This patch removes the OPACShowBarcode syspref in favour of the new
columns settings option introduced by bug 16759.
On the upgrade step, it picks the value for OPACShowBarcode and uses it
to populate the columns_settings table.
To test:
- Verify the upgrade process maintains the current behaviour
Regards
Sponsored-by: Dover
Followed test plan and works as expected. Functionality of patch from bug 16759
appears intact too. Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marc Véron [Mon, 21 Aug 2017 13:27:20 +0000 (15:27 +0200)]
Bug 17381: Add system preference SCOMainUserBlock
This patch adds a system preference SCOMainUserBlock to display custom HTML
on the self checkout page.
To test:
- Set up self checkout (see section Self Checkout in Circulaton sysprefs )
- Apply patch
- Update db
- Add some HTML system preference SCOMainUserBlock
- Go to sco page
- Verify that HTML displays on page (logged in and not logged in)
New version based on Koha.Preference TT plugin as of comment #7
Depends on Bug 12691
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 25 Oct 2017 14:56:31 +0000 (11:56 -0300)]
Bug 19028: Add a note to the pref description
The idea was to keep the current behaviour, plus adding the option to
display on a separate column.
We need an explanation on the syspref description, stating that it is not enough to
choose 'on a separate column', enabling the colum in the columns
settings is required for it to take effect.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 19028: Add 'shelving location' to holdings table in detail page
This patch adds the option to show shelving locations on a separate
column. This is controlled by a new syspref, 'OpacLocationOnDetail',
which replaces 'OpacLocationBranchToDisplayShelving', adding a
conveniente 'column' option.
The new 'Shelving location' column is conveniently added to the columns
configuration entry added by bug 16759 for this purpose.
The current behaviour is preserved.
To test:
- Apply this patches
- Run the upgrade:
$ sudo koha-shell kohadev
k$ cd kohaclone
k$ perl installer/data/mysql/updatedatabase.pl
=> SUCCESS: Upgrade doesn't fail
- Have an item with shelving location set to something not void
- Have the item set home and holding libraries for testing purposes.
- Set 'OpacLocationBranchToDisplay' to 'home and holding libraries' [*]
- Visit the OPAC detail page for the record containing the item
=> SUCCESS: Both home and holding libraries are displayed.
- Loop through all OpacLocationOnDetail options (except from 'column', we leave it for later).
=> SUCCESS: Works as expected.
- Go to Administration > Columns settings
- Make item_shelving_location available in the OPAC section
- Reload the OPAC detail page
=> SUCCESS: No change
- Set OpacLocationOnDetail to 'on a separate column'
- Reload the OPAC detail page
=> SUCCESS: Shelving location is displayed on a separate column
- Sign off :-D
Sponsored-by: Dover
[*] For testing purposes
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch renames the 'OpacLocationBranchToDisplayShelving' syspref into
'OpacLocationOnDetail' and adds it a fourth option, 'column', that makes
the OPAC display shelving location on a separate column, instead of the
library names (home, holding or both).
Sponsored-by: Dover Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the holdings table in the OPAC biblio detail page
configurable using the Columns configuration tools.
This patch:
- Moves the holdingst table from plain DataTable to KohaTable
- Creates a sample yml colvis configuration for this table
containing all the currently available columns
To test:
- Visit some record's detail page in the OPAC
- Apply this patch
- Reload
=> SUCCESS: The page shows the same information
- On the staff interface, go to:
Home > Administration > Columns settings
=> SUCCESS: There's a new OPAC section containing the configuration for
holdingst.
- Choose to hide some fields (both currently displayed and currently hidden).
- Reload the OPAC detail page
=> SUCCESS:
- Required fields are hidden
- It doesn't explode because of trying to hide stuff that is not there to start with
- Sign off :-D
Sponsored-by: DOVER Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Followed test plan, patch worked as described. Also passed QA test tool
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 12 Jul 2017 12:32:24 +0000 (09:32 -0300)]
Bug 17277: Always display location and *branch item info - opac detail
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 24 Oct 2017 17:53:36 +0000 (14:53 -0300)]
Bug 19513: Re-add AnonymousPatron-related tests
These tests are still useful
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
The AddMember call is considerably slowing it down. A call to TestBuilder
would be an improvement for performance.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Fri, 20 Oct 2017 07:03:35 +0000 (09:03 +0200)]
Bug 19513: More changes to MarkIssueReturned.t (after bug 19487)
This patch was initially created as QA follow-up on 19487.
$dbh is not used
$categorycode is no longer used
%item_branch_infos not used
$borrowernumber is obsoleted by using $patron
No real need for $anonymous_borrowernumber (Since MarkIssueReturned returns
undef rightaway for an invalid itemnumber, the privacy stuff is irrelevant.)
No AddMember calls, removing unneeded modules
Adding a test that calls MarkIssueReturned on an item already returned.
Test plan:
[1] Run t/db_dependent/Circulation/MarkIssueReturned.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Tue, 24 Oct 2017 12:12:52 +0000 (12:12 +0000)]
Bug 18735: QA Followup - add class to new option
New option creates a single item batch, this may cause issues for some
libraries or they may want to disbale this feature. Adding a class to
the list item allows it to be hidden easily
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nazlı [Thu, 29 Jun 2017 13:24:21 +0000 (16:24 +0300)]
Bug 18735: Print Barcode as soon as adding an item
For testing
1) Look for any records.
2) Go to the material edit page.
3) Under Actions you will see Print label under Duplicate.
4) When you click Print Label, the relevant material will be redirected
to the Label Creator module in the Tools menu.
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 18949: Adding thead tags to OPAC MARC details holdings table
So that it can be styled alongside other tables in the OPAC.
To test:
1) Log into staff side
2) Find OPACUserCSS syspref and add the following CSS:
th,
.table-bordered>thead>tr:first-child>th {
color: red;
}
3) Log into the OPAC
4) Go to your fines, your search history, your reading history etc -
notice all of these table's headings are styled with red text
5) Go to the detail page of an item, then the MARC view.
Notice this table's headings are now styled with red text
6) Apply patch and refresh page
7) Your holdings table should now have red headings.
(You can delete the CSS from OPACUserCSS if you'd like.)
Sponsored-by: Catalyst IT Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 18184: Show frequency and numbering pattern info when viewing all subs attached to a biblio
To test:
1) Go to Serials, find a serial with more than one subscription
2) Click Serial collection
3) Notice how Frequency and Numbering pattern are filled out correctly
4) Click 'see any sub attached to this biblio'
5) Notice how Frequency and Numbering pattern are now missing info
6) Apply patch and refresh page
7) Confirm Frequency and Numbering pattern now show as expected
Sponsored-by: Catalyst IT Signed-off-by: sonia BOUIS <sonia.bouis@univ-lyon3.fr> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Sep 2017 16:03:04 +0000 (13:03 -0300)]
Bug 19298: Placing a hold from a list at the OPAC should respect issuing rules
The issuing rule retrieve to know if a hold can be placed on a record of
a list is not correct.
Test plan:
0/ With item-level_itypes = item level
1/ Define a item.itype=BK and biblioitems.itemtype=CF
2/ Create a default rule to allow on shelf holds
3/ Create a specific rule for CF with on shelf holds="If any
unavailable"
4/ Add this bibliographic record to a list and view the list
=> Without this patch you will not see "Place hold"
=> With this patch applied you will see the "Place hold" button,
respecting the correct issuing rule
Followed test plan, patches worked as described.
Note: Just to clarify the test plan slightly in step 4 where it says you will not see 'Place Hold' it means to
the left of the 'Save to another List' link below the item availability
in the opac-shelves.pl page. Not the 'Place hold' button in the grey
page header box.
Signed-off-by: Alex Buckley <alexbuckley@catalyst.net.nz> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To reproduce the problem you need switch on the two prefs
- OnSiteCheckouts
- OnSiteCheckoutsForce
Test plan:
Try to check an item out using an unknown barcode
With the 2 prefs set to on and without this patch, you will get the
following error in the log
Can't call method "materials" on an undefined value at
/home/vagrant/kohaclone/circ/circulation.pl line 387.
With this patch applied you should not get this error and a correct
behaviour for the different pref combinations.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 20 Oct 2017 14:49:38 +0000 (10:49 -0400)]
Bug 19495: Automatic report conversion needs to do global replace on 'biblioitems' and 'marcxml'
Bug 17898 provides a way of converting reports that use biblioitems.marcxml so that they will use biblio_metadata.metadata instead.
This only works with reports that do not refer to other columns in the biblioitems table. This is a known limitation. It means that we should be able to do a substitution of every occurrence of biblioitems with biblio_metadata, and every occurrence of marcxml with metadata.
Unfortunately, we're not doing a global replace, we're only replacing the first occurrence.
Test Plan:
1) Apply this patch
2) prove t/db_dependent/Reports/Guided.t
Jonathan Druart [Mon, 23 Oct 2017 19:59:11 +0000 (16:59 -0300)]
Bug 12768: Fix bad merge resolution conflict
RM note:
I have applied
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=68427
on top of other patches that were already pushed.
But it was supposed to replace them, this change revert what was in
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=68417
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
charles [Wed, 22 Apr 2015 19:54:04 +0000 (15:54 -0400)]
Bug 12768: Replacement cost and processing fee management
Signed-off-by: Eivin Giske Skaaren <eivin@sysmystic.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
charles [Wed, 22 Apr 2015 20:03:54 +0000 (16:03 -0400)]
Bug 12768: DB changes
Signed-off-by: Eivin Giske Skaaren <eivin@sysmystic.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Wed, 15 Feb 2017 16:24:57 +0000 (16:24 +0000)]
Bug 14826: Add offset for rental fees
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Thu, 21 Jul 2016 18:32:05 +0000 (18:32 +0000)]
Bug 14826: Unit Tests
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Tue, 12 Jul 2016 14:48:03 +0000 (14:48 +0000)]
Bug 14826: Resurrect account offsets table
The account offsets table should be used to track increments and
decrements of fines via payments and credits, as well as fine accruals.
It should be able to match fees to payments and visa versa, so we can
know which fee was paid by a given payment, and which payments applied
to a given fee.
Test Plan:
1) Apply this patch
2) Run updatedatabase
3) Note the table accountoffsets has been renamed to account_offsets
4) Ensure fine generation creates offsets
5) Ensure creating a manual invoice creates an offset
6) Ensure a lost item charge creates an offset
7) Ensure Reverse Payment creates an offset
8) Ensure a payment creates an offset
9) Ensure a payment for multiple fees creates an offset for each
10) Ensure writeoffs create offsets
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Tue, 12 Jul 2016 14:13:04 +0000 (14:13 +0000)]
Bug 14826: Add Koha::Account::Offset(s) modules
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Tue, 12 Jul 2016 13:50:11 +0000 (13:50 +0000)]
Bug 14826: Update database
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Mon, 9 Jan 2017 16:31:19 +0000 (16:31 +0000)]
Bug 19356: Move staff client cart JavaScript to the footer
This patch modifies the staff client cart template so that
JavaScript is included in the footer instead of the header.
To test, apply the patch and test the JavaScript-driven features of the
cart: All button controls, DataTables functionality.
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Correction for QA: Removed contditional around footer JS (from
copy-paste) because it will always be true.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Wed, 20 Sep 2017 13:21:27 +0000 (13:21 +0000)]
Bug 19348: Title column in item search is too narrow
This patch adds IDs to the item search results table header so that
columns can be targeted by CSS or JS. The CSS for the item search page
has been modified to give the title column a minimum width.
To test, apply the patch and clear your browser cache if necessary.
Perform an item search and confirm that the title column stays at a
reasonable width.
Signed-off-by: Dominic Pichette <dominic@inlibro.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Fri, 20 Oct 2017 06:11:38 +0000 (08:11 +0200)]
Bug 16187: (QA follow-up) Additional fixes
Fix:
Can't locate object method "next" via package "13" (perhaps you forgot to load "13"?) at misc/cronjobs/holds/cancel_unfilled_holds.pl line 119.
Undefined subroutine &main::CancelReserve called at misc/cronjobs/holds/cancel_unfilled_holds.pl line 143.
The script does not use Koha::Object's get_column correctly for getting
the branch codes.
The call to CancelReserve is obsolete. Was moved in the meantime to
Koha::Hold->cancel.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Thu, 14 Jul 2016 10:46:15 +0000 (06:46 -0400)]
Bug 16187: Add a script to cancel unfilled holds after a specified number of days
This script takes parameters:
days - how many days waiting to concal an unfilled hold on or after
library - (repeatable) branches to consider
holidays - whether or not to count holidays (default is no)
This patchset adds two methods and covers them with tests:
Koha::Holds->unfilled(); To return holds where found = undef
Koha::Hold->age( $use_calendar ); To return the number of days since a
hold was placed (including or excluding holidays)
To test:
1 - Place some holds with varying reservedates
2 - Run script with different parameters to verify options are respected
(-v for verbosity will assist here)
3 - verify that script does nothing without days parameter
Sponsored by:
Siskiyou County Library (http://www.siskiyoulibrary.info/)
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Bug 16187 - Followup
1 - Correct use of original (bad) script name
2 - Explain options better
3 - Remove change from 'W' to 'w'
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
RM note: Squashed for readability
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 10 Oct 2017 15:18:10 +0000 (12:18 -0300)]
Bug 18961: Use exact match for select filters on item search
The SQL operator LIKE is always used for filters when searching for
items.
If the filter is a select, we should search for an exact match.
That way we avoid problematic search like "%NFIC%" and "%FIC%" (one
includes the other one).
Test plan:
- Make sure you have collection codes 'Fiction' and 'Non-fiction'
- Do an item search
- Filter column 'Collection', select 'Fiction'
- Result: Column contains items from Fiction only
Followed test plan, works as expected. Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
this file is working has expected with mysql tools.
but koha-create parsing will not find the db host resulting in
koha-conf.xml containing no values in hostname element.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 18 Oct 2017 16:59:56 +0000 (13:59 -0300)]
Bug 19487: Do not return an item if not checked out
To recreate:
1 - Manually add a lost fine to a ptron and include a barcode
2 - Attempt to write off the fine
3 - Internal server error
4 - Checkout an item and mark lost to checkin and fine
5 - Attempt to write off line
6 - Internal server error
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Tue, 12 Sep 2017 16:57:47 +0000 (16:57 +0000)]
Bug 19296: Allow all tax processing to happen in C4::Acquisition::populate_order_with_prices
To test:
1 - Create an order file that includes prices and items
(MarcFieldsToOrder)
2 - Stage the file
3 - Set vendor to 'prices exclude tax'
4 - Open a basket and add from the file
5 - View the items in the basket
6 - Prices are reduced by the tax rate and tax is calculated to return
prices to the value in the file
7 - Apply patch
8 - Repeat steps 1-6
9 - Prices should now calculate correctly
10 - Repeat with 'MarcItemFieldsToOrder'
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Wed, 18 Oct 2017 11:59:06 +0000 (13:59 +0200)]
Bug 19463: (follow-up) Cosmetic changes
String::Random version 0.26 (on Jessie) does not yet support the rand_gen
parameter (0.27 does, newest is 0.29 on CPAN now).
So alt_rand is only used in determining the size on Jessie.
That might be enough though.
Adding a documention line in this regard.
Removing the obsolete max parameter.
Note: I timed alt_rand for the creation of a new Bytes::Random::Secure
object each time. But each call is about 0.1 milliseconds. So that
should be fine.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 17 Oct 2017 14:29:06 +0000 (11:29 -0300)]
Bug 19463: Reduce the chance to have TestBuilder generate twice the same value
When an id is generated by TestBuilder (branchcode for instance) and the
size of the generated string is 1, we have too many chances to get
"Violation of unique constraint in Branch".
This patch increases the number of retries to 5.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Amended to make room for follow-up.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Wed, 11 Oct 2017 14:09:19 +0000 (16:09 +0200)]
Bug 13572: (follow-up) Print since on a separate line
Very trivial change.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
charles [Thu, 15 Dec 2016 15:58:23 +0000 (10:58 -0500)]
Bug 13572: Add --actives parameter to force_borrower_messaging_defaults script
1) Apply the patch
2) Create a new patron with random values, except for it expiration date, make it expired (Patrons > New Patron > Student)
3) Enable the system preference called “EnhancedMessagingPreferences”
4) In “Administration" > "Patron categories" > Student, modify the "days in advance", then click "Save"
5) run the script "./misc/maintenance/borrowers-force-messaging-defaults --doit --actives"
6) Validate that the student created in step 2 hasn't changed (Patrons > search)
7) Validate that any other student that isn't expired has changed.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 17 Mar 2017 02:03:20 +0000 (23:03 -0300)]
Bug 18298: Add server-side checks and refactor stuffs
Now that we have a check client-side, nothing prevents us from a smart guy to
bypass it and force an invalid password.
This patch adds two new subroutines to Koha::AuthUtils to check the
validity of passwords and generate a password server-side. It is used
only once (self-registration) but could be useful later.
Moreover the 3 different cases of password rejection (too leak, too
short, contains leading or trailing whitespaces) were not tested
everywhere. Now they are!
This patch makes things consistent everywhere and clean up some code.
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 17 Mar 2017 02:02:13 +0000 (23:02 -0300)]
Bug 18298: minPasswordLength should not be used as the default password length
The length of the passwords generated for a patron should not be as long
as the value of minPasswordLength.
It is the minimum required size of a password, not the maximum!
So let's fix it to 8 if the minPasswordLength if < 8, that sounds
reasonable and less risky for patrons.
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 17 Mar 2017 02:01:34 +0000 (23:01 -0300)]
Bug 18298: minPaswordLength should not be < 3
Indeed if RequireStrongPassword is set we need at least 3 characters to
match 1 upper, 1 lower and 1 digit.
We could make things more complicated to allow minPasswordLength < 3
but, really, 3 is already too low...
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 17 Mar 2017 02:00:28 +0000 (23:00 -0300)]
Bug 18298: Move password generation to template side
This patch removes a really ugly way to generate a password: the whole
template was sent and parsed to retrieve the "#defaultnewpassfield" node.
To avoid the password to be sent plain text it is certainly better to
generate it client-side.
The same kind of passwords will be generated: 0-9a-zA-Z
The while loop prevents to get an invalid generated password.
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 17 Mar 2017 01:59:51 +0000 (22:59 -0300)]
Bug 18298: Use the validate jQuery plugin
To validate password fields we need to use the validate jQuery plugin.
To make things reusable this patch adds a new include file
'password_check.inc' at the intranet and opac sides, it creates 3 new
validation methods:
- password_strong => make sure the passwords are strong enough according
to the values of the RequireStrongPassword and minPasswordLength prefs
- password_no_spaces => prevent passwords to be entered with leading or
trailing spaces
- password_match => make sure both password fields match
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 14 Mar 2017 23:01:27 +0000 (20:01 -0300)]
Bug 18298: Enforce password complexity
This patchset prevents users to enter too leak password, controlled by
a new syspref RequireStrongPassword. If set the staff and patrons will have
to enter a strong password.
The strongness cannot be modified, it has been arbitrarily set (by the
author of this enhancement) to at least 1 lowercase, 1 uppercase and 1
digit. This can be inforce by increasing the value of the existing
minPasswordLength pref.
I decided to turn this feature on, it cannot hurt! For existing installs
it will have to be turned on manually.
Writing these patches I found a lot of inconsistencies all around the
password checks and decided to refactor everything to make things
consistent and more robust.
Now the password validity is check at only one place (subroutine
covered by tests).
Test plan:
We have several places where a password can be change/created:
a. Editing a patron (members/memberentry.pl)
b. Changing the password of a patron (members/member-password.pl)
c. Changing your own password at the opac (opac/opac-passwd.pl).
OpacPasswordChange needs to be set
d. Reseting your own password at the opac
(opac/opac-password-recovery.pl). OpacResetPassword needs to be set,
see "Forgot your password?" link when you are not logged in
e. Self registration feature, PatronSelfRegistration needs to be set.
You will also need to add 'password' to PatronSelfRegistrationBorrowerMandatoryField.
Note that '****' is considered by Koha internally that the password is
not changed (existing behavior).
To fully test this patch you will need to test the different
combinations of RequireStrongPassword and minPasswordLength.
Signed-off-by: Marc Véron <veron@veron.ch> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Use of uninitialized value in concatenation (.) or string at C4/Biblio.pm line 1456.
Note: In current master this is now line 1370 (Oct 9, 2017).
Test plan:
Enable COinSinOPACResults.
Select a record with leader pos6==a and pos7==a. This triggers genre to be
journalArticle and titletype to be a.
Without this patch, do an opac search that includes this record.
Check the log. You should see the warning.
Apply this patch, search again and check the log. The warning should not be
repeated again.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 27 Sep 2017 17:13:05 +0000 (14:13 -0300)]
Bug 19186: Change pref choice for SelfCheckoutByLogin - barcode vs cardnumber
The SelfCheckoutByLogin lists 'Barcode' as an option, but this should be
Cardnumber. Especially since more and more libraries are using chip
cards instead of barcodes.
Signed-off-by: David Bourgault <david.bourgault@inlibro.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Alex Buckley [Thu, 5 Oct 2017 02:18:01 +0000 (15:18 +1300)]
Bug 19413: Moving the OK and Cancel inputs to the top of the 008 builder
Followed test plan and patch applies and functions as described Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Josef Moravec [Mon, 9 Oct 2017 08:07:29 +0000 (08:07 +0000)]
Bug 19438: Fix sorting by date due in overdues.pl
Test plan:
0) Do not apply the patch
1) Have some overdued checkouts in your database
2) Go to circulation -> overdues (overdues.pl)
3) Try to sort the overdues table by due date and notice it is sorted
alphabetically, not by date
4) Apply the patch
5) Try again and confirm, it is sorted by date
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
David Bourgault [Fri, 6 Oct 2017 12:42:32 +0000 (08:42 -0400)]
Bug 19422: Missing DROP TABLES in kohastructure.sql
Adds DROP TABLE statements to the following tables
- article_requests
- biblio_metadata
- deletedbiblio_metadata
Test plan :
Clean your database by running 'mysql < kohastructure.sql'.
Without patch you'll get error messages.
With patch everything will work fine, no warnings.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 8 Sep 2017 15:52:02 +0000 (11:52 -0400)]
Bug 19275: clubs table broken at the opac if public enrollment is not allowed
Test Plan:
1. Create a template club and disable public enrollment
2. Create a club and add it a patron
3. login at the opac with this patron
4. Note the borked clubs table
5. Apply this patch
6. Refresh the page
7. Table is fixed!
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 10 Oct 2017 13:58:24 +0000 (10:58 -0300)]
Bug 19083: Fix 'show all details' link on closed basket detail
'Show all details' add columns on the basket summary page.
This link is broken if the basket is closed.
Indeed there is a JS error raised by $('#toolbar').fixFloat();
The toolbar is not displayed if the basket is closed.
This is caused by bug 12333, which added the floating toolbar.
Test plan:
Create 2 baskets with orders
Close 1 basket
Click on the 'show all details' links and confirm it works as expected
Also confirm that the toolbar works correctly
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
David Gustafsson [Thu, 12 Oct 2017 11:57:48 +0000 (13:57 +0200)]
Bug 19453: Incorrect jQuery selector for fund drop down validation
Steps to reproduce:
1. Create a new basket
2. Choose "Add to masket"
3. Choose "From a staged file"
4. Select a file
5. Save without selecting a fund
Expected results: A validation error should be shown, and form submit
halted.
Actual results: No validation error is shown and form submits.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>