David Cook [Mon, 13 Jan 2020 06:05:17 +0000 (17:05 +1100)]
Bug 17464: Order deny,allow / Deny from all was deprecated in Apache 2.4 and is now a hard error
Patch change Apache access control from 2.2 to 2.4 directives.
Test plan:
0. Apply patch
1. Build Koha from source
2. Copy or symlink koha-dev/etc/koha-httpd.conf into your relevant
Apache directory.
3. Reload Apache
4. Note a lack of syntax errors regarding the "Order" directive
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Maryse Simard [Wed, 21 Aug 2019 21:20:16 +0000 (17:20 -0400)]
Bug 23488: Line wrapping doesn't always respect word order in Patron card creator
When wrapping long lines of text, the line is divided by removing each
word from the end of the line and putting it in a new one until the line
is the right width. When the word to be removed appears multiple time
in the line, it is not the last occurrence that is removed.
This patch changes the regular expression used to remove the part of
the text that is wrapped to a new line, making sure it removes it at
the end of the text.
Test plan:
1. Go to Tools > Patron card creator
2. Have a card template and a card batch
-> If needs be, you can create them by using
New > Card template or New > Card batch
3. Create a layout and use one text field containing a long text with
at least one word which is repeated a minimum of 2 times
(preferably towrdds the end of the text, since it has to be picked
as one of the words to appear in the new line). You can use this:
one two three one two three one two three one two three
one two three one two three one two three one two three ...
4. Go to Manage > Card batches and export a batch
5. Choose the layout set up in 3.
6. Click the Export button and open the resulting pdf file
7. Notice all the repeated word have been grouped
-> For this example : all of the ones appear first, followed by
all the twos and only then the threes.
8. Apply patch
9. Repeat step 4 through 7
=> this time the order of the words has not changed!
Signed-off-by: Gabriel DeCarufel <gabriel@inlibro.com> Signed-off-by: William Frazilien <william.frazilien@inlibro.com> Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard [Fri, 28 Feb 2020 16:48:37 +0000 (16:48 +0000)]
Bug 23753: Add missing humanMsg library to pages using background job JavaScript
The JavaScript used to process background uploads calls the humanMsg
library under some circumstances. There are several templates which use
background-job-progressbar.js which don't include the humanMsg assets.
This patch corrects those templates.
Note: upload-images.tt has been modified to remove the inclusion of
background-job-progressbar.js because it was unused.
To test, apply the patch and test the following processes which include
background job processing:
- Batch item modification -- the background job is triggered when you
submit your changes
- Batch record modification -- the background job is triggered when you
submit your changes
- Stage MARC for import -- the background job is triggered when you
click the "Sage for import" button after uploading a file
- Staged MARC management -- the background job is triggered when you
click "Import this batch into the catalog"
In each case the process should complete correctly. If you would like to
test the error message handling provided by the humanMsg library you can
deliberately introduce an error into the JavaScript. After applying the
patch you can modify js/background-job-progressbar.js to alter line 63
from:
url: f.action,
...to:
url: f.action + "foo",
Perform the same tests and confirm that you see an error message. Don't
forget to undo your changes to background-job-progressbar.js before
signing off.
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard [Fri, 28 Feb 2020 15:00:40 +0000 (15:00 +0000)]
Bug 23536: Remove obsolete category markup from patron entry
This patch removes some obsolete markup from the patron entry template
(memberentrygen.tt). The old markup was necessary in a long-gone version
of Koha where it was possible to add patrons using built-in categories
instead of defining your own.
To test, apply the patch and test the process of adding or editing
patrons. You should see the patron category displayed correctly in the
page title, breadcrumbs, and main heading.
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard [Fri, 28 Feb 2020 14:53:53 +0000 (14:53 +0000)]
Bug 23534: Use patron-title.inc on patron entry page
There are a few instances where we can simplify the patron entry
template by using the patron-title include file instead of outputting
patron name variables one by one. This patch does so in the page title,
page breadcrumbs, and page heading.
To test, apply the patch and edit a patron record. The page title,
breadcrumbs, and main heading should all look correct.
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Tue, 25 Feb 2020 13:40:06 +0000 (14:40 +0100)]
Bug 24725: Remove ES template literals in checkouts.js
From Julian on bug 24661 comment 6:
"""
It looks like xgettext does not like ES6 template literals.
https://savannah.gnu.org/bugs/?50920
From what I understand, support for template literals was added in gettext 0.20 (still not packaged in debian) but is still buggy in latest released version 0.20.1 and a fix is present in master.
"""
We should not use backticks ` in .js file, it breaks xgettext.
To replicate:
kohadev-koha@e1f3025cca60:/kohadevbox/koha/misc/translator$ perl translate update es-ES
koha-tmpl/intranet-tmpl/prog/js/checkouts.js:569: warning: unterminated string
koha-tmpl/intranet-tmpl/prog/js/checkouts.js:858: warning: unterminated string
koha-tmpl/intranet-tmpl/prog/js/checkouts.js:904: warning: unterminated string
koha-tmpl/intranet-tmpl/prog/js/checkouts.js:911: warning: unterminated string
koha-tmpl/intranet-tmpl/prog/js/checkouts.js:1095: warning: RegExp literal terminated too early
/usr/bin/msgmerge: error while opening "/kohadevbox/koha/misc/translator/po/es-ES-messages-js.po" for reading: No such file or directory
(last error 'No such file or directory' is not related to this).
Test plan:
Make sure nothing is broken on the claims table
Confirm that the errors do not longer appear on `perl translate update LANG`
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Tue, 25 Feb 2020 13:17:27 +0000 (14:17 +0100)]
Bug 24727: (bug 14697 follow-up) Replace link on title to bib detail page
903 let title = `<a
class="return-claim-title strong"
href="/cgi-bin/koha/circ/request-rcticle.pl?biblionumber=[%
rc.checkout.item.biblionumber | html %]">
At first it seems like a typo:
request-rcticle.pl vs request-acticle.pl
But actually it does not make sense to link to request-article, we want
(I think) to link to the bibliographic record detail page.
Test plan:
- Have something in the claim table (cf bug 14697)
- Click on the title of the bibliographic record
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Julian Maurice [Wed, 26 Feb 2020 19:09:52 +0000 (20:09 +0100)]
Bug 24734: Fix paths in LangInstaller.pm for JS files
Use intrahtdocs and opachtdocs in order to get the correct paths for all
kind of installations
Test plan:
1. With a dev install, run ./translator create/update/install xx-XX and
verify that there is no error message
2. With a standard install, run ./translator create/update/install xx-XX
and verify that there is no error message
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Tested for dev/single/standard installs, no errors,
just a (normal) warn from po2json.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Wed, 26 Feb 2020 16:46:49 +0000 (17:46 +0100)]
Bug 24736: Disable "Enrollments" link if nobody enrolled to the club yet
The link is disabled but it's possible to click and access the page
anyway.
Test plan:
- Create a new club template
- Create a new club
- Click the Actions > Enrollments link
=> Without this patch you can access the page
=> With this patch applied you cannot, and a tooltip explains why (feel
free to suggest another wording)
- Add a new patron to this club (from /cgi-bin/koha/opac-user.pl#opac-user-clubs)
- Notice that the action link is not enabled and click takes you to the
list of enrollments
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 24747: Corrects on-screen instructions in branch transfer limits
To test:
1- go to cgi-bin/koha/admin/branch_transfer_limits.pl
2- see wording "Check the boxes for the libraries you accept to checkin items from"
3- apply patch
4- see wording "Check the boxes for the libraries you allow your items to be transferred to"
To verify new wording accuractely describes behavior:
1- Set UseBranchTransferLimits set to Enforce using itemtype
2- Confirm circ rules allow holds
3- Confirm hold policy by item type allows holds
4- Confirm all branches are valid pickup locations in branch setup
5- In Branch Transfer Limits, set dropdown to Branch A, select itemtype Book, disable all transfers so Branch A does not accept books from any other branch
6- Find a patron from Branch A
7- Find a book from Branch B
8- On the intranet, successfully place hold on item for patron for pickup at branch A
9- Cancel hold
10- Log into opac as patron
11- Successfully place hold on item for pickup at Branch A
12- Cancel hold
13- In Branch Transfer Limits, set dropdown to Branch A, select itemtype Book, ENABLE all transfers so Branch A DOES accept books from any other branch
14- In Branch Transfer Limits, set dropdown to Branch B, select itemtype Book, disable all transfers so Branch B does not accept books from any other branch
15- On the intranet, try to place a hold on item for patron, confirm Branch B is your only pickup option
16- On the OPAC, log in as patron, try to place a hold on item, confirm Branch B is your only pickup option
Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard [Wed, 19 Feb 2020 13:47:11 +0000 (13:47 +0000)]
Bug 13327: (follow-up) Correct CSS and XSL errors
This patch adds back the CSS changes which seem to have been lost in a
rebase somewhere. The patch also corrects a bad copy/paste in the XSL
file which led to a 404 error.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
In each of these cases, test the detail page's listing of additional
authors/contributors and subjects. Test records which have both multiple
contributors or subjects and which have only one author or subject.
When OPACPopupAuthorsSearch is turned on, verify that the author/subject
selection modal appears and that your selections are correctly combined
to build a search string.
Note that OPACPopupAuthorsSearch feature has a problem with terms
containing parentheses. The issue predates this patch.
Also note that the QA tools will give a false positive about Bootstrap
button styles. This rule only applies to the staff client.
Signed-off-by: Liz Rea <wizzyrea@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
David Cook [Fri, 28 Feb 2020 00:17:58 +0000 (00:17 +0000)]
Bug 24739: Perform IPv6 tests only if Net::Netmask is correct version
Test plan:
0. Apply patch
1. Set up Koha on stretch (e.g. koha/koha-testing:master)
2. perl t/Koha/Middlware/RealIP.t
3. Observe the following:
Subtest: IPv6 support
ok 1 - Warn on IPv6 koha_trusted_proxies
ok 2 - Unable to parse IPv6 address for trusted proxy, so ignore the X-Forwarded-For header
1..2
ok 13 - IPv6 support
4. Set up Koha on buster (e.g. koha/koha-testing:master-buster)
5. perl t/Koha/Middlware/RealIP.t
6. Observe the following:
Subtest: IPv6 support
ok 1 - Trust proxy (2001:db8:1234:5678:abcd:1234:abcd:1234) using IPv6 CIDR notation, so use the X-Forwarded-For header for the remote address
1..1
ok 13 - IPv6 support
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Martin Renvoize [Thu, 27 Feb 2020 09:16:12 +0000 (09:16 +0000)]
Bug 24739: Skip tests when IPv6 support is found
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Marcel de Rooy [Fri, 28 Feb 2020 11:13:16 +0000 (11:13 +0000)]
Bug 24756: Fix failing tests by removing temporary filenames
In order to resolve the random failure, that might be caused by reusing
filenames in File::Temp and caching xslt code, this patch replaces the
temporary file by using the code parameter.
Note: Since XSLT uses a digest based on the passed code fragment, we will
exclude collisions here.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Ere Maijala [Wed, 19 Feb 2020 09:45:04 +0000 (11:45 +0200)]
Bug 24680: Fix end_date returned from api/v1/holds/{hold_id}/suspension endpoint
Before this patch the response would return current date as the suspension end date for a hold that is suspended with no end date.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Ere Maijala [Wed, 19 Feb 2020 09:43:08 +0000 (11:43 +0200)]
Bug 24680: Fix PUT api/v1/holds/{hold_id} to work also when priority is not provided
Before this fix the endpoint would accept the request but fail to actually update the hold if the request does not contain a priority parameter.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Nick Clemens [Wed, 26 Feb 2020 03:16:26 +0000 (03:16 +0000)]
Bug 24733: created_by param should be an arrayref
We allow for the user to add multiple users to this field, and the
search function expects and array. We have been treating it as a scalar
TO test:
1 - Have an open basket in acquisitions
2 - Add to basket - from an existing order (copy)
3 - Enter a name in the 'Basket created by' field and select a user
4 - Hit search
5 - ISE (Can't use string ("1") as an ARRAY ref while "strict refs" in use at /usr/share/koha/lib/C4/Acquisition.pm line 2482.)
6 - Apply patch
7 - Repeat 1-4
8 - Success!
9 - Test with mutiple 'created by' entries as well
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Marcel de Rooy [Tue, 25 Feb 2020 13:40:52 +0000 (13:40 +0000)]
Bug 24294: (QA follow-up) Add rollback and 008 default test
Default for 008 was not tested yet.
Only wondering if we should insert default values only when we meet an
undefined value. Or should we also add if we meet an empty string? Is the
latter not more realistic in MARC?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Thu, 2 Jan 2020 11:09:27 +0000 (12:09 +0100)]
Bug 24294: Add default value support for control fields in ACQ framework
When trying to add an order using the ACQ framework with a 008@ tag,
Koha explodes:
Control fields (generally, just tags below 010) do not have subfields,
use data() at /home/vagrant/kohaclone/C4/Acquisition.pm line 3272.
Test plan:
Set a default value for a control field in the ACQ framework
Turn on UseACQFrameworkForBiblioRecords
Create a new order from a new record
The default value should be displayed
Save
=> No crash
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Nick Clemens [Thu, 6 Feb 2020 17:45:07 +0000 (17:45 +0000)]
Bug 24605: Fix unencoded series link
To test:
1 - Add an 830 to a record with a volume subfield separated by a semicolon
830$aThe series ;$vvol 8.
2 - View the record in the opac
3 - Click the series link, no results
4 - View the link url - the semicolon is not encoded
5 - Apply patch
6 - link works
7 - URL is corrrectly encoded
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Martin Renvoize [Tue, 25 Feb 2020 14:26:57 +0000 (14:26 +0000)]
Bug 24661: (RM follow-up) Check lang is defined
This adds a check that the lang variable is defined before testing
against it. In normal operation this is likely a no-op, but it is
required for compiling templates during QA.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Ere Maijala [Wed, 29 Jan 2020 11:24:15 +0000 (13:24 +0200)]
Bug 22522: Add support for current Mojolicious and related packages
This patch allows tests to succeed with the following versions:
JSON::Validator 3.18
Mojolicious 8.32
Mojolicious::Plugin::OpenAPI 2.21
Also Mojolicious::Plugin::OpenAPI version 1.17 and later 1.x versions now work.
Calling valid_input in under() would cause ' Use of uninitialized value $_[2] ' in more recent OpenAPI plugins, so that was changed too. As far as I can see this does not affect authorization.
Signed-off-by: Mason James <mason@kohaaloha.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Marcel de Rooy [Fri, 17 Jan 2020 10:30:16 +0000 (10:30 +0000)]
Bug 23290: (follow-up) Replace warning_like by warnings_like
Security.t does not pass anymore ;)
Due to bug 23290 the tests now trigger an additional runtime error that
we should also catch to let the tests pass again.
Test plan:
Run t/db_dependent/Koha/XSLT/Security.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
David Cook [Tue, 19 Nov 2019 13:56:30 +0000 (13:56 +0000)]
Bug 23290: Add test for write_net
Test plan:
Run t/db_dependent/Koha/XSLT/Security.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Marcel de Rooy [Fri, 15 Nov 2019 13:19:50 +0000 (13:19 +0000)]
Bug 23290: Add test Koha/XSLT/Security.t
Test plan:
Run it!
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
This follow-up refines the change made in the former patch.
See also
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=838097
https://rt.cpan.org/Public/Bug/Display.html?id=118032
We do not want to depend now on the exact LibXML version, so we will
disable expand_entities unless it is explicitly enabled via the config
variable koha_xslt_security. (Allowing us to test if bad things will be
caught.)
The options key is now always added to the Security object.
The return from set_parser_options has been removed to allow disabling when
there is no koha-conf entry (which probably is the normal situation).
Test plan:
[1] Test the first example patch with and without the other patches (excl.
the second example). Toggle expand_entities in koha-conf. Restart
Plack and flush the cache each time. Evaluate results with the
commit message of first example.
[2] Test both example patches with/without other patches.
Toggle expand_entities. Restart etc. Evaluate results with commit
message of second example (check tmp/breached.txt).
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Marcel de Rooy [Fri, 15 Nov 2019 12:41:32 +0000 (12:41 +0000)]
Bug 23290: Allow enabling expand_entities
Since libxml2 disables it now by default, we need to enable it for testing.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Marcel de Rooy [Fri, 15 Nov 2019 11:04:53 +0000 (11:04 +0000)]
Bug 23290: Apply the changes in Security to Base now
Until now Base did not yet use Security. The security lines are removed
from Base here by calls to Security.
A new test must be added still.
Test plan:
Ensure that t/db_dependent/XSLT_Handler.t still passes.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Marcel de Rooy [Fri, 15 Nov 2019 10:59:40 +0000 (10:59 +0000)]
Bug 23290: Introduce Koha::XSLT::Security
Also adds a temporary stub for Koha::XSLT_Handler referring to Base.
This will be removed later.
Test plan:
Run t/db_dependent/XSLT_Handler.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Marcel de Rooy [Fri, 15 Nov 2019 10:55:50 +0000 (10:55 +0000)]
Bug 23290: Rename XSLT_Handler
This is just a git move. Cannot be tested. (Easier for QA.)
The next patch adjusts paths etc. in the module.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
David Cook [Thu, 23 May 2019 06:53:57 +0000 (16:53 +1000)]
Bug 23290: XSLT system preferences allow administrators to exploit XML and XSLT vulnerabilities
The problem is that administrators can provide XSLTs that
can read from the server and network and write to the server. The
This patch prevents the Koha::XSLT_Handler from running
XSLT stylesheets that call actions such as read_file, write_file,
read_net, and write_net as documented at
https://metacpan.org/pod/XML::LibXSLT#XML::LibXSLT::Security
(Previous tests suggested issues with XML external entities
causing read file like vulnerabilities but these were not
reproducible)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Fri, 31 Jan 2020 13:43:39 +0000 (14:43 +0100)]
Bug 24545: Fix find-license-problems.t to catch future wrong license statements
File adjust to run tests and be executed on all our codebase.
Test plan:
- Apply this patch without the other one
- run the tests
=> Several failures
- apply the other patch
- run the tests
=> Should pass now
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Fri, 31 Jan 2020 13:07:20 +0000 (14:07 +0100)]
Bug 24545: Fix license statements
Bug 9978 should have fixed them all, but some were missing.
We want all the license statements part of Koha to be identical, and
using the GPLv3 statement.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard [Thu, 12 Dec 2019 13:30:43 +0000 (13:30 +0000)]
Bug 22880: (follow-up) Process all installed languages, not just enabled
This patch changes the database update so that the system preference is
copied to news items in all installed languages, not just those enabled
in the OPAC.
Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard [Wed, 4 Sep 2019 17:42:02 +0000 (17:42 +0000)]
Bug 22880: (follow-up) Define OpacHeader variable for conditional
This follow-up uses the updates introduced by Bug 23253 as a model for
improving the display of opacheader. Adding the OpacHeader variable
allows the template to check for its existence and display some
container markup around opacheader if it exists. This will help ease the
transition for libraries who depend on the #opacheader id for styling.
To test, apply the patch and test the OPAC with an 'opacheader' item
defined. The content should be displayed on the page inside '<div
id="opacheader"></div>.'
Delete the 'opacheader' news item and reload the OPAC page. There should
no longer be an #opacheader div.
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz> Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard [Wed, 11 Dec 2019 13:42:09 +0000 (13:42 +0000)]
Bug 22880: (follow-up) Loose ends: Better DB update, global inclusion, etc.
This patch makes a number of improvements and ties up some loose ends
where the old system preference usage wasn't getting replaced.
- Removes news-specific code for defining the language of news
items queried for the OPAC home page. An identical language variable
is already defined globally.
Previous to this patch an 'opacheader' news item would only appear on
the OPAC home page. Now it should appear on all OPAC pages.
- Changes the database update so that 'opacheader' news
items will be inserted with a default title, matching the interface's
requirement that the title field be populated.
- The database update will also now insert the old opacheader system
preference contents into the news item for all active languages as
defined in the 'opaclanguages' system preference. This helps match
the previous behavior in which the opacheader contents were the same
for all languages.
- Adds support for the new opacheader news item to the self checkout,
self check-in, and OPAC maintenance pages.
- Updates sysprefs.t which was using the opacheader preference to test
on. I've changed it to use URLLinkText instead.
- Removes the addition of the opacheader system preference from the
installation SQL file.
Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Owen Leonard [Thu, 9 May 2019 13:52:30 +0000 (13:52 +0000)]
Bug 22880: Convert opacheader system preference to news block
This patch builds on Bug 22318 to move the opacheader system preference
into the Koha news system, making it possible to have language- and
library-specific content.
It extends the original patch by adding an option to the template plugin
specifying whether the content title should be shown (probably should be
a flag in opac_news). It also adds a wrapper div with the content
location as the ID (e.g. 'opacheader'). This will make it slightly more
backwards-compatible with CSS customizations.
To test you should have some content in the opacheader system
preference. Apply the patch and run the database update process.
- Go to the OPAC and confirm that the content which was previously in
the opacheader system preference now displays correctly where it was
before.
- In the staff client, go to Tools -> News and verify that the content
from opacheader is now stored in a news item with the location
'opacheader_en.'
- Go to Administration -> System preferences and confirm that the
opacheader preference has been removed.
David Nind [Sat, 25 Jan 2020 11:01:52 +0000 (11:01 +0000)]
Bug 24291: Update the item type form text for library limitation field
Bug 15497 introduced the ability to limit item types by library.
However, the text next to the 'Library limitation' selection field on
the item type form mentions authorized values and is confusing.
The current text reads: "Select 'All libraries' if this authorized value
must be displayed all the time. Otherwise select libraries you want to
associate with this value."
This patch updates the text on the item type add or edit form for the
'Library limitation' field to something more understandable.
To test:
1) Apply the patch
2) Go to Administration > Basic parameters > Item types
3) Click 'Edit' for any item type
4) The text next to the 'Library limitation' field should now show
"Select 'All libraries' if all libraries use this item type. Otherwise,
select the specific libraries that use this item type."
5) Sign off
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Agustin Moyano [Tue, 21 Jan 2020 15:39:49 +0000 (12:39 -0300)]
Bug 24356: Make objects.search prefetch embedded relations
This patch makes the Koha::Object(s) derived classes expose information
about prefetch-able relations. This is then used by a new helper to
generate the prefetch information for the DBIC query.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Object* \
t/db_dependent/Koha/REST/Plugin/Objects.t \
t/Koha/REST/Plugin/Query.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Nick Clemens [Fri, 21 Feb 2020 12:28:30 +0000 (12:28 +0000)]
Bug 24629: SIP patron items contains an array of hashes
$patron->{items} contains the borrowers checkouts as an array of hashes
{ barcode => $item->barcode }
When printing to log we assumed these were only barcodes
This patch pushes the current checkout as a hash and maps the values retrieved to a string
To test:
1 - Enable SIP debug mode
2 - Perform multiple checkouts for a patron
3 - Note the messages like:
koha koha_sip_koha[13575]: ILS::Checkout: patron 123 has checked out HASH(0x55a5b187f858), HASH(0x55a5b1896ad0), HASH(0x55a5b18a6cf0), 7826832
4 - Apply patch
5 - Restart all the things
6 - Do some checkouts via SIP
6 - Messages should now have barcodes
Signed-off-by: Magnus Enger <magnus@libriotech.no> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Julian Maurice [Thu, 20 Feb 2020 07:29:37 +0000 (08:29 +0100)]
Bug 24693: Move GD from recommends to requires in cpanfile
Without it, catalogue/detail.pl dies (and probably other scripts too)
Test plan:
1. Uninstall GD, reload starman
2. Go to catalogue/detail.pl. Confirm that it dies
3. Reinstall GD, reload starman
4. Go to catalogue/detail.pl. Confirm that it work normally
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Tue, 26 Nov 2019 10:11:35 +0000 (11:11 +0100)]
Bug 24114: Remove warn statements from Koha::Patrons
The warn must be done in the cronjob.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Followed this test plan (with two follow-ups applied):
[1] Prefs: UnsubscribeReflectionDelay=1, PatronAnonymizeDelay=2, PatronRemovalDelay=3, FailedLoginAttempts was undef
[2] Pick borrower and set expiry to NOW-2, and lock him (login_attempts=-1) Could be achieved too by settings FailedLoginAttempts and trying wrong passwords. Run cleanup job:
Locked 0 patrons
Anonymized 1 patrons
Deleted 0 patrons
[3] Pick borrower, set expiry to NOW-3. Run cleanup job:
Locked 0 patrons
Anonymized 0 patrons
Deleted 1 patrons
Signed-off-by: Bouzid Fergani <bouzid.fergani@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Fri, 21 Feb 2020 09:31:54 +0000 (10:31 +0100)]
Bug 24682: Make UsageStatsGeolocation readonly (and redirect to the config page)
To prevent invalid values in this pref (and so on the server), we should
make this input readonly on the syspref page.
The sysprefs related to Hea should be edited from the dedicated page, so
also adding a note about that.
Test plan:
Search syspref with "UsageStats"
Notice the note about the admin page
Notice the UsageStatsGeolocation input is now readonly (and resized, to
display the whole value when filled)
Signed-off-by: Maryse Simard <maryse.simard@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Fridolin Somers [Tue, 28 Jan 2020 15:09:20 +0000 (16:09 +0100)]
Bug 24527: misc/cronjobs/update_totalissues.pl problem with multiple items
misc/cronjobs/update_totalissues.pl when issuing statistics table, no-incremental, has a problem for biblio with multiple items.
The first SQL query gets the biblios linked to items with issues in statistics :
SELECT
biblio.biblionumber, COUNT(statistics.itemnumber)
FROM
biblio
LEFT JOIN
items
ON
(biblio.biblionumber=items.biblionumber)
LEFT JOIN
statistics
ON
(items.itemnumber=statistics.itemnumber)
WHERE
statistics.type = 'issue'
$limit
GROUP BY
biblio.biblionumber
The second SQL query is :
SELECT
biblio.biblionumber, 0
FROM
biblio
LEFT JOIN
items
ON
(biblio.biblionumber=items.biblionumber)
LEFT JOIN
statistics
ON
(items.itemnumber=statistics.itemnumber)
WHERE
statistics.itemnumber IS NULL
GROUP BY
biblio.biblionumber
The problem is that this second query will set to 0 where ANY item has no entry in statistics table.
So when running it sets 0 to the biblio that had a value from first
query.
I think the best fix is to use "WHERE statistics.type = 'issue'" inside que JOIN :
LEFT JOIN statistics ON (items.itemnumber=statistics.itemnumber AND statistics.type = 'issue')
Test plan :
1) Begin with an empty database
2) Create a biblio 1 with no items
3) Create a biblio 2 with 3 items
4) Create a biblio 3 with 2 items
5) Checkout and checkin all items of biblio 2
6) Checkout and checkin the firt item of biblio 3
7) run misc/cronjobs/update_totalissues.pl --use-stats -v
8) Check biblio 1 has biblioitems.totalissues = 0
9) Check biblio 2 has biblioitems.totalissues = 3
10) Without patch the biblio 3 has biblioitems.totalissues = 0
11) With patch the biblio 3 has biblioitems.totalissues = 1
12) Check misc/cronjobs/update_totalissues.pl --incremental is OK
Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 24707: Remove AMICUS from default fr-CA z39.50 servers
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 24708: Update Z39.50 server attribute in fr-CA installation file
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Kyle M Hall [Fri, 21 Feb 2020 14:41:27 +0000 (09:41 -0500)]
Bug 24705: Holds placed via SIP will be given first priority
The SIP server does not calculate and pass a priority to AddReserve, which causes the hold to be given priority 1.
Test Plan:
1) Place a hold via SIP for a record with existing holds
2) Note the new hold is top priority
3) Apply this patch
4) Restart SIP
5) Repeat step 1
6) New hold should be last priority
Signed-off-by: Christofer Zorn <Christofer.Zorn@ajaxlibrary.ca> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Nick Clemens [Fri, 21 Feb 2020 21:11:37 +0000 (21:11 +0000)]
Bug 24711: Don't add logout input to login form
To test:
1 - Set OpacPublic syspref to 'Disable'
2 - Log in to OPAC
3 - Log out
4 - Try to log in again
5 - No error, but you get the login form again
6 - Apply patch
7 - Repeat
8 - This time you can log in again
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Fri, 21 Feb 2020 14:43:06 +0000 (15:43 +0100)]
Bug 24706: Fix ergonomic issue on the list view if empty
If the list is empty, the toolbar does not render correctly.
Buttons are displayed instead of links, also the "Sort" is displayed
when it should not
Test plan:
- Create a new list, do not add items
- Notice that the toolbar now renders correctly
- Use the different link to create/edit/delete
- Confirm that the sort link is not displayed
- Add a new item
- Confirm that the toolbar is looking the same as before
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Nick Clemens [Wed, 12 Feb 2020 18:44:05 +0000 (18:44 +0000)]
Bug 24646: Move RoundFinesAtPayment to 'Fines policy' section
To test:
- Search Admin->System preferences for 'RoundFinesAtPayment'
- Note it is listed under self-check
- Apply patch
- Restart/refresh
- Note it is now under Accounting -> Policy
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Ulrich Kleiber [Wed, 5 Feb 2020 10:04:20 +0000 (11:04 +0100)]
Bug 24588: Prevent e-mails from Koha to be flagged as spam
Set the e-mail headers Mailer-X and MessageID by Koha,
to gain a better positive score from the spam filter.
To test:
1) Let Koha send an e-mail message.
2) Check the header of this e-mail message with your e-mail client.
There should be no X-Mailer header with value 'Koha'. If there
is an MessageID header, it is probably set by the MSA, e.g. Exim.
Example:
Message-Id: <E1iyZRY-0006XT-0t@FQDN>
3) Apply patch.
4) Repeat step 1.
5) Check the header of the new e-mail message with your e-mail client.
There should be a X-Mailer header with value 'Koha' and a MessageID
header with a value set by Koha.
Example:
X-Mailer: Koha
Message-Id: <15807387030.B731e.18490@FQDN>
6) Sign off.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Aleisha Amohia [Thu, 13 Feb 2020 02:47:20 +0000 (02:47 +0000)]
Bug 22655: Adding holds rules to Onboarding tool
This patch adds the following fields to the circ rule step in the
onboarding tool:
- holds allowed (total)
- holds allowed (daily)
- holds per record (count)
To test:
1) Apply patch, drop and recreate database, restart memcached and refresh page
2) Go through the installer and get to the final step of the onboarding
tool
3) Confirm the above fields are now available to set in your circulation
rule
4) Save and log in to Koha
5) Go to Admin -> Circ and fines rules
6) Confirm the fields saved correctly
Sponsored-by: Catalyst IT Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Andreas Roussos [Fri, 14 Feb 2020 19:50:39 +0000 (19:50 +0000)]
Bug 17510: enable use of subfield 0 in MMT actions
When adding MARC modification template (MMT) actions, if a subfield
value of 0 (zero) is entered it will not show up in the action's
description upon saving. Also, if you try to modify an authority or
biblio record using actions that refer to subfield 0 the procedure
will fail.
This patch fixes that.
Test plan:
0) Create a MARC modification template and add some actions to it,
ideally testing all action types (Delete/Add new/Update existing
or add new/Move/Copy/Copy and replace); make sure you input a 0
(integer zero) in the text box for the subfield value(s).
1) As you save each action, observe that subfield 0 ($0) is missing
from the action description.
2) Home > Tools > Batch record modification: try to modify a biblio-
graphic record using the modification template you just created.
Observe that you get an error in the system logs if you click on
'Show MARC' or 'Modify selected records'.
3) Apply the patch.
4) Repeat steps 0-2. The subfield value ($0) should be displayed in
the action description and the Batch record modification should
work without problems.
Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Andreas Roussos [Fri, 14 Feb 2020 20:07:50 +0000 (20:07 +0000)]
Bug 17510: update MMT-related unit tests
The unit tests related to MARC modification templates need to be
updated with extra tests specific to actions involving subfield 0.
Test plan:
0) Apply the patch.
1) Run the updated unit tests, they should pass without any errors:
$ prove t/SimpleMARC.t
$ prove t/db_dependent/MarcModificationTemplates.t
Signed-off-by: Lisette Scheer <lisettes@latahlibrary.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Katrin Fischer [Sun, 12 Jan 2020 11:40:51 +0000 (12:40 +0100)]
Bug 11161: Relabel 'child fund' to 'sub fund' in staff interface
It was noted, that 'sub fund' might be a better term to use than
'child fund'. So this patch changes it.
To test, check with and without patch:
- Add a budget in acquisitions
- Add a fund in acquisitions
- Add a sub/child fund to your fund (label of menu item #1)
- Edit your first fund, check option to update owners of
sub/child funds (#2)
- Try to delete your 'parent' fund (tooltip #3)
- Click on the greyed out entry (alert ÃÃ#4)
If you like the change, please sign-off. If you think otherwise,
please comment on the bug report.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Nick Clemens [Wed, 21 Aug 2019 02:24:11 +0000 (02:24 +0000)]
Bug 23482: Fix BakerTaylor cover images on lists
While this needs a username/pass to fully test, it should be possible to
verify the code changes by comparing to opac-results code
To test:
1 - Enable BakerTaylor images
2 - Enter your usernme and password
3 - Do not fill the BookStore URL
4 - Verify OPAC covers are working
5 - Save some times with covers to a public list
6 - Verify they do not display in list
7 - Apply patch
8 - Verify images now work
Signed-off-by: Kelly McElligott <kelly@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Nick Clemens [Fri, 21 Feb 2020 12:56:53 +0000 (12:56 +0000)]
Bug 17896: load BakerTaylor module with use
We are incinsistent here, Amazon and Syndetics module are always loaeded in some places
BakerTaylor is conditional everywhere, and causes issues under plack
For simplicity sake I think we should just load this (small) module where it might be needed
To test:
1 - Disable Baker and Taylor images
2 - Restart plack
3 - Visit opac-readingrecord, opac-detail, opac-search, opac-shelves, opac-user
Log in to opac
Virew your reading history
Make/view a list
Search the catalog
Look at an individual title
4 - Enable BakerTaylorEnabled
If you don't have Baker and Taylor credentials, simply fudge them with bad data and enable
5 - Repeat steps above, in the word of Joubu "Kaboom"
6 - Apply patch
7 - Repeat 1-4
8 - You shoudl be able to load all the pages after enabling the pref
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
David Cook [Tue, 18 Feb 2020 00:59:05 +0000 (00:59 +0000)]
Bug 24676: Remove <p/> typo in opac-auth.tt
This patch removes some trivial invalid HTML from opac-auth.tt
Test plan:
1. Apply patch
2. As an unauthenticated user, try to place a hold on a search result
e.g. http://localhost:8080/cgi-bin/koha/opac-reserve.pl?biblionumber=29
3. View source or use an inspector to see there is no <p></p> block
between <input type="submit" value="Log in" class="btn"> and
<div id="nologininstructions">
Signed-off-by: Sally <sally.healey@cheshiresharedservices.gov.uk> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Jonathan Druart [Tue, 12 Nov 2019 08:30:40 +0000 (09:30 +0100)]
Bug 23777: Use To.json in request.tt
Test plan:
Use quotes in a library's name, then place an item on hold for a patron
that cannot do it.
If you are allowed to overwrite this restriction you will get a warning:
"This item normally cannot be put on hold except for patrons from
BRANCHNAME"
The library's name should be correcty displayed
Signed-off-by: Hayley Mapley <hayleymapley@catalyst.net.nz> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Martin Renvoize [Fri, 24 Jan 2020 12:23:39 +0000 (12:23 +0000)]
Bug 22359: Prevent undercollection at the server
This patch adds some additional handling to prevent undercollection of
fees at the server side.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Martin Renvoize [Wed, 20 Nov 2019 16:01:56 +0000 (16:01 +0000)]
Bug 22359: Improvements to payment collection inputs
This patch attempts to clarify the uses of the various input fields on
the paycollect screens.
It does this by adding validation to the form such that entering a
'collected' value that is lower than the 'paid' value is now forbidden.
Signed-off-by: Michal Denar <black23@gmail.com> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>