As Martin correctly highlighted, the method name is not correctly
spelled in POD. This patch fixes it.
To test:
- Look carefully
=> FAIL: Method name is _verify_client_cb but POD says _verify_client_db
- Apply this patch
- Look carefully
=> SUCCESS: Notice the POD is fixed!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 20612: Make OAuth2 use patron's client_id/secret pairs
This patch wires the OAuth related code so it leverages on the new
Koha::ApiKey(s) classes and tools introduced by bug 20568 instead of the
hardcoded entries in koha-conf.xml originally proposed by bug 20402.
To test revisit the test plan for bug 20402, and verify that it works.
But create API key pairs instead of writing them down in koha-conf.xml.
Also:
- Run:
$ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass!
- Sign off :-D
Sponsored-by: ByWater Solutions Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the oauth.t tests leverage on the new Koha::ApiKey(s)
classes. It adds tests for expired tokens too.
To test:
- Apply this patch
- Run:
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests should fail without the rest of the patches.
Sponsored-by: ByWater Solutions Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Benjamin Rokseth <benjamin.rokseth@deichman.no> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 20568: (QA follow-up) Get rid of the id column
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 20568: (QA follow-up) Make sure client_id and secret are not overwritten on store
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 20568: (QA follow-up) Test client_id and secret are not overwritten
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch addresses the request from Julian that api keys are expected
to be client id/secret pairs.
It does so by
- Adding 'client_id' and 'secret' columns
- Removing 'value'
Tests got adjusted and so controller scripts and templates.
Both libs and tests changes have been squashed. This ones remain in
order to keep Owen's attribution on the template changes and avoid
rebase conflicts.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Mon, 16 Apr 2018 15:23:50 +0000 (15:23 +0000)]
Bug 20568: (follow-up) Interface and markup changes
This patch makes some interface changes to bring things better in line
with existing interface patterns. This patch also re-indents the
modified templates with 4 spaces instead of 2 and makes <input>s
self-closing.
Also changed: Corrected system preference check in opac-apikeys.pl.
To test, apply the patch and:
In the staff client:
- Open a patron record and choose More -> Manage API keys.
- There should be a standard message dialog containing a link to
"Generate a new key."
- Clicking the link should show the form for adding a new key.
- Test that clicking the "Cancel" link hides the form.
- Test that creating the new key works correctly.
- You should now see a table showing existing keys and a "Generate a
new key" button above it.
- Test that the "Delete" button asks for confirmation, and that
confirming and denying both work correctly.
- Test that "Revoke" and "Activate" actions still work correctly.
In the OPAC:
- Set the AllowPatronsManageAPIKeysInOPAC system preference to "Allow."
- Log in to the OPAC and click the "your API keys" link in the sidebar.
- Clicking the "Generate new key" button should display the form for
adding a new key.
- Clicking the "cancel" link should hide the form.
- Submitting the form should add a new key.
- You should now see a table showing existing keys.
- Test that the "Delete" link asks for confirmation, and that
confirming and denying both work correctly.
- Test that "Revoke" and "Activate" actions still work correctly.
- Set the AllowPatronsManageAPIKeysInOPAC system preference to "Don't
allow."
- Log in to the OPAC and confirm that the "your API keys" link in the
sidebar is no longer visible.
- Confirm that navigating directly to /cgi-bin/koha/opac-apikeys.pl
results in a 404 error.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the OPAC interface for API keys management work
with the new lib. Verify all actions work for a logged user.
Users without login should be redirected to an error page.
The AllowPatronsManageAPIKeysInOPAC syspref is added to control if the
OPAC feature is enabled or not.
To test:
- Verify the syspref works
- Verify users can manage their API keys
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds unit tests for the introduced classes: Koha::ApiKey(s).
To test:
- Apply this patch
- Run
$ kshell
k$ prove t/db_dependent/Koha/ApiKeys.t
=> FAIL: Tests fail because the feature is not implemented.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 20568: Add mandatory description field for api keys
This patch changes the table structure adding fields usually found on
this kind of api management pages.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Julian Maurice [Mon, 23 Mar 2015 19:14:23 +0000 (20:14 +0100)]
Bug 20568: API keys management in interface
This introduces the concept of API keys for use in the new REST API.
A key is a string of 32 alphanumerical characters (32 is purely
arbitrary, it can be changed easily).
A user can have multiple keys (unlimited at the moment)
Keys can be generated automatically, and then we have the possibility to
delete or revoke each one individually.
Test plan:
1/ Go to staff interface
2/ Go to a borrower page
3/ In toolbar, click on More -> Manage API keys
4/ Click on "Generate new key" multiple times, check that they are
correctly displayed under the button, and they are active by default
5/ Revoke some keys, check that they are not active anymore
6/ Delete some keys, check that they disappear from table
7/ Go to opac interface, log in
8/ In your user account pages, you now have a new tab to the left "your
API keys". Click on it.
9/ Repeat steps 4-6
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Julian Maurice [Thu, 12 Apr 2018 07:17:43 +0000 (09:17 +0200)]
Bug 20402: Fix oauth.t
GET /patrons now requires { "borrowers": 1 } instead of
{ "borrowers": "edit_borrowers" }
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Julian Maurice [Tue, 13 Mar 2018 12:17:12 +0000 (13:17 +0100)]
Bug 20402: Implement OAuth2 authentication for REST API
It implements only the "client credentials" flow with no scopes
support. API clients are tied to an existing patron and have the same
permissions as the patron they are tied to.
API Clients are defined in $KOHA_CONF.
Test plan:
0. Install Net::OAuth2::AuthorizationServer 0.16
1. In $KOHA_CONF, add an <api_client> element under <config>:
<api_client>
<client_id>$CLIENT_ID</client_id>
<client_secret>$CLIENT_SECRET</client_secret>
<patron_id>X</patron_id> <!-- X is an existing borrowernumber -->
</api_client>
2. Apply patch, run updatedatabase.pl and reload starman
3. Install Firefox extension RESTer [1]
4. In RESTer, go to "Authorization" tab and create a new OAuth2
configuration:
- OAuth flow: Client credentials
- Access Token Request Method: POST
- Access Token Request Endpoint: http://$KOHA_URL/api/v1/oauth/token
- Access Token Request Client Authentication: Credentials in request
body
- Client ID: $CLIENT_ID
- Client Secret: $CLIENT_SECRET
5. Click on the newly created configuration to generate a new token
(which will be valid only for an hour)
6. In RESTer, set HTTP method to GET and url to
http://$KOHA_URL/api/v1/patrons then click on SEND
If patron X has permission 'borrowers', it should return 200 OK
with the list of patrons
Otherwise it should return 403 with the list of required permissions
(Please test both cases)
7. Wait an hour (or run the following SQL query:
UPDATE oauth_access_tokens SET expires = 0) and repeat step 6.
You should have a 403 Forbidden status, and the token must have been
removed from the database.
8. Create a bunch of tokens using RESTer, make some of them expires
using the previous SQL query, and run the following command:
misc/cronjobs/cleanup_database.pl --oauth-tokens
Verify that expired tokens were removed, and that the others are
still there
9. prove t/db_dependent/api/v1/oauth.t
Signed-off-by: Josef Moravec <josef.moravec@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a --timezone switch to koha-create so the timezone can
be set on creation time. It defaults to empty (i.e. using the server's
local time).
To test:
- Create an instance:
$ sudo koha-create --create-db timezone1
=> SUCCESS: /etc/koha/sites/timezone1/koha-conf.xml contains an empty
<timezone> entry.
- Apply this patch
- Run:
$ perl misc4dev/cp_debian_files.pl
- Create a new instance:
$ sudo koha-create --create-db timezone2
=> SUCCESS: /etc/koha/sites/timezone2/koha-conf.xml contains an empty
<timezone> entry (i.e. the current behaviour is preserved).
- Create a new instance:
$ sudo koha-create --create-db --timezone Your/Timezone timezone3
=> SUCCESS: /etc/koha/sites/timezone3/koha-conf.xml contains
<timezone>Your/Timezone</timezone> (i.e. introduced behaviour works)
- Sign off :-D
Sponsored-by: ByWater Solutions Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Mason James [Tue, 1 May 2018 01:24:37 +0000 (13:24 +1200)]
Bug 20686: OPAC shows 'Login to OverDrive account' with 'OverDriveCirculation' syspref disabled
ps: you will need an active and working overdrive account to test this patch
1/ prepare a koha with overdrive sysprefs set and working
(OverDriveLibraryID,OverDriveClientKey,OverDriveClientSecret)
2/ set OverDriveCirculation syspref to 'disable'
3/ do an opac search, note the 'Login to OverDrive account' message is incorrectly displayed
see pic 1
4/ apply patch
5/ do an opac search, note the 'Login to OverDrive account' message is no longer displayed (good)
see pic 2
Can confirm that bug is replicable and patch applies and functions as described. Signed-off-by: Dilan Johnpullé <dilan@calyx.net.au> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 27 Feb 2018 16:37:53 +0000 (13:37 -0300)]
Bug 20305: Remove warnings from tools scripts
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Fri, 4 May 2018 06:10:46 +0000 (08:10 +0200)]
Bug 20687: (follow-up) Look for invitekey in show_accept and fix error codes
We should check the invitekey in show_accept by passing it along in the
search call.
On the way I fixed some error checking: if the list number is invalid, or
the list is public or you are the owner, or if the key is not found, we
should set the right error code; the template contains those messages.
Test plan:
[1] Share a list and accept a correct invitation with another user.
[2] Try to accept some invalid proposals: wrong key, wrong list.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested invalid key, wrong list, owner, public list, expiry.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Tue, 1 May 2018 13:47:18 +0000 (13:47 +0000)]
Bug 20687: Check all share keys for a given list
This patch gets all the shares for a list and iterates through to find
the correct one when accepting from a link
To test:
1 - Create a private list in the opac
2 - Invite 2 patrons to the list
3 - Try to accept from the patron you first shared to
4 - You will get a failure message about expiration of the link
5 - Apply patch
6 - Now try to accept the first share
7 - It works! Success!
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 20284: ILLModuleCopyrightClearance text breaks
This patch fixes the display of the copyright notice text that is defined
in ILLModuleCopyrightClearance preference when placing ILL requests from
the OPAC. Handling of the copyrightclearance stage was missing,
this has been added.
To test:
1) Ensure you have at least one ILL backend available:
https://wiki.koha-community.org/wiki/ILL_backends
2) Ensure you have the "ILLModule" preference enabled
3) Add some text to the "ILLModuleCopyrightClearance" preference
4) Navigate to a search results page in the catalog
5) Click the "Make an Interlibrary Loan request" link at the bottom
6) Choose "Create a new request", then select a backend
7) Observe the text you added earlier is displayed with buttons for
agreeing or disagreeing (prior to this patch, this screen displayed
an error)
8) Observe that clicking "Yes" takes you to the form for adding request
details
9) Observe that clicking "No" takes you back to the "Interlibrary loan
requests" page
Signed-off-by: Barry Cannon <bc@interleaf.ie> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Mark Tompsett [Thu, 26 Apr 2018 04:31:32 +0000 (04:31 +0000)]
Bug 20663: Add some POD, so koha test tools don't complain
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Mark Tompsett [Thu, 26 Apr 2018 04:17:51 +0000 (04:17 +0000)]
Bug 20663: Remove dead code related to compound reports
TEST PLAN
---------
git grep "Create Compound Report"
-- only one file
git grep compound | grep 1
-- this is the only setting of the compound tt variable
less koha-tmpl/intranet-tmpl/prog/en/modules/reports/guided_reports_start.tt
-- There is an TT IF statement for compound.
-- In that statement it would trigger 'Save Compound'
git grep save_compound
-- only the template and the guided report perl
git grep create_compound
-- only triggered by the save code in the guided report perl
-- in the export for the C4/Reports/Guided.pm
git grep run_compound
-- left over in export
apply the patch
look around and see the pieces are cleaned up.
run koha qa test tools
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Katrin Fischer [Sun, 22 Apr 2018 22:00:17 +0000 (22:00 +0000)]
Bug 19171: Attempt to make "no holds possible" messages less confusing
At the moment, when no holds are possible, the OPAC reads something
like:
Sorry, none of these items can be placed on hold.
No items available.
This is confusing to the patrons, because the records have items,
but they are not showing. The record also may have available items,
they are just not permitted to place holds on them.
Changes:
- Only display the first message, when somoene tried unsuccessfully
to place holds on multiple records.
- Change first message to: Sorry, none of these titles can be placed on hold.
- Change the second message to read:
No items available to be placed on hold.
- Remove <strong> around Sorry for better translatability.
To test:
- Try to place a hold on single record, where no hold is possible.
- Try to place a hold on a single record, where a hold is possible.
- Try to place holds on multiple records where no hold is possible.
- Try to place holds on multiple records where at least one hold
is possible.
Verify the screen messages make sense in all cases.
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Fixed stray </strong> during signoff.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
For consistency with staff, I renamed multi_holds to multi_hold.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 3 May 2018 17:30:00 +0000 (14:30 -0300)]
Bug 11317: Add id and class attributes to body
This fixes xt/tt_valid.t
# Failed test '<body> tag with id and class attributes'
# at xt/tt_valid.t line 91
# Files list:
# intranet-tmpl/prog/en/modules/tools/access_files.tt: 8
# Looks like you failed 1 test of 3.
[16:44:56] xt/tt_valid.t
Dubious, test returned 1 (wstat 256, 0x100)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Katrin Fischer [Sat, 28 Apr 2018 00:30:55 +0000 (02:30 +0200)]
Bug 11317: (QA follow-up) Change tool name to be more general
I think this tool could be used in multiple ways, for all kinds
of files that you want to protect by login in Koha. So a more
general name might work better.
This is a suggestion, not mandatory.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 11317: (follow-up) Add two-level entry to koha-conf and remove unwanted characters
- Removed merge marker
- Changed include path in favor of using the Asset tt plugin (bug 20538)
- Changed access_dir to a two-level entry for clarity
Test plans stay the same, just make sure that the two-level configuration entry
work properly and everything pass QA.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 11317: Add a way to access files from the intranet
This squash contains all of these commits:
- Adds a page to access log files on the server from the intranet
- Update ID to allow for permalinking
- Rename config to "'accessdir' and fix qa
- Allows for multiple directories to be accessible
- Update the link under reports
- (Follow-up) Fixing merge error and cosmetic changes
- (Follow-up) Fix tab chars and move javascript to the footer
- (QA Follow-up) Fix datatable
- Make filename unicode-proof, renamed accessdir to access_dir and fix update
Test plans:
- Apply patch, update database
- Add to koha-conf:
<access_dir>/tmp/koha-public/one</access_dir>
<access_dir>/tmp/koha-public/two</access_dir>
<access_dir>/tmp/koha-public</access_dir>
- Create these directories ( mkdir /tmp/koha-public , etc...)
- Create these files:
echo "hello world!" > /tmp/koha-public/❤
echo "test" > /tmp/koha-public/one/samename.txt
echo "this is not the same" > /tmp/koha-public/two/samename.txt
- Login as Superadmin, go to tools > reports files
- Click on ❤, make sure it's downloadable and readable
- Click on both samename.txt, look inside and make sure the file is different
- Login as NON-superadmin. Go under tools, see no Report/Log under the third column
- Go to add tools/access_file permission to user
- See new entry under tools third column.
- validate link is ok.
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Mark Tompsett [Wed, 28 Mar 2018 22:40:09 +0000 (22:40 +0000)]
Bug 20103: Readonly::XS is completely bogus post perl 5.8
A ha! Lie about who we are, and the module will return a version.
./koha_perl_deps.pl -a
-- before patch Readonly::XS is 0
-- after patch it has a version number.
run koha qa test tools
Signed-off-by: Victor Grousset <victor.grousset@biblibre.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Josef Moravec [Mon, 19 Mar 2018 09:27:07 +0000 (09:27 +0000)]
Bug 20444: Use Koha::Patron::Attribute::Types object for getting patron attributes in letter.pl
Test plan:
0) Apply the patch
1) Do not have any patron attribute types defined
2) Go to Tools -> Notices and slips
3) Edit any slip/letter which uses table borrower
4) Confirm the editing works, and the slip/letter itself works
5) Add some patron attributes types and define them a value for any
patron
6) Go to Tools -> Notices and slips and edit any slip/letter which uses
table borrower
7) Confirm, the attributes are listed in available fields
8) Confirm the slip/letter is working when you add a attribute to it
Signed-off-by: Séverine QUEUNE <severine.queune@bulac.fr> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Alex Arnaud [Tue, 5 Dec 2017 10:43:05 +0000 (10:43 +0000)]
Bug 19752: offline_circ/service.pl - Return HTTP status 401 when authentication failed and add option nocookie
Test plan:
- Apply this patch,
- log in to Koha,
- go to cgi-bin/koha/offline_circ/service.pl with no valid user
and password as parameters and nocookie set to 1. i.e:
cgi-bin/koha/offline_circ/service.pl?userid=alex&password=wrongpass&nocookie=1,
- auth should fail
- check that the response code is 401
Signed-off-by: Maksim Sen <maksim.sen@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Victor Grousset [Tue, 16 Jan 2018 09:06:20 +0000 (10:06 +0100)]
Bug 19972: Make holds to pull list honors item-level_itypes syspref
And reflect that in the UI strings + variable names
Test plan:
1. Set syspref "item-level_itypes" to "specific item"
2. Create a hold on a record with one item
3. Change the document type of the item
4. Check that the item edition page and the record page show 2 different
types.
5. Go to /cgi-bin/koha/circ/pendingreserves.pl
6. Check that the displayed type is the item one
7. Set syspref "item-level_itypes" to "biblio record"
8. Go to /cgi-bin/koha/circ/pendingreserves.pl
9. See that the displayed type is the item one. When the sysopref says
"record"
This is the bug.
10. Apply this patch
11. Go to /cgi-bin/koha/circ/pendingreserves.pl
12. See that the displayed type now follows the syspref
13. Set syspref "item-level_itypes" to "specific item"
14. Go to /cgi-bin/koha/circ/pendingreserves.pl
15. See that the displayed type still follows the syspref
Signed-off-by: Lucie Gay <lucie.gay@ens-paris-saclay.fr> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Mark Tompsett [Thu, 26 Apr 2018 16:57:47 +0000 (16:57 +0000)]
Bug 20666: Correct permissions on opac-routing-lists.pl
You will need to have the 'Your routing lists' appear
in the opac-user page in order to trigger the error.
Make sure plack is off, and you will an error 500 page.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Mark Tompsett [Thu, 26 Apr 2018 16:22:16 +0000 (16:22 +0000)]
Bug 20666: Correct executable permissions
TEST PLAN
---------
On a kohadevbox:
1) sudo koha-plack --enable kohadev
2) restart_all
3) Enter fines for a patron in the staff client
4) Go to the 'Fines' tab (left pane)
5) Go to the 'Account' tab (below the row of buttons)
6) Click 'Details'
-- no issues
7) sudo koha-plack --disable kohadev
8) restart_all
9) refresh page
-- Error 500
10) apply patch
11) restart_all
12) refresh page
-- no issues
13) sudo koha-plack --enable kohadev
14) restart_all
15) refresh page
-- no issues
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 24 Apr 2018 18:21:36 +0000 (15:21 -0300)]
Bug 20637: Fix filters content on the holds to pull screen
libraries and locations are separated by <br> whereas itypes are using
\n
This patch standardized the separator to generate correctly the filters
pulldown
Test plan:
- Place a hold on a biblio record which has several items
- Define different locations and itypes for these items
- Display the holds on the "Holds to pull" screen and make sure the
filters are working correctly (focus on the dropdown list)
Signed-off-by: Victor Grousset <victor.grousset@biblibre.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Wed, 25 Apr 2018 12:38:25 +0000 (12:38 +0000)]
Bug 20329: Text input fields are wider than the fieldset class they are inside of
This alternate patch defines a width of 100% for text inputs and selects
inside sidebar fieldsets. The scope of this style is limited to the
sidebar by unsetting the width for fieldsets within "#yui-main," the
main body of the page.
This patch also removes inline styles from two templates which are now
unnecessary.
To test, apply the patch and clear your cache if necessary.
View various pages which have a sidebar search form: acqui/invoices.pl,
members/members-home.pl, circ/overdue.pl, acqui/parcel.pl. Confirm that
form fields in the sidebar look correct.
Confirm that other forms styled with the "brief" class aren't
unintentionally affected by this patch. For example:
circ/request-article.pl, members/member-password.pl,
reports/reports-home.pl, reserve/request.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Alex Buckley [Sun, 4 Mar 2018 05:31:15 +0000 (05:31 +0000)]
Bug 20329: Shorten the width of text input fields
This makes the text input fields fit tidily within the border of the
fieldset class elements they are within.
Test plan:
1. Go to the acqui/invoices.pl, members/members-home.pl,
circ/overdue.pl, acqui/parcel.pl and notice that the text input fields
on the fieldset element on the left hand side of the screen for
filtering search results are too wide and go over the border of the
fieldset element
2. Apply patch
3. Refresh the aforementioned pages and notice the text inputs have a
shortened width and now fit within the fielset class element
Sponsored-By: Catalyst IT Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Magnus Enger [Mon, 9 Apr 2018 10:39:23 +0000 (12:39 +0200)]
Bug 20546: Display shelving location on checkin
Currently, the sehlving location is not being displayed in the table
of checked in items on <intranet>/cgi-bin/koha/circ/returns.pl
To test:
- Make sure you have a couple of books with a value for shelving location (952$c)
- Check the books out
- Check the books in
- Verify nothing is displayed in the "Shelving location" column
- Apply this patch
- Check the books out and in again
- Verify the shelving location is now being displayed
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 27 Feb 2018 16:36:21 +0000 (13:36 -0300)]
Bug 20304: Remove warnings from cataloguing scripts
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 23 Mar 2018 18:03:52 +0000 (15:03 -0300)]
Bug 18342: Mark Cache::Memcached as mandatory
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 27 Sep 2017 19:19:07 +0000 (16:19 -0300)]
Bug 18342: Enable memcached by default for new installs
Note that there is no way to create an install without memcached.
As it is now considered as stable, there is no point to not use it.
Test plan:
Create a new Koha install and make sure memcached is enabled by default
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Ere Maijala [Thu, 26 Apr 2018 13:08:25 +0000 (13:08 +0000)]
Bug 20665: Reset MySQL connection time zone in the OAI-PMH Provider
TEST PLAN
---------
apply unit test patch
prove t/db_dependent/OAI/Server.t
-- should fail
apply this patch
prove t/db_dependent/OAI/Server.t
-- should pass
run koha qa test tools
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Ere Maijala [Thu, 26 Apr 2018 13:05:51 +0000 (13:05 +0000)]
Bug 20665: Units tests for testing MySQL connection time zone
TEST PLAN
---------
apply this test patch
prove t/db_dependent/OAI/Server.t
-- should fail
apply the other patch
prove t/db_dependent/OAI/Server.t
-- should pass
run koha qa test tools
Signed-off-by: Mark Tompsett <mtompset@hotmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
David Bourgault [Tue, 1 May 2018 19:09:53 +0000 (15:09 -0400)]
Bug 19466: Turn AutoCalc off for new installs
Default value of AutoMemberNum is now 0.
TEST PLAN:
0. Do a fresh install of Koha
1. In system preferences AutoMemberNum should be off
2. No warning should be shown next to the cardnumber field in the patron creation form.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 25 Apr 2018 19:52:07 +0000 (16:52 -0300)]
Bug 20659: Fix blocking errors display
The include file blocking-errors.inc has been created to by-pass regular
processing and display an error that should block the elements of the
view.
For instance you call a patron's page with invalid borrowernumber => we
do not want the app to crash (500) or the page to display with broken
elements.
It worked well on bug 18403 but it's now broken, a blank page is
displayed instead.
It may be caused by the move of the JS to the bottom of the page.
Test plan:
hit /cgi-bin/koha/members/moremember.pl?borrowernumber=45432
Without this patch a blank page is displayed.
With this patch you see the blocking error
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Mon, 23 Apr 2018 13:37:48 +0000 (10:37 -0300)]
Bug 19204: Add tests for new days_mode parameter
Sponsored-by: Goethe-Institut Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Mon, 23 Apr 2018 21:52:00 +0000 (18:52 -0300)]
Bug 19204: Add a test: holiday is expiration date
Sponsored-by: Goethe-Institut Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Mon, 23 Apr 2018 21:12:00 +0000 (18:12 -0300)]
Bug 19204: Clean the tests a bit to reuse the same pattern
The same pattern is used several times in test:
checkout, checkin, get the debarment, compare the dates and remove the
debarment.
Let's move that to a separate subroutine
Sponsored-by: Goethe-Institut Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Mon, 23 Apr 2018 18:23:00 +0000 (15:23 -0300)]
Bug 19204: Make the debarment date calculation depends on finesCalendar
This patchs adds the ability to calculate the end of the suspension date
(debarment date) using the finesCalendar syspref.
Prior to this patch it was never calculating without taking into account
the calendar.
calculated without taking holidays into account.
This was a problem because the restriction could end in the middle of a
period the library is closed.
Test plan:
- Set finescalendar to 'not including days the library is closed'
- Set a circulation condition with no fine/maxfine, but fine days and
max fine days instead
- Check out an item with a due date in the past
- Check the item in and verify the restriction date
- Clean the restriction
- Add holidays to your calendar on the calculated restriction date
- Check the item out again with the same due date in the past
- Check in the item again
- Verify the calculated restriction end date has changed, it's set to the day
after the holiday.
Fines in days restriction calculation is correctly taking calendar
into account.
Sponsored-by: Goethe-Institut Signed-off-by: Claire Gravely <claire.gravely@bsz-bw.de> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 20100: (QA follow-up) Pref description and improve code in member-flags
Two points as mentioned on Bugzilla comment29.
[1] Improve pref description. Feedback from comment30 incorporated.
[2] Improve code in member-flags. Check if we change librarian flag first.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested the die with "disable_superlibrarian_privs => 0" in member-flags.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Wed, 31 Jan 2018 15:47:23 +0000 (16:47 +0100)]
Bug 20100: Disallow access to superlibrarian privileges at client side
This last patch activates the check at client side.
If the pref ProtectSuperlibPrivs is enabled, non-superlibs should not be
able to change superlibrarian privileges via the interface.
Test plan:
[1] Enable the pref.
[2] Login as superlib and add/remove superlib privs to a staff user.
[3] Login as another user (no superlib, but having borrowers, permissions
and staff_access). Verify that you cannot add or remove superlib
privs.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: JM Broust <jean-manuel.broust@univ-lyon2.fr> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Wed, 31 Jan 2018 14:02:36 +0000 (15:02 +0100)]
Bug 20100: Disallow access to superlib privileges at server side
Depends on pref ProtectSuperlibPrivs.
If enabled, script member-flags.pl will not allow you to add or remove
superlib privs when you are no superlibrarian.
The follow-up patch will enable the check at client side.
Test plan:
[1] Enable the pref. Do not apply the third patch (client side).
[2] Login as superlib and add/remove superlib privs to a staff user.
[3] Login as another user (no superlib, but having borrowers, permissions
and staff_access). Verify that you have an internal server error when
you add or remove superlib privs. The log contains a warning.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: JM Broust <jean-manuel.broust@univ-lyon2.fr> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This pref allows you to block changes to superlibrarian privileges at
client and server side for non-superlibrarians.
This patch only contains the db rev and the preference description.
Test plan:
Run dbrev or new install. Check pref value.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: JM Broust <jean-manuel.broust@univ-lyon2.fr> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Katrin Fischer [Sat, 21 Apr 2018 00:40:15 +0000 (00:40 +0000)]
Bug 2696: (QA follow-up) Several fixes to template variables
- Fix link to patron account in breadcrumbs
- Fix includes for accounttype.inc to display type correctly
- in Details for fee
- in Payments list
- Fix use CGI qw ( -utf8 );
- Remove <br> from within a string for better translation
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Thu, 21 Dec 2017 14:15:52 +0000 (14:15 +0000)]
Bug 2696: Fine payments should show what was paid for
Test Plan:
1) Apply this patch and its' dependencies
2) Create and pay some various fees and fines
3) View the payments for fees, and fees paid by payments by
using the new 'Details' button available on boraccount.pl
Signed-off-by: Lee Jamison <ldjamison@marywood.edu>
Running updatedatabase.pl after patch application makes dependencies
happy. Passes QA Tools and works as intended.
Rebased (2017-12-21): Alex Arnaud <alex.arnaud@biblibre.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Bug 2696: (QA follow-up) - Remove use of GetMember
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Mark Tompsett [Wed, 28 Mar 2018 02:47:18 +0000 (02:47 +0000)]
Bug 20482: Correct Terminology codes to Bibliographic ones
"RELATIONSHIP TO ISO 639-2
ISO 639-2 (Codes for the representation of names of
languages-- Part 2: alpha-3 code) was based on the MARC
Code List for Languages and published in 1998. In the 22
cases where the ISO 639-2 list has two alternative codes,
the bibliographic code is the same as the MARC code."
(http://www.loc.gov/marc/languages/introduction.pdf)
This leads me to believe that eus, mri, and sqi are
incorrect. The slk code was corrected on an earlier bug.
TEST PLAN
----------
Apply patch
Do a database upgrade
-- Are eus, mri, and sqi fixed?
reset_all
-- Are eus, mri, and sqi never there in the first place?
koha qa test tools only check perl code.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>