Pedro Amorim [Mon, 24 Jul 2023 13:36:02 +0000 (13:36 +0000)]
Bug 34354: Fix progess typo
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Thu, 20 Jul 2023 12:16:22 +0000 (12:16 +0000)]
Bug 34322: Correct icon triggering more fund search options
This patch updates the budget/fund administration header search form so
that it uses the "fa-slider" Font Awesome icon instead of a folder icon.
This makes it consistent with other search forms which have a similar
set of additional options.
To test, apply the patch and go to Administration -> Budgets.
- The "Search funds" form should have the "fa-sliders" icon.
- Clicking it should trigger the expansion of the additional search
options.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Mon, 17 Jul 2023 08:35:22 +0000 (10:35 +0200)]
Bug 34292: (bug 33804 follow-up) Format "checked out on" date
Test plan:
1) Without applying this patch, issue an item to a patron and
notice that in the 'Checkouts' table the 'Checked out on'
date is of the form YYYY-MM-DD HH:MM:SS.
2) Apply this patch, restart Plack if necessary.
3) Refresh the patron 'Checkouts' table: this time the 'Checked
out on' date will observe the setting of your `dateformat`
System Preference.
4) Extra credit: repeat step 3) for different `dateformat`
settings, each time you should get a 'Checked out on' date
that matches the date format you chose.
Signed-off-by: Andreas Roussos <a.roussos@dataly.gr> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Fridolin Somers [Mon, 7 Aug 2023 23:11:14 +0000 (13:11 -1000)]
Bug 34493: Fix indenting in search_indexes.inc
Bug 32683 broke indenting in koha-tmpl/intranet-tmpl/prog/en/includes/search_indexes.inc
Not on purpose looks like.
Test plan :
1) Look at changes to validate indenting
2) Run prove xt/tt_valid.t
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Mon, 17 Jul 2023 16:42:13 +0000 (16:42 +0000)]
Bug 34289: Add missing class to one condition of the checkin template
The markup of the checkin template varies depending on the conditions of
the operation, and in one case the barcode field was missing the
"barcode" class. This patch adds it.
To test, apply the patch and make sure the finesMode system preference
is enabled.
- Go to returns.pl (/cgi-bin/koha/circ/returns.pl)
- Expand the the options so you see 'Forgive overdue charges'.
- Check that box and check in an item
- After checkin, the barcode field should keep the same style it had
before the transaction.
- Note: The yellow background of the input when the "Forgive" checkbox
is checked is to be expected.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 4 Aug 2023 15:13:36 +0000 (15:13 +0000)]
Bug 34469: Block editing for received order lines
When an already received order line is modified/edited,
we experience data loss. Most prominently, we will lose the
linked invoiceid. Therefore we should not allow editing an
order line that was already received. If something needs to be
changed, the receipt should be cancelled first.
To test:
* Create basket as standing order with items added in cataloguing
* Add an order line
* Receive shipment
* Go to the basket summary page, click on 'Modify'
* Change the actual cost
* Save
* Verify that the invoice is now empty
* In the database aqorders.invoiceid will be NULL
* Apply patch
* Receive another shipment for the standing order
* Go back to basket summary page
* Verify the 'Modify' link is no longer present
* Click 'Modify' on the unreceived order line
* Edit the URL parameter odernumber to have the number of an
already received order line
* Verify you see a nice error message:
This order cannot be edited, the basket is closed or the order was already received.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Nick Clemens [Thu, 3 Aug 2023 12:26:17 +0000 (12:26 +0000)]
Bug 34108: Preserve checked orders after item editing
The js that buils the new row after editing expects to receive a
value '_checked' indicating if theitem was selected. The 'item' variable
used to create the row after edit comes from the api and doesn't include this.
We need to inspect the previous html before building the new row to confirm the box wa checked
To test:
1 - Create a basket with 'items created on receive'
2 - Add an order line with multiple items to it
3 - Close basket
4 - Receive shipment
5 - Add invoice information
6 - Receive through receive link in the table
7 - Check some items
8 - Click on the "Edit" link and make some change to the item
9 - Save
10 - Checkboxes have disappeared
11 - Cancel receipt
12 - Apply patch
13 - Reload the page
14 - Repeat 7-9
15 - Checkbox is preserved
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34359: Remove unneeded module Koha/BiblioUtils/Iterator.pm with test
Test plan:
git grep BiblioUtils::Iterator
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle M Hall [Tue, 8 Aug 2023 11:07:34 +0000 (07:07 -0400)]
Bug 34494: Table tmp_holdsqueue fails to be created for MySQL 8
It appears that MySQL 8 rejects creating any table where the primary key is nullable. The table tmp_holdsqueue has a nullable pk ( itemnumber ) but there is no reason for this column to be nullable ( generating a holds queue entry with no itemnumber is not possible ) so it make sense to just remove the nullability for MySQL compatiability.
Test Plan:
1) Using MySQL 8.0, attempt to create a database from kohastructure.sql
If you use ktd, you can try: DB_IMAGE=mysql:8.0 ktd up
2) Note the failure to create the table
3) Apply this patch
4) Repeat step 1
5) The table is created!
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Mon, 19 Jun 2023 08:15:20 +0000 (10:15 +0200)]
Bug 34056: Add -api-client suffit to authorised-values API client
In koha-tmpl/intranet-tmpl/prog/js/vue/fetch all files have the -api-client suffix but authorised-values. For consistency we should add it.
Test plan:
Go to the ERM module and confirm that dropdown lists are correctly
filled in with authorised values.
You can also inspect the console and confirm that a GET query to /authorised_value_categories is done
Sponsored-by: BULAC - http://www.bulac.fr/ Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Thu, 27 Jul 2023 16:11:54 +0000 (16:11 +0000)]
Bug 34436: Some breadcrumbs lack <span> for translatability
This patch modifies several templates which were updated recently so
that breadcrumbs markup could be built using template wrappers. The
patch wraps strings in <span> in cases where it is necessary to make
them translatable.
To test, apply the patch and view the following pages to confirm that
the breadcrumbs still show up correctly:
- Administration -> MARC bibliographic framework
- Add framework
- Edit framework
- Delete framework
- Administration -> Share content with Mana KB
- Administration -> Circulation and fine rules
- Authorities ->
- Add authority
- Edit authority
- Catalog -> Advanced search
- Bibliographic detail page
- Must have EasyAnalyticalRecords enabled.
- Edit -> Link to host record
- Patrons
- Reports -> Average loan time
- Serials -> Serials home
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34365: Add cancellation request flow to DELETE /holds
This patch adds a new `x-koha-override` header to allow enforcing the
cancellation request flow for waiting holds.
If the hold is not waiting, the header has no effect.
To test:
1. Apply the tests patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: The endpoint doesn't implement the required logic
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! The endpoint behavior is changed!
5. Sign off :-D
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Wed, 26 Jul 2023 10:35:28 +0000 (10:35 +0000)]
Bug 33909: (follow-up) QA fixes
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Tue, 6 Jun 2023 15:04:43 +0000 (15:04 +0000)]
Bug 33909: Improve translation of title tags: Administration
This patch updates administration templates so that title tags can be
more easily translated.
To test, apply the patch and confirm that the following
Administration pages have the correct title tags:
- Libraries
- Library groups
- Item types
- Authorized values
- Patron categories
- Circulation and fines rules
- Patron attribute types
- Library transfer limits
- Library transfer limits advanced editor
- Transport cost matrix
- Item circulation alerts
- Cities and towns
- Curbside pickup
- Patron restriction types
- Debit types
- Credit types
- Cash registers
- Manage plugins
- Manage jobs
- MARC bibliographic framework
- Koha to MARC mapping
- MARC Bibliographic framework test
- Authority types
- Classification configuration
- Record matching rules
- Record overlay rules
- OAI sets configuration
- Item search fields
- Search engine configuration
- Currencies and exchange rates
- Budgets
- Funds
- EDI accounts
- Library EANs
- Network Printers
- Identity providers
- Z39.50/SRU servers
- SMTP servers
- Did you mean?
- Table settings
- Audio alerts
- Share your usage statistics
- Share content with Mana KB
- Additional fields
- Keyboard shortcuts
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Mon, 24 Jul 2023 11:11:56 +0000 (11:11 +0000)]
Bug 34345: 'Circulation and fine rules' vs 'Circulation and fines rules'
This patch corrects two instances of the phrase "Circulation and fines
rules" in favor of the more common "Circulation and fine rules" for
consistency's sake.
To test, apply the patch and go to Administration.
- In the description under the "Circulation and fine rules" link it
should read, "Define circulation and fine rules..."
- Open the Circulation and fine rules page and confirm that the link in
the sidebar menu is correct.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Emily Lamancusa [Wed, 9 Aug 2023 16:29:35 +0000 (12:29 -0400)]
Bug 34470: Initialize random seed after spawning a child worker process
When background_jobs_worker.pl spawns a new child process, it needs to
explicitly reinitialize the random seed - otherwise each child process
will inherit the same random seed from the parent process, and any
randomization will produce identical results each time.
This patch adds a call to srand immediately after the fork to
reinitialize the seed. Note that child processes should not call
srand with no parameter anywhere else, as the Perl documentation
indicates that srand should not be called with no parameter more than
once per process.
To test:
1. Apply the logging patch only
2. Set system preferences:
a. RealTimeHoldsQueue -> Enable
b. RandomizeHoldsQueueWeight -> in random order
3. Watch the logs for the staff interface
in ktd:
ktd --shell
koha-intra-err
4. Place a hold. Note that the logs display the branch list before and
after it is randomized.
5. Place some more holds. Note that the branch order after randomization
is identical each time.
6. Apply both patches and restart_all
7. Repeat steps 3-5.
-> Note that the branch order before randomization hasn't changed
-> Note that the branch order after randomization is now different
each time.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34117: Remove side effect from get_expiry_date
If get_expiry_date is passed a DateTime object as a parameter,
it modifies and returns the original object. When memberentry.pl
prefills the input fields for duplicating a patron, it passes the
enrollment date object to get_expiry_date. This causes the enrollment
date object to be modified with the expiry date value.
This patch modifies get_expiry_date to clone the DateTime object that it
receives as a parameter and return the clone, so that references to an
enrollment date object can be passed in safely.
To test:
1. Have or make a patron
2. Duplicate that patron
3. Before saving the new patron, scroll down to Registration Date and
see that it's defaulting to a date in the future.
4. Apply patch and restart_all
5. Try duplicating a patron again
6. Registration Date should correctly set to today
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Julian Maurice [Mon, 17 Jul 2023 09:10:07 +0000 (11:10 +0200)]
Bug 34155: Hide 'Next available' at OPAC when item-level hold is forced
This was a regression caused by bug 24860
Test plan:
1. Set up circulation rules so that OPAC users can place holds only on
specific items ("OPAC item level holds" = "force")
2. Try to place a hold at OPAC. The "Next available item" option should
not appear.
3. Set "OPAC item level holds" to "allow"
4. Try to place a hold at OPAC. The "Next available item" option should
appear
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 14 Jul 2023 09:17:27 +0000 (09:17 +0000)]
Bug 34269: (QA follow-up) Add missing TT filters
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Thu, 13 Jul 2023 16:01:07 +0000 (17:01 +0100)]
Bug 34269: Convert to using codes in select compares
This patch updates the logic in smart rules to compare option values to
codes as apposed to option texts to value descriptions.
0. Apply patch
1. Install another language in the staff interface
1. ./translate install xx-XX
2. Check the box of the language in the 'language' system preference
3. Refresh
2. Create an item type with a parent
1. Go to Administration > Item types
2. Create a new item type or modify an existing one, assigning a parent type
Example: Create a 'Children's books' itemtypetype
and assig 'Books' as its parent
3. Create a third item type with the same description but something added in ():
Example: 'Children's books (3-5)'
3. Create a circulation rule for the parent type
Example: All/Books, with 2 checkouts allowed
4. Create a circulation rule for:
All/All with 3 checkouts allowed
5. In English, click on "Edit" next to the parent type rule (All/Books)
--> Note that the item type in the bottom row (the modifiable row) is changed to 'Books (All)'
6. Modify the number of checkouts allowed (e.g. 99)
--> The All/Books rule is modified
7. Switch the interface to the other language
8. Click on "Edit" next to the parent type rule (All/Books)
--> The All/Books rule is modified
9. Add rules for Children's books and Children's books (3-5)
10. Click on "Edit" next to each rule and change a value
--> Verify that the changed values are always saved for the correct rule
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 4 Aug 2023 14:29:11 +0000 (14:29 +0000)]
Bug 34452: Restore fund label and 'Update adjustments' button
This patch fixed 2 small and recent regressions:
* The "Update adjustments" button used to always display. It's
required to save a new first adjustment, but also to save
changes to existing adjustments edited inline. It now would
only display after "Add adjustments" was clicked. We retore
to display it always. (bug 32746)
* We have several "Fund" pull downs on this page, but they are
for different things and require different labelling.
"Fund" was changed to "Shipping fund" which matches at the top,
but doesn't work for the adjustments table and single adjustment
form. Now we use "Shipping fund" "Fund" and no label in the table
as the table header covers it there. (bug 33721)
To test.
* Add a vendor
* Receive shipment
* Add invoice and save
* Click on "Finish receiving"
* Verify the button "Update adjustments" appears after clicking
"Add new adjustment"
* Verify the button is gone after you clicked it and the table shows
* Change something in the table - no button to save change :(
* Apply patch
* Repeat steps, button "Update adjustments" should not always be
visible.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 21 Jul 2023 14:39:07 +0000 (14:39 +0000)]
Bug 30451: Update FK constraint on aqorders.subscriptionid
This updates the FK constrant from ON DELETE CASCADE to ON DELETE
SET NULL. This means that if a subscription linked to an order is
deleted, we no longer will also delete the order, but we will just
set subscrptinid in the order to NULL. This will avoid data loss
that can cause the budgets/funds not to add up anymore with the
real espenses of the library.
To test:
Preparation:
* Create 2 subscriptions on different records
* Create a new basket
* Use the "order from subscription" functionality to create order
lines for both of your subscriptions
* Close basket
Without patch:
* Delete the first subscription
* Verify the order line for this subscription is gone from your basket
Apply patch:
* Run database update and restart_all
* Delete the second subscription
* Verify the order line now remained in the basket
Pedro Amorim [Mon, 19 Jun 2023 14:24:30 +0000 (14:24 +0000)]
Bug 34059: Add only issues from the branch that is creating the notice
Test plan, on k-t-d
1) Go to 'my account' on top right user menu
2) On 'Patron messaging preferences', click 'Edit'
3) On the 'Item due' row, check the 'Email' and 'Digests only' checkboxes and save
4) On the top search bar, press 'Check out' and enter '42' (koha user cardnumber)
5) On the checkout input bar, enter 39999000001372 and press checkout
7) Go to 'Set library' on top right user menu and pick a different library
8) Repeat step 4), then, on the checkout input, enter 39999000004571 and press checkout
9) Verify that this user now has 2 items checked out, from 2 different libraries at /cgi-bin/koha/circ/circulation.pl?borrowernumber=51
9) Run the following 2 queries to force the due_date to be equal to 'today's' date for both issues:
NOTE: change the YYYY-MM-DD below to whatever day it is you're running this test plan
UPDATE issues SET date_due = '2023-06-19 23:59:00' where issue_id = 1;
UPDATE issues SET date_due = '2023-06-19 23:59:00' where issue_id = 2;
10) Run the cronjob:
./koha/misc/cronjobs/advance_notices.pl -c --digest-per-branch
11) Verify that two DUEDGEST notices were created, one per each library, but both notices contain both issues:
SELECT letter_code, time_queued, content FROM message_queue ORDER BY message_id DESC LIMIT 2;
12) Apply patch, then do 10) and 11) again
13) Verify that each notice only contains the issue for its respective library
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Stephen Graham <s.graham4@herts.ac.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Sat, 29 Jul 2023 21:14:39 +0000 (21:14 +0000)]
Bug 34387: (QA follow-up) Fix display of 'Import batches'
Fixes the heading and sidebar display of the 'Import batches'
section.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Edit: I removed the wrongly introduced import_batches.yaml file Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Wed, 26 Jul 2023 06:15:56 +0000 (07:15 +0100)]
Bug 34387: (follow-up) Minor spelling and quoting fixes
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch aims to make our API docs be more consistent.
It addresses two particular things:
* There's no consistency on the `tags` used across the spec, and not all
of them are correctly described and have an `x-displayName` entry.
More on this later.
* This are not sorted either by some for of grouping, or at least
alphabetically.
For the former, I did my best trying to harmonize (specially on the ERM
front) with what we do in the rest of the use cases.
For the latter, I opted for sorting everything alphabetically, as a
first step. Hoping someone else could work on grouping things.
To test (ON YOUR HOST MACHINE):
1. On current master run:
$ cd api/v1/swagger
$ docker run --rm -v $(pwd):/api --workdir /api redocly/cli \
build-docs swagger.yaml --output index.html
=> SUCCESS: It doesn't break or anything
2. Open your browser, open the generated api/v1/swagger/index.html file
=> FAIL: The left column has
* several lower case entries
* not everything is correctly grouped (ERM? packages?)
* Things are not sorted. There's an attempt but looks messy
3. Apply this patch
4. Repeat 1 and 2
=> SUCCESS: Things look much better!
5. Sign off :-D
CAVEAT1: I'm not sure why, but import_batches doesn't work. Ideas are
welcome, I'll keep looking for fixes.
CAVEAT2: I don't have enough eHoldings background to weight in, but I
feel like 'ERM eHoldings packages' could just be 'ERM packages'.
Follw-up patches with better ideas are welcome.
CAVEAT3: Patron credits, debits, balance... They could all go in to
'Patrons accounts' or similar. Open to ideas.
CAVEAT4: Old redocly didn't support mapping an endpoint to more than one
target section. Something to explore if we want (for example) to reach
'credits' through the 'Patrons' section but also from 'Accounting'.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Tue, 6 Jun 2023 03:48:06 +0000 (03:48 +0000)]
Bug 33881: Clear self-check JWT during auth kick out
This patch clears the JWT cookie during auth kick out (ie
when a web user navigates from the self-check out/in to
the rest of Koha).
Test plan:
0. Apply patch and koha-plack --reload kohadev
1. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
2. Log in as the "koha" user
3. In another tab, go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
4. Go to http://localhost:8080/cgi-bin/koha/opac-search.pl?idx=&q=a&weight_search=1
5. Note that you are prompted to "Log in to your account" via the normal Koha prompt
6. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
7. Note that you are prompted to "Log in to your account" within the "Self checkout system",
and note that your self-checkout session for the "koha" user has *not* persisted like
it did before the patch was applied
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle M Hall [Thu, 27 Jul 2023 11:45:57 +0000 (07:45 -0400)]
Bug 30524: (QA follow-up) Only generate CSRF token if it will be used
This patch avoids generating CSRF tokens unless the csrf-token.inc file
is included in the template.
Passed token doesn't need HTML escaped. The docs for WWW::CSRF state:
The returned CSRF token is in a text-only form suitable for inserting into a HTML form without further escaping (assuming you did not send in strange things to the Time option).
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
i.e. `">test<a ...` was successfully injected into the HTML.
I'm attaching a quick patch I've used to patch up our instance. It just indiscriminately URI-escapes all parameter keys. I didn't decode them back since as far as I understand all valid keys do not contain special characters.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Thu, 16 Sep 2021 14:13:23 +0000 (15:13 +0100)]
Bug 22990: Fix for shelves table
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Amit Gupta [Wed, 22 Jan 2020 16:07:22 +0000 (21:37 +0530)]
Bug 22990: Add CSRF protection to boraccount, pay and suggestion
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Test plan would have been nioe.
Tested by changing MAX_AGE with suggestions. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Tue, 25 Jul 2023 05:18:00 +0000 (05:18 +0000)]
Bug 34368: Add CSRF token to Content Management pages
This change adds a CSRF token to the Content Management pages
at additional-contents.pl.
Test plan:
0. Apply patch
1. koha-plack --restart kohadev
2. Try to add "News", "HTML customizations", and "Pages".
3. Try to delete these new content entries
4. Note that you were successful in your endeavours
JD amended patch: remove empty line removal (no need to create
unecessary conflicts)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Wed, 13 Apr 2022 12:55:04 +0000 (13:55 +0100)]
Bug 30524: Core CSRF checking code
Split out from bug 22990 as requested.
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle M Hall [Wed, 26 Jul 2023 15:57:24 +0000 (11:57 -0400)]
Bug 28966: (QA follow-up) Fix failing unit tests
Test Plan:
1) prove t/db_dependent/TestBuilder.t
2) Note tests fail
3) Apply this patch
4) Run updatedatabase.pl
5) Update the schema files ( alias 'dbic' can be used in
koha-testing-docker )
6) prove t/db_dependent/TestBuilder.t
7) Tests now pass!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Andreas Roussos [Thu, 13 Jul 2023 16:02:02 +0000 (16:02 +0000)]
Bug 34258: update SIP-related unit test
Test plan:
1) Run the updated SIP-related unit test *without* having applied
the other patch from this bug report -- it should fail:
$ prove t/db_dependent/SIP/ILS.t
2) Apply the patch that fixes C4/SIP/ILS/Transaction/Renew.pm
3) Re-run the unit test -- it should pass.
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Andreas Roussos [Thu, 13 Jul 2023 16:01:47 +0000 (16:01 +0000)]
Bug 34258: pass an unblessed hash to AddIssue()
In Koha 23.05, we lost the ability to renew an item via SIP2.
The relevant commit is ddc2906b77 from Bug 31735, where the
file C4/SIP/ILS/Transaction/Renew.pm was modified to no longer
pass an unblessed $patron hash to C4::Circulation::AddIssue()
This patch fixes that.
Test plan:
1) Using the SIP emulator, check out an item to a patron, then
try to renew it. Example commands for a KTD instance:
$ misc/sip_cli_emulator.pl -a localhost -p 6001 -l CPL -su term1 -sp term1 -m checkout --patron koha --item 3999900000001
$ misc/sip_cli_emulator.pl -a localhost -p 6001 -l CPL -su term1 -sp term1 -m renew --patron koha --item 3999900000001
Notice that the second command will fail!
2) Apply this patch.
3) Repeat the 2nd command -- this time the renewal should work.
4) Run the SIP-related unit tests, they should all pass:
$ prove t/db_dependent/SIP/
t/db_dependent/SIP/ILS.t .......... ok
t/db_dependent/SIP/Message.t ...... ok
t/db_dependent/SIP/Patron.t ....... ok
t/db_dependent/SIP/SIPServer.t .... ok
t/db_dependent/SIP/Transaction.t .. ok
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle Hall [Wed, 9 Nov 2022 18:11:32 +0000 (13:11 -0500)]
Bug 28966: Prefetch patron data for holds queue viewer
Test Plan:
1) Generate the holds queue
2) Load the holds queue viewer page
3) Apply this patch
4) Restart all the things!
5) Reload the page
6) Note nothing has changed
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle Hall [Wed, 9 Nov 2022 17:09:34 +0000 (12:09 -0500)]
Bug 28966: Add Koha::Object(s) for tmp_holdsqueue
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 32739: Allow other patron identifier on pwd validation
This patch takes a step forward on the password validation endpoint, by
adding the `identifier` parameter and making it be allowed
to be the patron's `cardnumber` or the `userid`.
The current `userid` only validation option is kept as-is.
The implementation relies on `C4::Auth::checkpw` to query for the
patron.
To test:
1. Apply this patches
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/password_validation.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Wed, 4 Jan 2023 10:13:54 +0000 (11:13 +0100)]
Bug 34226: Add tests
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Mon, 24 Jul 2023 10:14:31 +0000 (11:14 +0100)]
Bug 34226: Use 'type' at the datatable config level
Lets use 'type' definitions at the datatables settings level instead
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Fri, 7 Jul 2023 13:11:44 +0000 (15:11 +0200)]
Bug 34226: DT wrapper - pre-processed date term when filtering
If we have filters on top of column on a table that is using the DT REST API wrapper,
we cannot filter on date using formatted dates.
This was done for "date of birth" for bug 32505.
Here we want to provide a generic approach.
Note that we cannot use what has been done on bug 22440 in some cases
(when we don't write the thead DOM directly but rely on DataTables
constructor, for instance bug 33568). The data- attributes are not
passed by DT.
Test plan:
On top of 33568, filter date columns using the full version of the
formatted date
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Mon, 17 Jul 2023 16:01:25 +0000 (16:01 +0000)]
Bug 34169: Add decimal class to all relevant input fields in the acquisitions module
This is a first step towards more consistency and possibly supporting
multiple input formats as well in the future. It marks all input fields
for monetary values, such as prices, replacement prices etc. with a class
that is linked to a check for number format with the jQuery Validator plugin.
To test:
For any input field to test, try adding various false entries, like "abc" or "1,00".
It should only accept inputs with decimal dot, like: "1.00"
0) Apply patch, restart_all
1) Suggestion
* Add a new suggestion in the staff interface
* Test: price input field at the bottom of the form.
* Accept the suggestion
2) Order form
* Create a new basket
* Create an order line from an existing record
* Test: list price, replacement price, and actual price.
* Check the checkbox for uncertain price before you save
3) Uncertain prices
* Go to the uncertain prices page for this vendor
* Test: price field
Note: this form does its own validation, but the change should not change behaviour for now
* Resolve the uncertain price
* Close order
4) Receive shipment
* Test: Shipping cost
5) Receive the order
* Test: replacement price, actual price
* Check checkbox for price in foreign currency
* Test: price in foreign currency
* Receive order line
6) Invoice summary
* Finish receiving
* Test: shipping cost
* Test: invoice adjustments: amount in the form for the first entry, amount in the table after adding it
7) Merging invoices
* Receive another shipment and create and invoice
* Go to invoices and search all
* Check the 2 entries for merging
* Test: shipping cost
8) Adding orders from a staged/new file
* Export some records using the cart or list
* Create a new basket
* Order from new file
* Import your file, ignore item records
* Test: price and replacement price
+ Bonus: also test with items, test plan and file from bug 22802 are really helpful here
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 14 Jul 2023 15:42:46 +0000 (15:42 +0000)]
Bug 34169: Use jQuery validator plugin to validate amounts
This is a first step towards more consistency and possibly supporting
multiple input formats as well in the future. It allows us to mark all
input fields for monetary values, such as prices, replacement prices,
fees etc. with a class that is linked to a check for the 'number' format
in the jQuery Validator plugin.
This is the base patch that does nothing by itself, please see
test plan in second patch.
Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 33964: (QA follow-up) Handle absence of smtp server
Resolve:
Use of uninitialized value in hash element at /usr/share/koha/C4/Letters.pm line 1472.
Use of uninitialized value in hash element at /usr/share/koha/C4/Letters.pm line 1473.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle M Hall [Thu, 8 Jun 2023 15:57:47 +0000 (11:57 -0400)]
Bug 33964: Use Email::Sender::Transport::SMTP::Persistent for sending email
As described in bug 30013, some outgoing SMTP services ( such as Gmail ) do not like Koha's current behavior of initiating a new connection for each email sent. If we switch from Email::Sender::Transport::SMTP to Email::Sender::Transport::SMTP::Persistent and store the object for the duration of the message queue processing, this should solve that issue.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Hammat Wele [Wed, 14 Jun 2023 17:20:00 +0000 (17:20 +0000)]
Bug 33978: Adding authority from automatic linker closes imported record
If you import a record, then create an authority record using the automatic linker, it closes the biblio record. The problem occures when a record is edited in a new tab.
To recreate:
1. Import the example records
1.1. Download the example records
1.2. Go to Cataloging > Stage records for import
1.3. Choose the downloaded file
1.4. Click Upload file
1.5. Click Stage for import
1.6. Click View batch
1.7. Click Import this batch into the catalog
1.8. Click View detail of the enqueued job
1.9. Click Manage imported batch
Correct behaviour:
2. In another tab, search for one of the records (for example, Fafounet)
3. Click Edit > Edit record
4. Go to field 100
5. Click Link authorities automatically
--> It should say 100 - No matching authority found.
6. Click the plus sign next to 100
7. Fill out the mandatory fields by clinking in the text fields (000, 003, 005, 008, 040), field 100 should already be filled
8. Click 'Save'
--> Authority number is added in 100 and you get to stay in the record for more edits if needed
Incorrect behaviour:
9. Go back to the imported batch tab
10. Click Edit next to the second title (the one by Paventi, Eza)
11. Redo steps 4 to 8
--> Record is closedclear :(
The behaviour should be the same, stay in the bibliographic record until it is saved.
12. Apply the patch
13. Redo step 9, 10, 4
14. Edit field 100, Type 'Paventi Test 2'
15. Redo step 5 to 8
--> Authority number is added in 100 and you get to stay in the record for more edits if needed
Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Matt Blenkinsop [Fri, 14 Jul 2023 14:11:28 +0000 (14:11 +0000)]
Bug 34280: Fix warning in logs when saving patron details
If a patron has no valid email address then a warning message appears in the logs when saving:
"Use of uninitialized value $email in string ne at /kohadevbox/koha/Koha/Patron.pm line 1445."
This patch fixes that error by removing an unnescessary string ne
Test plan:
1) Create/choose a patron with no email addresses
2) On the patron record in the page section for Contact information, click edit
3) Now click save
4) The warning above should appear in the logs
5) Apply patch
6) Repeat steps 2 and 3
7) The warning should no longer appear
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Sun, 16 Jul 2023 14:11:19 +0000 (14:11 +0000)]
Bug 34181: Fix jQuery selector to make delete checkboxes reappear
Bug 32257 changed the page structure slightly to fix a display
issue with the labels. This resulted in a broken selector in the
function for displaying the checkboxes for deleting/emptying a
certain patron field.
To test:
* Go to Tools > Batch patron modifications
* Enter some cardnumbers or borrowernumbers
* On the batch patron edit form, verify that the checkboxes
behind each input field are missing
* Apply patch
* Verify the checkboxes reappeared
* Verify that for mandatory fields the checkbox is locked
* Make some batch edits and verify the checkboxes work as
intended
Signed-off-by: Lisette Scheer <lisette.scheer@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Tue, 7 Mar 2023 12:21:12 +0000 (12:21 +0000)]
Bug 32711: Fix biblio embeds
We need to drop the embed part of the args we pass to biblioitem else we end
up with some very strange behaviours on the acquisitions endpoint.
Signed-off-by: Silvia Meakins <smeakins@eso.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Tue, 24 Jan 2023 15:00:03 +0000 (15:00 +0000)]
Bug 32711: Add 'public_read_list' appropriately
We're exposing biblio (and thus biblioitem) to the public API now and as
such we need to explisitely list which fields to include in the response
when called on the public api.
Signed-off-by: Silvia Meakins <smeakins@eso.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Tue, 24 Jan 2023 12:22:34 +0000 (12:22 +0000)]
Bug 32711: Add biblio details to modal
This patch adds biblio details to the self-checkout modal. As part of
this we add 'biblio' to the x-koha-embed option on the public items
endpoint, clone the js-biblio-format include from the staff client
adapting it slightly for OPAC use along the way and also import
escape_str and escapeHtml from staff to opac too.
Signed-off-by: Silvia Meakins <smeakins@eso.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 21 Jul 2023 10:17:39 +0000 (10:17 +0000)]
Bug 34334: Item(s) in MARCdetail untranslatable
This patch adds a <span> around the text "Item(s)" in the template for
the MARC detail page in the staff interface. Without the span the
translation tool can't detect the string.
To test, apply the patch and update a translation, e.g. fr-FR:
> cd misc/translator
> perl translate update fr-FR
- Open the corresponding .po file, in this case
misc/translator/po/fr-FR-staff-prog.po
- Confirm that the string is now in the .po file for translation. You
should find these lines:
I found that the translation was already populated. Install the updated
po file:
> perl translate install fr-FR
Test the MARC detail page in your translated language to confirm that
the string is correct.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Thu, 20 Jul 2023 15:57:37 +0000 (16:57 +0100)]
Bug 33286: Update 'catalog' to 'bibliographic' in preferences
Correct the terminology to make it clear catalog concerns only concerns
bibliographic records at the moment, not authority records too.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Thu, 20 Jul 2023 10:55:14 +0000 (10:55 +0000)]
Bug 34320: Hold reordering arrows look broken after Font Awesome upgrade
This patch makes minor CSS corrections to the arrows on the place hold
page in the staff interface. The corrections are necessary because of
changes in the display of icons in Font Awesome 6.
To test, apply the patch and locate a bibliographic record in the staff
interface to place a hold on.
- Place at least one hold on that title.
- After placing the hold, you should see a table of all the existing
holds on that record.
- The arrow control links should look correct, with the "move to top"
and "move to bottom" arrows having an extra border to differentiate
them from the others.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Talking to the OpenAPI plugin maintainer, he mentioned the use of $c->validation->output should be avoided as the plugin is not designed to have a stable behavior there, and he even thought of just removing the method.
That method returns an internal data structure the plugin uses to validate things, and then updates the request itself.
Take the following example:
GET /patrons/123
x-koha-embed: checkouts,library
without the OpenAPI plugin, requesting the header like this:
$c->req->headers->header('x-koha-embed')
would return a scalar, the string 'checkouts,library'.
When using the plugin, and with `x-koha-embed` being defined as collectionFormat: csv, that header is entirely replaced by an arrayref.
That's how the plugin works and how it is expected to be used. So we need to replace the uses of $c->validation format, with normal Mojo usage to avoid future headaches.
To test:
1. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/*.t
=> SUCCESS: Tests pass!
2. Apply this patches
3. Repeat 1
=> SUCCESS: Tests still pass!
4. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 33556: Path parameters are handled explicitly in the controllers
In the case of $c->objects->search_rs, the variable is just not used.
In the case of /acq/orders, it's a leftover from when we removed in the
helper. Check there are tests with path params everywhere (including
orders) and it has no effect.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Marcel de Rooy [Tue, 27 Jun 2023 14:25:44 +0000 (14:25 +0000)]
Bug 33379: Remove virtualshelfcontents.flags
This field is unused. A historic leftover from 2000-2010.
Test plan:
Run dbrev.
Run prove t/db_dependent/Koha/Virtualshel*
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>