedOnIP in BDRev
Test by running upgrade from 23.11.00 to main
Check you see :
Upgrade to 23.12.00.061 [15:34:36]: Bug 26176 - Rename AutoLocation and StaffLoginBranchBasedOnIP system preferences
Renamed system preference 'AutoLocation' to 'StaffLoginRestrictLibraryByIP'
Renamed system preference 'StaffLoginBranchBasedOnIP' to 'StaffLoginLibraryBasedOnIP'
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
(cherry picked from commit ebd4aa682796b8ac4666e948e7c55fde4d91ad2d) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Tue, 21 May 2024 13:44:47 +0000 (13:44 +0000)]
Bug 26176: Rename AutoLocation to StaffLoginRestrictBranchByIP
This patch sets AutoLocation to be called StaffLoginRestrictBranchByIP.
The new name is chosen to reflect the new pref StaffLoginBranchBasedOnIP.
Also this patch corrects the order of sysprefs in installer file.
To test:
Follow test plans on bug 36665 and bug 35890 and confirm that the preferences
continue to work as expected
Confirm the descriptions of the prefs in the staff interface match the behaviors expected
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8b2bdf6ee5a18e247e98d67d7e81605cc45542c6) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Pedro Amorim [Fri, 3 May 2024 14:22:13 +0000 (14:22 +0000)]
Bug 34263: (QA follow-up): Use flatpickr .clear instead
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 1137793e44ce6b5d2a4e7759e46218f6ddeb9e8b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Katariina Pohto [Thu, 2 May 2024 13:09:39 +0000 (16:09 +0300)]
Bug 34263: Suspending holds consecutively populates previously used date falsely
Suspending a hold doesn't clear the date from the date picker. When another hold is suspended
the previously used date will show on the date picker but the value is not set on the hold.
Suspending the hold will suspend it indefinitely. Also the link "Clear date to suspend indefinitely"
will not clear the date picker. This patch will make both the Suspend button and the Clear date link
clear the dates from both the date picker and the variable passed on, making the suspending consistent
with what is seen on the date picker.
Test plan:
1) Place 3 holds on a patron.
2) Suspend a hold and set a date for it.
3) Suspend a second hold and notice the previously used date is shown on the date picker.
Note that the hold will be suspended indefinitely.
4) Open the suspending window for the third hold and pick a date. Click "Clear date to suspend indefinitely"
and note the date picker doesn't get cleared. The hold will be suspended indefinitely.
5) Apply patch.
6) Suspend a hold and set a date for it.
7) Suspend a second hold and notice the date picker does not have a preset date.
8) Pick a date and clear it with the "Clear date to suspend indefinitely link".
See that the date picker also gets cleared.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 0f0479e87aaa324b455fbbf40674f15e2fa862c0) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Wed, 22 May 2024 12:01:28 +0000 (14:01 +0200)]
Bug 36923: Remove warnings from Holds/LocalHoldsPriority.t
t/db_dependent/Holds/LocalHoldsPriority.t .. 1/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. 2/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. 5/7 Use of uninitialized value in numeric gt (>) at /kohadevbox/koha/C4/Reserves.pm line 866.
t/db_dependent/Holds/LocalHoldsPriority.t .. ok
All tests successful.
We didn't have the default values generated by the DBMS
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 6827c9061ffc57c2e1f7087aced8ce2e65196558) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
1) Add a new patron attribute type, visit:
<staff_url>/cgi-bin/koha/admin/patron-attr-types.pl?op=add_attribute_type
2) Add a code and a description (whatever) - Make it 'Display in OPAC' and 'Editable in OPAC'
3) Access OPAC patron personal details page, visit:
<opac_url>/cgi-bin/koha/opac-memberentry.pl
4) Scroll down and add some info to 'whatever'. Click 'Submit update request'.
5) Visit the INTRA 'update patron requests from opac' page:
<staff_url>/cgi-bin/koha/members/members-update.pl
6) Notice the entry is there. Select 'approve' and click "Submit"
7) Repeat 3)
8) Scroll down and notice the approved value is there. Clear that data and "Submit update request" (as if you're requesting for that data to be removed/cleared)
9) Repeat 5)
10) Notice there's an entry, and it is not empty. Select 'approve' and click "Submit"
11) Repeat 3)
12) Scroll down and notice the request to update (clear) that field did go through, i.e. the data is not there anymore.
Also test self-registration and mandatory attributes
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f4e999bb9f9a714eedc5bac22dd6902abe288af1) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Wed, 22 May 2024 08:31:29 +0000 (10:31 +0200)]
Bug 36916: Do not generate invalid JS or CSS from TestBuilder
TestBuilder generates random strings for branches.opacuserjs and branches.opacusercss which produces invalid JS and CSS.
Selenium has several warnings related to this:
koha-selenium-1 | JavaScript error: http://koha:8080/cgi-bin/koha/opac-user.pl, line 1744: ReferenceError: CLYxPjQ152 is not defined
koha-selenium-1 | JavaScript error: http://koha:8080/cgi-bin/koha/opac-search.pl, line 2069: ReferenceError: CLYxPjQ152 is not defined
koha-selenium-1 | JavaScript error: http://koha:8080/cgi-bin/koha/opac-reserve.pl, line 1351: ReferenceError: CLYxPjQ152 is not defined
Because of the following in the DOM
<script>
CLYxPjQ152
</script>
This patch suggests to set to an empty string by default, to prevent random failure or inconsistent behaviours when testing the UI.
Test plan:
Run t/db_dependent/selenium/authentication.t and watch the selenium
output.
With this patch applied you will not see the "JavaScript error" lines
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit a51b46d4bab2989486ea0be05e130066c666fa50) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Phil Ringnalda [Thu, 16 May 2024 20:54:41 +0000 (13:54 -0700)]
Bug 36589: Advanced cataloging - restore the correct height of the clipboard
A simple direct fix for the height of the advanced editor's clipboard,
which is a <select size="10"> that's currently cut down to the height of
one thick line by CSS intended for non-multiple, non-sized selects with
dropdown menus.
Test plan:
1. Set the pref EnableAdvancedCatalogingEditor to Enable
2. Cataloging -> Advanced editor
3. Note the Clipboard is a single line tall
4. Apply patch, shift+reload Advanced editor
5. Note the Clipboard is ten lines tall
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 10a8dc5108dc58d91786ead95f5130a7a147d5b1) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Pedro Amorim [Tue, 21 May 2024 09:13:49 +0000 (09:13 +0000)]
Bug 36904: Fix batch->ill_batch
This was missed when renaming follow-ups were added to bug 30719
1) Enable ILL, install FreeForm and checkout the current compatible branch with main
bash <(curl -s https://raw.githubusercontent.com/ammopt/koha-ill-dev/master/start-ill-dev.sh)
cd /kohadevbox/koha/Koha/Illbackends/FreeForm
git checkout reorganize_ILL
2) Visit ILL module:
http://localhost:8081/cgi-bin/koha/ill/ill-requests.pl
3) Type whatever search in the tiny 'Search' input box directly above the table
4) Notice you get an error. Apply patch. Repeat.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5f031219ba0f242cab75cd07d4fcdf30af91d177) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
A Marcel's QA patch to Bug 36552 added use POSIX; in two spots.
In https://metacpan.org/pod/POSIX we read:
CAVEATS
Everything is exported by default (with a handful of exceptions). This is
an unfortunate backwards compatibility feature and its use is strongly
discouraged. You should either prevent the exporting (by saying use
POSIX ();, as usual) and then use fully qualified names (e.g.
POSIX::SEEK_END), or give an explicit import list. If you
do neither and opt for the default (as in use POSIX;), you will
import hundreds and hundreds of symbols into your namespace.
This patch fixes this.
No test plan.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8d9ccd6fc371877fbd4d016ee3bc1de54721787e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Thu, 23 May 2024 09:36:55 +0000 (10:36 +0100)]
Bug 36908: (QA follow-up) Proposed improvement to prefernce description
I found the initial addition of 'or the branch chosen at login' to the
system preference description more misleading than the original. After
discussion on mattermost and with training staff here at PTFS the best
alternative we could come up with is proposed here.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 85735e86f4f927d8e455aec08ef90a1381694059) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Tue, 21 May 2024 12:26:34 +0000 (12:26 +0000)]
Bug 36908: Additional unit tests to identify flaw when two branches have same IP
This could be considered a configuration flaw, but when:
StaffLoginBranchBasedOnIP enabled and not AutoLocation
or
AutoLocation enabledand no IP set in user's branch
AND
two branches have the same IP set
the user can be logged in randomly to one of the matching branches.
These test often pass, but will also randomly fail
Easier to verify with a one liner demonstrating current code:
perl -e 'use Koha::Libraries; use List::MoreUtils qw(uniq); my $branches = { map { $_->branchcode => $_->unblessed } Koha::Libraries->search->as_list }; my $branchcode="CPL"; warn Data::Dumper::Dumper( uniq( $branchcode, keys %$branches ));'
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 7e8803537254ec950c64327bece8091e6cf49499) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Thu, 23 May 2024 06:49:39 +0000 (08:49 +0200)]
Bug 36924: Remove warning "Value not allowed for auto_incr itemnumber in Item"
We are removing entirely the badly written test.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Note: We cannot test this properly when the search index refers to biblios
and items that do not exist in the database. Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 12511385289b41c3c3d067f1b7c4397010e3d27c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Fri, 17 May 2024 11:59:21 +0000 (11:59 +0000)]
Bug 36665: Add option to set the staff user's logged in branch based on their current ip
This patch adds a new system preference StaffLoginBranchBasedOnIP which restores the behaviour before bug 35918
of using the current IP to determine the user's logged in branchcode
To test:
1 - Get your current ip
2 - Set that IP for a library in the administration section
3 - Find a user account assigned to a different library that can login to staff side
4 - Login to staff as that user, select 'My library'
5 - You are logged in to the user's branch
6 - Apply patch, restart all
7 - Log out and back in, selecting 'My library'
8 - You are logged in to the user's branch
9 - Enable new system preference StaffLoginBranchBasedOnIP
9 - Log out and back in, selecting a different branch, noting the new warning below the library selection
10 - You are logged in to the branch with the matching IP
11 - Log out and back in, selecting 'My library'
10 - You are logged in to the branch with the matching IP
11 - Change your logged in branch
12 - Verify the selection sticks and you can perform staff actions in the chosen branch
13 - Change the IP of the library to one that doesn't match yours
14 - Verify you can log out and log back in and that selected branch is respected when your IP doesn't match library IP
Signed-off-by: Kristi Krueger <KKRUEGER@cuyahogalibrary.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3a0d6f5d07b914ab03f9ae3c56b033158bd91130) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Wed, 1 May 2024 18:19:42 +0000 (18:19 +0000)]
Bug 35929: Don't record a change for empty fields submitted in patron form
This is reminiscent of bug 36159 - when a field is submitted as empty, and null in the DB
we need to reject this as a change. I tried to copy the logic from that bug, as well as
deleting submitted changes for hidden fields (from html manipulation)
This should be tested extensively. One note: If you submit a valid change request, then submit a second with no change the second will be ignored, but the first will remain. i.e. if you change your name from 'Nick' to 'Nack' - then realize your typo you cannot submit a new request to change it back untl the initial request is cleared
To test:
1 - Play with PatronSelfModificationBorrowerUnwantedField and PatronSelfModificationMandatory field to have some fields set
2 - Add a patron attribute, or several, that are editable in the OPAC
3 - Try submitting a form with no changes, note a modification requets is submitted
4 - Approve the request
5 - Apply patch, restart all
6 - Try submitted a blank request, you are notified there were no changes
7 - Try to force an unwanted field via html modification
8 - No changes reported
9 - Confirm attributes changes are successful
10 - After a successful request, try submitting a blank request
11 - Note no changes are recorded, but the initial request is still active
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit cf4a3667cbeb4dbb6b7dd74fd30a3cacca540603) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Tue, 14 May 2024 07:29:02 +0000 (09:29 +0200)]
Bug 36845: Exclude meta tag from the translations
This bug originaly wants to get rid of "noindex" coming from this meta
tag:
<meta name="robots" content="noindex">
But actually we have other strings from the meta tags that should not be
translated.
Test plan:
0. Do not apply this patch
1. cd misc/translator/po && gulp po:update --lang es-ES (or any other
lang)
2. git commit -a -m"wip"
3. Apply this patch
4. Repeat 1 and git diff to show the diff
Notice that strings that should not be translated are removed from the
po files (actually commented)
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit fbb123b12eab123e62c508944fd2b6261fb24acf) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Thibaud Guillot [Fri, 17 May 2024 09:13:21 +0000 (11:13 +0200)]
Bug 36892: Fix label for 'is_standing' input
Test plan:
1) Go to acqui/histsearch.pl and look for "search_children_too" with
dev tools console.
2) On 'is_standing' input, the same label is used
3) Apply this patch and reload it
4) Now it's correct
Sponsored by: BibLibre
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 40900343673c280d092de9c57399a77c113b41ba) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Tue, 14 May 2024 09:41:57 +0000 (11:41 +0200)]
Bug 36856: Fix MARC subfield name in new order from existing bibliographic record
In form of the bibliographic details when adding an order 'From an existing record' in a basket, the marc subfield name is not shown.
The template calls [% field.lib | html %] but this comes from Koha::UI::Form::Builder::Biblio generate_subfield_form() which gives 'marc_lib'.
Test plan:
1) Be sure to have an ACQ biblio framework
2) Enable system preference UseACQFrameworkForBiblioRecords
3) Go to an acquisition basket
4) Add a term in 'From an existing record' and submit
5) On first result click on 'Add order'
6) Look at 'Catalog details'
=> Without patch you only see subfield tag and letter : (123a)
=> With patch you also see subfield name : Name (123a)
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5080eecc2268c2b7b88856800e728041c2fc29ec) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Owen Leonard [Fri, 5 Apr 2024 16:05:56 +0000 (16:05 +0000)]
Bug 36528: Correct JS assets included in self checkout slip template
The self checkout's slip print template includes some assets which it
doesn't need (enquire.js) and lacks other that it does (i18n-related
files). This patch correct the problem.
The patch also wraps some code in global.js with a check that the
relevant library has been loaded so that we don't get errors when the
asset isn't included.
To test, apply the patch and clear your browser cache.
- With WebBasedSelfCheck enabled, log in to the self checkout module and
check some items out.
- Click "Finish" and then "Print receipt..."
- Check the browser console on the receipt page. There should be no
errors.
- Log in to the OPAC and click the "Messaging" tab on the patron summary
page.
- Test that the "Digests only" table heading icon shows a tooltip.
- Test that enquire.js is still loading correctly by performing a
catalog search and narrowing your browser. When the window is narrow
enough, the facets sidebar should collapse into a "Refine your search"
button.
Note that the "js_in_body" qa warning is a false positive.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3b9a43ec5a5ce24865f93a345215858b74348b2b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Janusz Kaczmarek [Sat, 11 May 2024 08:41:04 +0000 (08:41 +0000)]
Bug 36834: (Bug 29697 follow-up) Koha explodes when trying to open in Labeled MARC view a bibliographic record with an invalid biblionumber
After changes made in catalogue/labeledMARCdetail.pl with the bug 29697
when trying to open the Labeled MARC view with
biblionumber=<invalid_number> (e.g. a deleted biblionumber) Koha explodes
with a message << Can't call method "metadata" on an undefined value at
/kohadevbox/koha/catalogue/labeledMARCdetail.pl line 59 >>
Test plan:
==========
1. Activate the viewLabeledMARC syspref.
2. Try to open a biblio record in Labeled MARC view, giving as a biblionumber
(in URL) a non-existing biblionumber, e.g. in ktd, with standard ktd
test data:
http://your_ktd:8081/cgi-bin/koha/catalogue/labeledMARCdetail.pl?biblionumber=1234567
Koha should explode with the message:
Can't call method "metadata" on an undefined value at
/kohadevbox/koha/catalogue/labeledMARCdetail.pl line 59
3. Apply the patch; restart_all.
4. Repeat p. 2. You should get a regular page with the info "The record you
requested does not exist (1234567)".
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e4e54af0e77a01d8ad1ee6ac84f5b255951f1831) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Owen Leonard [Thu, 16 May 2024 12:52:04 +0000 (12:52 +0000)]
Bug 36872: Untranslatable strings in request.tt
There are errors in the JavaScript in the holds template in the staff
client which results in strings not being translatable. This patch
corrects the errors.
To test, apply the patch and run through the process of placing a hold
on multiple items in the staff interface.
- At the hold confirmation step, try to submit the form without
selecting pickup locations for one or more titles.
- You should get an alert, "Please make sure all selected titles have a
pickup location set".
- Uncheck the checkboxes next to each title you're placing a hold on.
- Submit the form. You should get an error: "Please select at least one
title".
- Test the translation process with a language, e.g. fr-FR:
- In KTD, run: gulp po:update --lang fr-FR
- Check fr-FR-staff-prog.po for the line referring to
koha-tmpl/intranet-tmpl/prog/en/modules/reserve/request.tt:1499
- You should see the string "Please make sure all selected titles have a
pickup location set".
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 537c960777f94cf964c757ed2773f330612ae3c7) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 36529: manage_additional_fields permission for more than acquisitions and serials
This patch renames the manage_additional_fields permission to remove
the specificity of acquisitions orders and serial subscriptions.
Since each additional field requires a corresponding permission, I
wrote each of them next to it. It makes it very long, but right now
there isn't really a way to link permissions other than the permission
description.
To test:
1. Apply patch
2. Go to a patron account
3. Click More > Set permissions
4. Go to the Administration panel permissions and open the
sub-permissions
5. Check that the manage_additional_fields permission description
makes sense, check grammar and spelling, try the various
combinations
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e251212ff5f783ff7d5d9de3821510ba7928d95f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Nick Clemens [Tue, 14 May 2024 18:02:49 +0000 (18:02 +0000)]
Bug 35285: (QA follow-up) Tidy
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit b1fe94cd58bc0e01d0a730a6b8c5f3dc3ee439ba) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Mon, 13 Nov 2023 16:46:17 +0000 (16:46 +0000)]
Bug 35285: Unit tests
This patch adds unit tests for the new 'is_html' function introduced in
Koha::Notice::Message and update the tests to include the new plaintext
handling of html_content.
Signed-off-by: David Nind <david@davidnind.com>
test
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 64a9e3c99951b466ffbb0b9b3f5d5654b5e0f6fb) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Wed, 8 Nov 2023 10:43:09 +0000 (10:43 +0000)]
Bug 35285: Remove switch in notices.tt
We now wrap appropriately for non-html formatted messages as
part of the html_content method. This means we can remove the
case from members/notices.tt and rely on html_content doing
the right thing for notice previews.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 74f9c57adfa2577cfcaff9ef1f92ee42a3d35451) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Wed, 8 Nov 2023 09:59:30 +0000 (09:59 +0000)]
Bug 35285: Add non-html template support to html_content wrapping
This patch adds support for messages generated using non-html formatted
notice templates to the html_content method of Koha::Notice::Message.
We continue to wrap content for html generated messages with the
appropriate headers, css and title.
For non-html generated content we wrap in the <div style="white-space:
pre-wrap"> block to maintain text formatting as defined in the original
plaintext template.
Test
Follow the test plan for bug 30287, nothing should outwardly change.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 6b413acfc41f580ac6b424c554ac47a6fa953782) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Janusz Kaczmarek [Tue, 14 May 2024 11:08:19 +0000 (11:08 +0000)]
Bug 24424: Advanced editor - interface hangs as "Loading" when given an invalid bib number
The Advanced Editor hangs with "Loading, please wait" message when given an
invalid bib number, e.g. /cgi-bin/koha/cataloguing/editor.pl#catalog/55555
This is because in the bug 16424, when changes had been made to
koha-tmpl/intranet-tmpl/lib/koha/cateditor/koha-backend.js
(Bug 16424: Add framework support to advanced MARC editor),
the .fail callback method of the outer .get (in the KohaBackend.GetRecord
function called from cateditor-ui.inc) had been (perhaps by mistake?) removed.
So, in case of failure, the situation is not handled properly.
The proposal is to restore the outer .fail. As a result, the
openRecord( 'new/', editor, finishCb ); will be called (a standard way
of resolving failed openRecord action (cf. the bottom of cateditor-ui.inc).
Test plan:
==========
0. Be sure your browser does not cache JavaScript for this test.
1. Enable EnableAdvancedCatalogingEditor in the system preferences.
2. Try to open in the advanced editor an unexisting record, e.g.
http://your_ktd:8081/cgi-bin/koha/cataloguing/editor.pl#catalog/55555
Koha should hang with a message "Loading, please wait".
3. Apply the patch, restart_all.
4. In a new browser window, repeat p. 2 (remember not to cache JS).
5. The editor should open with a new empty record.
Sponsored-by: Ignatianum University in Cracow Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 4d344fd3ab6fa988a9b3e79e683c8217f0705d2c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Marcel de Rooy [Mon, 6 May 2024 12:28:45 +0000 (12:28 +0000)]
Bug 36793: Fix case of $var in Context->delete_preference
This only applies to 'local' preferences.
Test plan (first without this patch):
Add a local pref. Delete it. Ask value on commandline with:
* perl -MC4::Context -e"print C4::Context->preference('YOUR_PREF')"
* Did you replace YOUR_PREF :)
Now repeat with this patch. And verify fix (no value now).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 8ea126b1f89e24a2baf8c43f7bf837bf74741088) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jonathan Druart [Wed, 17 Apr 2024 10:18:11 +0000 (12:18 +0200)]
Bug 36619: Restore 'Columns' visibility on the patron search when placing a hold
Test plan:
Go to /cgi-bin/koha/reserve/request.pl?biblionumber=117
Search for "d"
Notice that with this patch applied the "Columns" button is back and
that the "Configure" is working correctly
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 76ebbb4b9b3a39c6e7ffffe8ad1b9b2c603daf5c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Lucas Gass [Mon, 13 May 2024 22:15:02 +0000 (22:15 +0000)]
Bug 35961: (follow-up) Pass along the borrowernumber
To test:
1. APPLY PATCH
2. Turn on OpacCatalogConcerns
3. Find a record and go to the OPAC detail page.
4. Click "Report a concern" in the right navigation menu
5. Make sure it works
6. Repeat the proces from MARC view and ISBD view pages
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit e412a4387c888816cf478d811a559c5f57f7e9e2) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Martin Renvoize [Mon, 13 May 2024 13:43:53 +0000 (14:43 +0100)]
Bug 35961: Add missing includes
This patch adds the missing includes for the 'Catalog concerns' modal on
opac-MARCdetail and opac-ISBDdetail views.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit c2154173af06efaf007e0cdf444f885275d61f1b) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Janusz Kaczmarek [Wed, 17 Apr 2024 11:17:22 +0000 (11:17 +0000)]
Bug 36620: Broken order management for suggestions with quantity
Test plan
=========
Scenario A (the bug)
--------------------
1. In OPAC, create a purchase suggestion with defined quantity
("Copies" in staff interface).
2. Accept the suggestion.
2. Have a budget, fund, vendor etc. to use the Acquisitions module.
Ensure that AcqCreateItem syspref is set to 'placing an order'.
3. Create a new basket and add to basket an order line from accepted
suggestion. Note the initial Quantity set to the quantity entered
in suggestion. Note increasing this number while you add items
to the order with the 'Add item' button. Save the order, close the
basket.
4. Start receiving shipments for this order (create invoice etc.).
Receive items you created by 'Add item' until there is nothing more
to receive. Note the number of unreecived items in the order (eqal
to the initial quantity from the suggestion) that cannot be regulary
received (with the items table on the left). This is the *bug*.
[This is due to the ambiguity of $data->{quantity} in the neworderempty.pl
-- it normally comes from the order: GetOrder, but in the case of a yet
empty order created from a suggestion, it comes from the suggestions table:
GetSuggestion].
5. Apply the patch, restart plack etc.
6. Repeat step 2 and 3. While adding items in order note that you start
from quantity 0, and that the suggested quantity is shown in brackets.
7. Continue with p. 4. You should be able to receive the order in the
regular way (with the items created).
Scenario B (bonus)
------------------
Repeat the above with AcqCreateItem syspref is set to 'receiving the order',
or 'cataloging the record'. These cases do not create a bug as it does
the case with 'placing an order'. Note however, after applying the patch,
the initial quantity in the order is set to 0 and there is the bonus infomation
about the suggested number of items (from the suggestion).
Sponsored-by: Ignatianum University in Cracow Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3cfe1af7dba820410c5537172a875e82d472c8e2) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Jan Kissig [Fri, 3 May 2024 12:11:58 +0000 (14:11 +0200)]
Bug 36772: OPAC Self checkout accepts wrong or partial barcodes
When using the opac trusted checkout feature it is possible to enter non existant or partial barcodes to check out items.
Testplan:
a) set System preference OpacTrustedCheckout to Allow
b) go to http://localhost:8080/ and login with koha / koha
c) click Self Checkout in navigation bar
d) enter barcode 1234
e) result: Item '39999000011234' was checked out
apply patch and reload the page
a) now enter barcode 1234
b) result: Item '1234' not found
c) enter 39999000011234
d) result: Item '39999000011234' was checked out
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 2884226fe27cd3e4d5f4a070405c047183fed881) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Emmi Takkinen [Fri, 10 May 2024 05:31:42 +0000 (08:31 +0300)]
Bug 36825: Hide "Protected" field via BorrowerUnwantedField syspref
Setting field "Protected" as hidden in patron entry/modification
form via BorrowerUnwantedField syspref doesn't work. Form is
missing condition "UNLESS noprotected".
To test:
1. From BorrowerUnwantedField, check field "Protected" as hidden.
2. Either attempt to create a new patron or modify existing one.
=> Note that "Protected" is still displayed in the form.
3. Apply this patch.
4. Navigate back to create/modify patron form.
=> Note that "Protected" is no longer displayed.
5. Uncheck field "Protected" from BorrowerUnwantedField.
=> Field should now be displayed in create/modify form.
Sponsored-by: Koha-Suomi Oy Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit a0b1ee7df30a191a65fc44020bbe18dd69366ce2) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
I checked the UNIMARC authResults counterpart file. And it only
contained a single case of generated elements like the previous patch.
To test:
1. On latest main
$ ktd --shell
k$ cd misc/translator/po
k$ git fetch
k$ git reset --hard origin/main
k$ cd /kohadevbox/koha
k$ gulp po:update --lang es-ES
k$ cd misc/translator/po
k$ git add -u ; git commit -mWIP --no-verify
2. Apply this patches
3. Run:
k$ cd /kohadevbox/koha
k$ gulp po:update --lang es-ES
k$ cd misc/translator/po
k$ git diff
=> SUCCESS: Notice CSS class names are not translated anymore
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 537d5aac5ac46718e3a1a5f8dac2baf26a8abdea) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
This patch makes the XSLT contain HTML tags instead of building them
from scratch with static attribute values. This made it awkward for
translators as CSS classes ended up being extracted for translation
purposes. Plus, there's no need to spend CPU cycles on static content
generation.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 48e39c1e5cea2db2c4e0951a6efcae7e611490fb) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Janusz Kaczmarek [Tue, 18 Apr 2023 19:42:24 +0000 (21:42 +0200)]
Bug 33099: Add missing MARC21 Match authority mappings so "Search all headings" search works
The main entry form of corporate names (110), uniform titles (130), topical
terms (150), geographical names (151), and genre/form (155) are not indexed
with 'Match' search field in Elasticsearch standard mapping. As a result,
the respective records are not present on the result list when performing
an 'All headings' search for the authority records with the main heading form
(MARC 21).
Test plan
=========
0. Have a test installation with Elasticsearch.
1. In Authorities, make an 'All headings' search for a main entry
form from the corporate names, uniform titles, topical terms,
geographical names, or genre/form
--> e.g., in ktd: UK Archiving. You will get no results.
2. Apply the patch, reindex with:
sudo koha-elasticsearch --rebuild -r -a kohadev
3. Repeat the test. You should see 'UK Archiving' on the result list.
Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit d4c70f7d07dcc0fe1319b6e0380abcd1b7400b95) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Kyle M Hall [Wed, 20 Mar 2024 19:32:50 +0000 (15:32 -0400)]
Bug 36378: Cannot stay logged in if AutoLocation is enabled but branch ip is not set correctly
We can get into a scenario what a user cannot stay logged in for more than a single page load.
If AutoLocation is enabled with branch IP addresses being set to a space, you will be logged out with every page load.
Test Plan:
1) Set your branch ip to a space
2) Enable AutoLocation
3) Restart all the things!
4) Log out
5) Log in
6) Browse to another page
7) You are logged out
8) Apply patch
9) Repeat 1-6
10) You are not logged out!
Signed-off-by: Andrew Fuerste Henry <andrewfh@dubcolib.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 7291a312332e4fac7ac61288f33a001d4a7b306c) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
danyonsewell [Fri, 10 May 2024 02:40:45 +0000 (02:40 +0000)]
Bug 36723: Add musical presentation to Elasticsearch index mappings
Testing plan:
1. Start up KTD with Elasticsearch: ktd --es8 up
2. Apply the patch and restart everything (restart_all).
3. Reset the mappings: Administration > Catalog > Search engine configuration (Elasticsearch) > Reset mappings (at the bottom of the page)
4. Reindex: koha-elasticsearch --rebuild -d -b -a kohadev
5. Alternative to steps 3 and 4: reset_all
6. Update the visibility for 254$a in the default framework so that it is visible in the Editor (OPAC, Staff interface should already be selected).
7. Add a new record using the default framework and put a term in 254$a, such as 'Full score'.
Sponsored-by: Education Services Australia SCIS Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit fffb3665eadec04792b055e9ba04152b3b36d6dd) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Lucas Gass [Wed, 6 Mar 2024 18:41:04 +0000 (18:41 +0000)]
Bug 34823: Do not show Item group dropdown if there are no item groups
To test:
1. Enable EnableItemGroups and EnableItemGroupHolds
2. Go to the OPAC and log in as a patron
3. Go to any record that doesn't have grouped items and try to place a hold
4. Click on "Show more options"
5. See "Request specific item group:" and dropdown
6. APPLY PATCH
7. Try again, this time if the record has no item groups you should not see the dropdown at all.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit be98d633be1fb34f52ccc8b57b18280856cf1d1a) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Matt Blenkinsop [Fri, 10 May 2024 13:13:20 +0000 (13:13 +0000)]
Bug 36827: Fix tab formatting
This patch removes unwanted whitespace between the tabs and the tab content
Test plan:
1) Enable the ERM module and navigate to the eUsage > Reports sections
2) Observe the whitespace between the tabs and the content
3) Apply patch and run yarn build
4) Hard refresh the page, the whitespace should be gone
Signed-off-by: Paul Derscheid <paul.derscheid@lmscloud.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 11cdeb0889ecd4b2827690a6e7df45c912f2a9e1) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Matt Blenkinsop [Fri, 10 May 2024 13:18:45 +0000 (13:18 +0000)]
Bug 36828: Remove commented out code
Test plan:
1) Look at the patch diff and observe that the commented out code has been removed
Signed-off-by: Paul Derscheid <paul.derscheid@lmscloud.de> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit f3af09c78cbec3e091164e71f74c97bcb90f9978) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Wed, 20 Mar 2024 15:04:14 +0000 (16:04 +0100)]
Bug 36370: Add ContentWarningField to UNIMARC XSLT
Bug 31123 added new feature with preference ContentWarningField.
Add this behavior to UNMARC XSLT files.
This patch adds new template 'tag_content_warning' in UNIMARCslimUtils.xsl
called in results and details pages.
New field is placed after 3xx.
Test plan (in both interfaces OPAC and staff):
1) Create a new field 599 in framework
2) Set system preference ContentWarningField to 599
3) Edit a record to add a 599 with text in $a$b and an URL in $u
4) Perform a search to find this record
=> Check you see content_warning: <a href="$u">$a</a> $b
5) Click on details page
=> Check you see content_warning: <a href="$u">$a</a> $b
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 274c0bee86be52c9c66c0df3fccdd45c0c271977) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 36794: Illegitimate modification of biblionumber subfield content (999 $c)
It happens that librarians, by mistake, open a biblio editor putting in the
URL, by hand, the biblionumber prefixed with a blank (e.g.
.../addbiblio.pl?biblionumber= 123 -- mind the space before 123).
In such a case the editor opens with the right biblio record (i.e. 123)
but, after saving the record, the content of the biblionumber MARC
field (999 $c for a standard MARC 21 installation) results modified and
contains additional initial blanks.
Moreover, while using ES and making a search for the record (with title,
author etc.) we get two records on the result list (instead of one).
This is because in the addbiblio.pl script $biblionumber is taken (and
continuously used) directly from CGI parameter, without any
validation and/or correction.
Test plan:
==========
0. Have a test installation with ES.
1. Open a biblio record in the editor with an added space before
biblionumber value, e.g.:
http://ktd:8081/cgi-bin/koha/cataloguing/addbiblio.pl?biblionumber= 123
Save the record.
2. From the Normal view choose Save -> MARCXML. Open the saved file in
your favourite editor. You should see, at the end, something like:
<datafield tag="999" ind1=" " ind2=" ">
<subfield code="c"> 123</subfield>
(mind the space before 123).
This is not right.
3. Make a search with the title or author's name from the record (e.g.
Henning Mankell for the record 123 from the default ktd data set).
You should get two records instead of one (while using ES).
4. Apply the patch, restart_all. Repeat p. 1 and 2 with a different
biblionumber. Notice the unchanged (i.e. without spaces) value
of 999 $c subfield in the exported record and only one record
as a result of a search.
WNC amended patch - rebased, added conditional in case no bib, moved comments to their own lines
Sponsored-by: Ignatianum University in Cracow Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit c74169ba27c2e12473239b15358e428bc05da9f5) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 36799: Illegitimate modification of MARC authid field content (001)
It happens that librarians to save time open an authority editor by putting
in the URL, by hand, the authid prefixed, by mistake, with a blank (e.g.
.../authorities.pl?authid= 100 -- mind the space before 100). In
such a case the editor opens with the right auth record (i.e. 100) but,
after saving the record, the content of the authid MARC field (001 for
a standard MARC 21 installation) results modified and contains
additional initial blanks.
Moreover, if the heading (1XX field) was modified in the authority record
during such an edit, the changes will not propagate to the linked
bibliographic records. And won't in the future.
This is because in the authorities.pl script $authid is taken (and
continuously used) directly from CGI parameter, without any
validation and/or correction (line 540 in the current main branch).
Test plan:
==========
1. Open an auth record in the editor with an added space before
authid value, e.g.:
http://ktd:8081/cgi-bin/koha/authorities/detail.pl?authid= 100
Modify the heading field -- in the ktd data set:
150 Computerized typesetting
Save the record.
2. a) Open the record for editing again--see the space added before
the authid in field 001. Close the editor (with Cancel).
b) Try to go to the linked biblio records with Used in X records.
Note no results, if using ES.
c) Remove the space before authid (after an:) in the URL.
Go to the linked biblio records. See that the content of
the field controlled by the modified auth record did not
update.
3. Apply the patch; restart_all.
4. Repeat p. 1 and 2 with a different authid. Everything should
be OK now.
Sponsored-by: Ignatianum University in Cracow Signed-off-by: Roman Dolny <roman.dolny@jezuici.pl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 4b66fbc4ebc0fe706f9a9b9057a19ee0c1b13aa3) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 33849: Do not reset new patrons home library when error occurs
While adding new patron, if patron is flagged as duplicate
or another error occurs and their home library differs from
library user is logged in, patrons home library resets as
logged in users library. This happens with all patrons
expect those with category type C. This patch removes checking
if patrons category type is C from code so that all category
types use previously chosen home library even if error occurs.
To test:
1. Add new patron and set their library to a different
library than the one you're logged in.
2. Cause an error (wrong age, duplicate etc) while saving.
3. Attempt to save.
=> Note that patrons home library is set as one you're
logged in.
4. Apply this patch.
5. Repeat steps 1 to 3.
=> Note that patrons home library hasn't changed.
Sponsored-by: Koha-Suomi Oy Signed-off-by: Esther <esther@bywatersolutions.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit d2f41df188c3d8e8d8705c6a5ceb583e3e29e629) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 42d95f362a89c9c2236220f6b961b1748792087f) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 35149: Add Option to ignore submit of checkout field when empty
1) Apply patch
2) Set CircAutoPrintQuickSlip to "do nothing"
3) Go to the checkouts form for a specific patron
4) Submit the form with empty value
5) Verify that no action is taken and you stay on the current page
Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3d030ded6bc3d60b6a6e0ca8c6c648b5bb167e0e) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Lucas Gass [Tue, 7 May 2024 16:03:54 +0000 (16:03 +0000)]
Bug 36797: Change WHILE loop into FOREACH
To test:
1. Find a record that has 1000 non-waiting holds with different priorities.
2. Try loading the reserve page for that record ( /reserve/request.pl?biblionumber=X )
3. Error: Template process failed: undef error - WHILE loop terminated (> 1000 iterations)
4. APPLY PATCH
5. Try again, this time the page should load.
6. Try testing on a record with less than 1000 holds, making sure the priorities are still set right.
7. Make sure you can change your priorities and everything works right.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 5cc42c162c51aa3624f5e46e2ad6c70dd5ee6f01) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Fridolin Somers [Mon, 29 Jan 2024 09:08:00 +0000 (10:08 +0100)]
Bug 35927: Selecting MARC framework again doesn't work when adding to basket from an external source
Like Bug 19372, selecting MARC framework currently doesn't work when adding to basket from an external source.
Strangly I can reproduce on koha-testing-docker, but we have this issue with a Ubuntu Focal install.
Looks like it comes from a bad syntaxe than needs to be replaced in any case.
Test plan:
1) Add an order to a basket from an external source
2) Select another framework than the default one on the search result
view. Before doing 'add order' on choosen search result line.
3) Chek the framework code you will pick will be used in the created biblio record
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit b7a5cc5beeb4af7cd23a414519c038f007f5b959) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Bug 34041: (follow-up) escape double dashes to prevent issues
Having double dashes inside a commmented block is not valid XML. This
patch restores it, with an added message explaining it
To test:
1. Run:
$ xmllint etc/z3950/config.xml
=> FAIL: You get:
etc/z3950/config.xml:5: parser error : Double hyphen within comment: <!--
<config>
<z3950_responder_options>
<z3950_responder_options>--add-item-status k -t 5</z3950_responder_options
2. Apply this patch
3. Repeat 1
=> SUCCESS: All good!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 11c69496bcd216ad264acd87409e5160c73995bf) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Liz Rea [Fri, 16 Jun 2023 17:50:35 +0000 (12:50 -0500)]
Bug 34041: z3950 responder additional options not coming through properly
This patch adds the <config> node that the z3950 responder starter script is looking for in the z3950/config.xml to the example code.
To test:
- verify that the <config> </config> is around the commented z3950_additional_options suggestion in the etc/z3950/config.xml file
- copy the config stanza to the live file: /etc/koha/sites/kohadev/z3950/config.xml
- restart_all
- ps aux | grep z3950
- confirm the script has restarted
- confirm the options: --add-item-status k -t 5 have been passed through
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
(cherry picked from commit 3878dbe9994186d70b3eb94e5096d4d1c6cf5452) Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
projects / koha.git / log