This patch introduces tests for the 'same day' check of the ability to
place article requests for a patron.
The limit goes against current requests, and those that have been
completed on the same day. The tests cover this specific situation.
The current behavior is that it takes into account a 24 hr timespan, but
consensus on the QA step was that we should do it as 'same day' and use
a separate feature request to change this, if required.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Patron.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes it possible to limit article requests per patron per day.
To test:
1. Apply patches
2. updatedatabase
3. Enable ArticleRequests preference
4. Edit a patron category and set an article request limit to 1
CHECK => if you set the limit to anything else but a positive number or empty string, a warning appears
5. In staff search biblios and request an article for a patron of the modified category
6. Repeat step 5
SUCCESS => if limit is reached, when you select the user to request an article a warning appears saying that the limit was reached
7. Repeat steps 5 and 6 but this time in opac
SUCCESS => Patron is not allowed to request another article if limit is reached
8. prove t/db_dependent/ArticleRequests.t
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Edit: This patchset originally changed the 'categories' table structure
and relied on that for limit calculation. I removed all that code and
squashed into this one, as we moved everything to the circulation_rules
table.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 27944: (QA follow-up) Make staff home page show new article requests
As exposed on comment 29, the current code is showing the 'pending'
requests when it should display 'requested' ones (i.e. the new ones).
This patch changes that accordingly.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 27944: (QA follow-up) Rename ->open for ->set_pending
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 27944: (follow-up) Improving consistency between notice names
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Agustin Moyano [Tue, 30 Mar 2021 13:52:31 +0000 (10:52 -0300)]
Bug 27944: Add "requested" stage in article request process
This patch adds the stage "requested" in article request process, which
is previous to pending stage.
To test:
1. apply this patch
2. updatedatabase
3. enable ArticleRequests syspref
4. from staff inteface and from opac search for a record and place an
article request
5. koha-mysql kohadev
6. query: select subject, content, letter_code from message_queue;
CHECK => There is a message for each article request with code
AR_REQUESTED
=> In opac-user.pl, in "Article requests" tab you should see a row
in the table with "Requested" status
5. in staff go to Circulation -> Article Requests
SUCCESS => You should see 3 tabs, one for Requested stage (with two
requests), one for Pending stage and one for Processing stage.
6. play with actions buttons
CHECK => you should see a new action called "Set request as pending"
SUCCESS => All action buttons behave as expected, and tab counts updates
correctly.
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Agustin Moyano [Tue, 30 Mar 2021 13:51:57 +0000 (10:51 -0300)]
Bug 27944: Add AR_REQUESTED message in sample_notices.yml and modify AR_PENDING
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Agustin Moyano [Tue, 30 Mar 2021 13:49:06 +0000 (10:49 -0300)]
Bug 27944: Add new letter in atomicupdate, and modify status column in article_requests table
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 29128: Remove the other whitespace in browse shelf link
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lucas Gass [Mon, 27 Sep 2021 20:16:22 +0000 (20:16 +0000)]
Bug 29128: Remove whitespace in browse shelf link
To test:
-Turn on OPACShelfBrowser and make sure you have some itemcallnumbers
-Go to detail page and see the link: (Browse shelf )
-Apply patch and look at the link again, it should be: (Browse shelf)
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Thu, 16 Sep 2021 15:28:14 +0000 (15:28 +0000)]
Bug 29042: Improve formatting of entry form in Additional Contents
This patch makes some corrections to the Additional Contents template so
that the content entry form can be styled like other similar forms in
the staff interface.
The patch also updates the form's "title" field so that it is longer and
has a maxlength attribute matching the size of the table column.
To test, apply the patch and go to Tools -> News.
- Create a new news item.
- In the entry form, confirm that the "Title" and "Content" fields are
styled consistently with other similar forms.
- Confirm that the "title" field is longer.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Thu, 16 Sep 2021 15:14:52 +0000 (15:14 +0000)]
Bug 29041: Improve specificity of breadcrumbs in Additional Contents
This patch adds a link to news or HTML customizations in the breadcrumbs
navigation depending on which category of content you're adding or
editing.
To test, apply the patch and go to Tools -> News.
- Begin the process of adding a news item.
- In the breadcrumbs menu you should see:
Additional contents > News > Add additional content
- Clicking "News" should return you to the view of news items.
- Test the same process in "HTML customizations."
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Mon, 13 Sep 2021 14:49:53 +0000 (14:49 +0000)]
Bug 29006: Make GoogleOpenIDConnect options consistent in the OPAC
This patch makes modifications to OPAC templates to make the Google
login options more consistent.
To test, apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- In the staff interface, enable the GoogleOpenIDConnect preference, and
populate the GoogleOAuth2ClientID the GoogleOAuth2ClientSecret with
values (they don't need to be valid).
- On the OPAC main page you should see a "Log in with Google" button
above the Koha login form.
- If you click the "Log in to your account" link at the top of the page
you should see a "Log in with Google" button in the modal window
- If you navigate directly to /cgi-bin/koha/opac-user.pl when not logged
in you should see the same "Log in with Google" button on that page.
- In each case the Google button should point to /cgi-bin/koha/svc/auth/googleopenidconnect
- If you disable GoogleOpenIDConnect the buttons should disappear.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Mon, 13 Sep 2021 13:37:55 +0000 (13:37 +0000)]
Bug 29004: Update GoogleOpenIDConnect preference to make it clear that it is OPAC-only
This patch modifies the description of the GoogleOpenIDConnect and
related preferences to make it clear that GoogleOpenIDConnect affects
OPAC logins and that the preferences are related.
To test, apply the patch and go to Administration -> System preferences.
Search for "google," and confirm that the descriptions of
GoogleOpenIDConnect and related preferences look clear and correct.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Wed, 8 Sep 2021 11:15:00 +0000 (11:15 +0000)]
Bug 28983: Use Flatpickr on various pages
This patch replaces the use of jQueryUI's datepicker on various
unrelated pages.
To test, apply the patch and test the following pages to confirm
that datepickers work correctly. "Linked" date fields should prevent a
"to" selection which preceeds the selected "from" date.
- Tools -> Patron clubs -> New club: Linked "start date" and "end date"
fields.
- ILL requests: Two linked pairs of date fields in the sidebar, "Date
placed between" and "Updated between." Each pair should work correctly
and table filtering by date should work correctly.
- Tools -> Label creator -> Manage -> Layout batches -> Edit a batch ->
Add items. This should trigger a popup window with a linked pair of
date fields, "Added on or after date," and "Added on or before date."
- Point of sale -> Transaction history: "From" and "To" linked date
field in the "Older transactions" section.
- Acquisitions -> Suggestions -> Add a suggestion: "Created by,"
"Accepted on," and "Managed by" fields.
- Tools -> Tags -> Filter tags by date.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Tue, 7 Sep 2021 14:14:54 +0000 (14:14 +0000)]
Bug 28961: Use Flatpickr on tools pages
This patch replaces the use of jQueryUI's datepicker on tools pages.
To test, apply the patch and test the following tools pages to confirm
that datepickers work correctly. "Linked" date fields should prevent a
"to" selection which preceeds the selected "from" date.
- News -> New entry: Linked fields "Published date" and "Expiration
date".
- Batch extend due dates: Linked fields "Due date from" and "Due date
to"; "Hard due date" field.
- Batch patron deletion: "who have not borrowed since," "whose
expiration date is before," and "Permanently delete checkout history
older than."
- Export: Linked "Start date" and "End date" fields.
- Import patrons -> Enter default values: "Date of birth,"
"Registration date," and "Expiry date."
- Inventory: "Set inventory date to."
- Batch patron modification -> Submit a batch of cardnumbers or a
patron list: "Registration date," "Expiry date," and "Restriction
expiration."
- Task scheduler: "Date" field.
- Log viewer: "Display from" and "Display to" linked fields.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Tue, 7 Sep 2021 12:44:06 +0000 (12:44 +0000)]
Bug 28958: Use Flatpickr on serials pages
This patch replaces the use of jQueryUI's datepicker on serials pages.
To test, apply the patch and test the following serials pages to confirm
that datepickers work correctly. "Linked" date fields should prevent a
"to" selection which preceeds the selected "from" date.
- Claims -> Choose vendor -> Filter missing issues (linked "from" and
"to" fields).
- Check expiration -> "Expiring before" field.
- Manage numbering patterns -> New numbering pattern -> "First issue
publication date" field.
- Serials advanced search -> "Expires before" field.
- Subscription search results -> Check multiple checkboxes -> Edit
selected serials: "Expiration date" field.
- Subscription details -> Serial collection -> Edit serials ->
"Published on" and "Expected on" fields.
- Subscription details -> Renew -> "Start date" field in the popup
window.
- Subscription details -> Edit subscription -> Page 2 -> "First issue
publication date," "Subscription start date," and "Subscription end
date" fields.
- Locate a subscription with manual history enabled. From the
subscription detail page, click the "Planning" tab, then "Edit
history" -> Linked fields "Subscription start date" and "Subscription
end date."
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Fri, 3 Sep 2021 17:27:00 +0000 (17:27 +0000)]
Bug 28949: Use Flatpickr on reports pages
This patch replaces the use of jQueryUI's datepicker on reports pages.
To test, apply the patch and test the following reports pages to confirm
that datepickers work correctly. "Linked" date fields should prevent a
"to" selection which preceeds the selected "from" date.
- Acquisitions statistic wizard: Linked pairs of fields for
"placed on" and "received on."
- Patrons with the most checkouts: Linked pairs of fields for
"Checkout date from" and "Check-in date from"
- Patrons who haven't checked out: "Not checked out since"
field.
- Cash register statistics wizard: Linked "From" and "To"
fields.
- Most-circulated items: Linked pairs of fields for
"Checkout date from" and "Check-in date from"
- Catalog statistics wizard: Linked pairs of fields for "Date acquired
(item)" and "Date deleted (item)" The latter is shown by checking the
"Count deleted items" radio button.
- View dictionary -> New definition:
- Enter a definition name
- Select table Circulation
- Choose a date column, e.g. "Date of birth" or "Registration date"
- Select "Date range"
- Test that the "Start of date range" and "End of date range" fields
are linked correctly.
- Create guided report:
- Module: catalog
- Type: Tabular
- Select columns (any)
- Select criteria to limit on: There should be three pairs of linked
fields, "Creation date," "Modification date," and "Due date."
- Confirm that the report is saved correctly with the dates you chose.
- Create from SQL -> Test a report with one or more date
fields, e.g. https://wiki.koha-community.org/wiki/SQL_Reports_Library#Items_added_by_Collection
- Average loan time: Linke pairs of fields for "Checkout
date" and "Returns."
- Reports -> Circulation statistics wizard: Linked "Period" fields.
- Reports -> Holds statistics wizard: Linked pairs of fields "Hold
date," "Notification date," "Reminder date," "Waiting date," and
"Cancellation date."
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Fri, 3 Sep 2021 11:35:47 +0000 (11:35 +0000)]
Bug 28945: Use Flatpickr on administration pages
This patch updates administration templates to use Flatpickr instead of
jQueryUI datepickers.
To test, apply the patch and test date fields on the following pages:
- Administration -> Budgets ->
- New budget: Linked "Start date" and "End date" fields.
- Duplicate budget: Linked "Start date" and "End date" fields.
- Acquisitions -> Vendor -> New contract: Linked "Start date" and "End
date" fields.
- Administration -> Circulation and fine rules: "Hard due date" and "No
automatic renewal after" fields.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Thu, 2 Sep 2021 14:36:07 +0000 (14:36 +0000)]
Bug 28942: Use Flatpickr on acquisitions pages
This patch modifies several acquisitions pages replacing jQuery
datepickers with Flatpickr widgets.
To test, apply the patch and test datepickers on the following
Acquisitions pages:
- Acquisitions -> Late orders (linked date fields in the sidebar)
- Acquisitions -> Invoices (linked date fields in the sidebar)
- Acquisitions -> Invoices -> Invoice details (shipment date and
billing date)
- Acquisitions -> Vendor -> Receive shipment (shipment date)
- Acquisitions -> Vendor -> Receive shipment -> Receive (on order line)
-> Date received field under "Accounting details
- Acquisitions -> Orders search tab in the header -> Advanced search:
Linked date fields in the search form."
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Wed, 18 Aug 2021 12:48:08 +0000 (12:48 +0000)]
Bug 28720: (follow-up) Improve string translation
This patch fixes the following issues raised by QA:
- It modifies the markup so that "Add note" and "Edit note" can be
translated more easily.
- It adds display of existing notes back to the table of checkouts.
- It adds to the table configuration so that a "plain" view of the notes
(without buttons) is shown in print view and in CSV export.
- It improves handling of notes containing quotation marks which would
previously have broken some edit interactions.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Mon, 26 Jul 2021 15:27:02 +0000 (15:27 +0000)]
Bug 28720: Update the process of adding a checkout note in the OPAC
This patch moves the entry of checkout notes into a modal window with
the goal of making note entry easier.
To test, apply the patch and make sure the AllowCheckoutNotes system
preference is enabled.
- Log in to the OPAC as a user with checkouts.
- On the "Your summary" page, confirm that the table listing your
checkouts has a "Report a problem" column with "Add note" buttons.
- Click an "Add note" button. A modal window should be shown which
includes the title of the item, a textarea for writing a note, and a
hint, "Your note will be shown to the librarian when the item is
checked in."
- Add a note and submit it.
- The modal should close and a note at the top of the page should tell
you your note has been saved. The contents of your note should be
shown below that along with an "Edit note" link.
- Confirm that the "Edit note" link works as expected.
- Confirm that the "Add note" button you clicked in the table of
checkouts now reads "Edit note."
- You should be able to click this button and edit your note.
- Confirm that each note button works to add a note to the correct
title.
- Confirm that the "Renew selected" and "Renew all" controls work.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Fri, 30 Apr 2021 10:36:42 +0000 (10:36 +0000)]
Bug 28321: Use template block for display of items in search results
This patch updates the staff interface catalog search results to use
a new reusable BLOCK for displaying item information: Available items,
checked-out items, and unavailable items.
Some style has been updated, and an old GIF image has been replaced with
an SVG. The hold ratios template has been updated to accommodate this
change.
To test, apply the patch and rebuild the staff interface CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- Perform a catalog search in the staff interface which will return
multiple results with multiple items each. For thorough testing, some
records should have items which are checked out, available, or
lost/notforloan.
- On the search results page, confirm that item information is accurate
and readable.
- Test with item-level_itypes on and off.
- Test with noItemTypeImages on and off.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Mon, 27 Sep 2021 18:50:48 +0000 (18:50 +0000)]
Bug 26949: Upgrade TinyMCE in the staff interface from 5.0.16 to 5.9.2
This patch upgrades TinyMCE in the staff interface from 5.0.16 to 5.9.2.
Other than the required TinyMCE package files, the only other change is
to the internationalization include file, which is updated to include
the latest set of strings for translation.
To test, apply the patch and clear your browser cache if necessary.
Test that the TinyMCE editor works in the staff interface:
- In system preferences, with the UseWYSIWYGinSystemPreferences
preference enabled: IntranetCirculationHomeHTML,
IntranetmainUserblock, IntranetReportsHomeHTML, etc.
- Additional contents, with the AdditionalContentsEditor preference
set to "WYSIWYG."
- Administration -> Libraries, in the "OPAC info" field.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Joonas Kylmälä [Sun, 3 Oct 2021 10:53:40 +0000 (10:53 +0000)]
Bug 28303: Add unit test for badtemplatecheck
This tests that pluginsdir value is not modified by the call to
badtemplatecheck to make sure badtemplatecheck operates with its own
copy of pluginsdir configuration value.
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 28734: Parse display in $biblio->get_marc_notes
1. Go to Koha Administration, MARC bibliographic frameworks
2. Edit a framework, find tag 590, edit the $z subfield to use an
authorised value.
3. Do a catalogue search and edit a record using this framework. Edit
590$z and select an authorised value. Save the record.
4. Add the record to your cart.
5. View your cart. Click More Details.
6. Scroll down to the Notes section. Notice the authorised value code is
displayed instead of the description.
7. Apply the patch, restart services.
8. Refresh your cart. Click More Details again if you need to.
9. Scroll down to the Notes section. The description of the authorised
value should now be displayed.
Sponsored-by: Catalyst IT Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Bug 28734: (follow-up) Use transformMARCXML4XSLT and tests
Confirm the following tests pass:
- t/db_dependent/Koha/Biblio.t
- t/db_dependent/XSLT.t
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Bug 28734: (QA follow-up) Fix test imports and readability
Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Bug 28734: (QA follow-up) Update documentation about function usage
1. Using $frameworkcode instead of the default '' is an unadvertised change.
It would make sense to use $frameworkcode, but actually we must remove this parameter and always use the default, as we decided to make the default authoritative.
I would prefer to not introduce this change, just in case..
2. Restore good import (use plurals)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 29 Sep 2021 09:05:04 +0000 (11:05 +0200)]
Bug 29133: Correct select2 strings
We are using 'max'/'min' when the arguments are 'maximum'/'minimum'.
Also using %n, %d when only %s is working in .format()
Have a look at https://github.com/select2/select2/blob/45f2b83ceed5231afa7b3d5b12b58ad335edd82e/src/js/select2/i18n/en.js
It's Select2 v.4.0.13, the one we are using. We should match what's
there.
Test plan:
Bug 29002 is using minimumInputLength, you can see the difference when
selecting a patron:
"Please enter %s or more characters"
vs
"Please enter 3 or more characters"
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi>
Bug 29133: (follow-up) Fix for argument mismatch
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
JK: fix typo in commit message Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Wed, 29 Sep 2021 12:26:59 +0000 (12:26 +0000)]
Bug 29134: Use a subquery to increase performance of patron attributes search
This patch generates a subquery and checks if a borrowrnumber is in the results to add patrons
to search results
To test:
1 - Generate a bunch of patrons:
SELECT surname, firstname, branchcode, categorycode FROM ( SELECT surname FROM borrowers ORDER BY rand() ) a,( SELECT firstname FROM borrowers ORDER BY rand() ) b,( SELECT branchcode FROM borrowers ORDER BY rand() ) c,( SELECT categorycode FROM borrowers ORDER BY rand() ) d LIMIT 50000
2 - Add a patron attribute to the system and make it searchable - I used code 'TEST'
3 - Add a value for this attribute to many patrons:
INSERT INTO borrower_attributes (borrowernumber,code,attribute) SELECT borrowernumber, 'TEST','alphabet' FROM borrowers LIMIT 10000;
4 - In staff client got 'Patrons'
5 - Open the browser console (F12) and view the netwrok tab
6 - Perform a patron search for 'a'
7 - Note the time it takes for 'search' to complete in console
8 - Apply patch, restart_all
9 - Repeat search
10 - Note it is much faster
11 - prove -v t/db_dependent/Utils/Datatables_Members.t
NOTE: I tested with 500k patrons and 100k attributes - search returned in ~2 seconds with patch
and did not return before I got impatient without patch
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Joonas Kylmälä <joonas.kylmala@iki.fi> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lucas Gass [Thu, 30 Sep 2021 22:11:32 +0000 (22:11 +0000)]
Bug 29148: Check if hold is item or bib level
To test:
1 - place an item level hold, it says: [one of the barcodes] or any available
2 - place a bib level hold, it says: [one of the barcodes] or any available
3 - Apply patch
4 - item level hold should say: Only [barcode]
5 - bib level hold should say: [one of the barcodes] or any available
Jonathan Druart [Wed, 18 Aug 2021 15:58:38 +0000 (17:58 +0200)]
Bug 28717: Fix additional content logs
The logging for additional contents added by bug 26205 has been broken
by but 22544.
This patch is a revisited version as bug 24387 has been pushed.
It does not log MODIFY if no modification has been made on a template
(useful when only 1 version/lang of a content has been modified)
Test plan:
Turn on NewsLog
Add/modify and delete additional contents/News and confirm that
modification are logged.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
The following test was failing randomly:
# Failed test 'take from lowest cost branch (don't use cost matrix) holding branch'
# at t/db_dependent/HoldsQueue.t line 1494.
# got: 'LHKtxLk'
# expected: 'JL9C_OR'
# Wrong pick-up/hold for first target (pick_branch, hold_branch, reserves, hold_fill_targets, tmp_holdsqueue)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Wed, 26 May 2021 11:42:02 +0000 (11:42 +0000)]
Bug 28352: Only check authorised values mapped to DB fields
The errors reported seem to be caused by authorised values mapped to MARC fields
but not mapped to a koha field.
We should additionally make sure to check the Default framework
Also, adding comment to indicate we only check records with items, because we do
TO test:
1 - In a framework that is not the default map a MARC field to an authorised value, but not a koha field
2 - In SQL, force the kohafield to NULL for the mapping you just make
UPDATE marc_subfield_structure SET kohafield = NULL WHERE frameworkcode='BKS' and authorised_value='HINGS_AS'
3 - perl misc/maintenance/search_for_data_inconsistencies.pl
4 - get the following errors:
Use of uninitialized value $tmp_kohafield in pattern match (m//) at /kohadevbox/koha/misc/maintenance/search_for_data_inconsistencies.pl line 151.
Use of uninitialized value $tmp_kohafield in substitution (s///) at /kohadevbox/koha/misc/maintenance/search_for_data_inconsistencies.pl line 154.
Can't call method "get_column" on an undefined value at /kohadevbox/koha/misc/maintenance/search_for_data_inconsistencies.pl line 157.
5 - Apply patch
6 - Repeat
7 - No more errors
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 29139: Only pass the offsets for lines the credit was applied to
On writing the regression tests, I noticed the CREATE offset was added
to the template. The idea behind passing the offsets is that we can
print information about the lines that got the credit applied. Having
the CREATE offset is meaningless, and (worse) would require users to add
logic to skip it. And all the payment information is already passed in
the 'credit' variable anyway.
This patch filters the credit_offsets by type, leaving the APPLY ones
only.
To test:
1. Apply up to the regression tests
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/Account.t
=> FAIL: 3 offsets, including the CREATE one, boo!
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! Only the two APPLY offsets are returned!
5. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Thu, 30 Sep 2021 08:28:29 +0000 (09:28 +0100)]
Bug 29139: Add exceptions to relation accessors
We already had exceptions on the many-to-many links, but we didn't have
them for the middle table. The underlying dbic relations make it clear
which id's are being used for linking. A 'credit' has 'credit_offsets',
a 'debit' has 'debit_offsets'.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Thu, 30 Sep 2021 08:14:15 +0000 (09:14 +0100)]
Bug 29139: Fix incorrect relation call
The bug here was worse than originally thought. We were calling the
wrong relation too.. we should probably add some exceptions to catch
this, it confuses me every single time!
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 29139: $line->debit_offsets doesn't honor list context
Being based on _new_from_dbic (discussion on bug 28883), makes the
assignment incorrect:
my @account_offsets = $payment->debit_offsets;
This patch explicitly makes the resultset be assigned as a list by
calling *as_list*.
To test:
1. Have UseEmailReceipts disabled
2. Have a patron with a debt of 6
3. Make a payment of 2
=> SUCCESS: All good
4. Enable UseEmailReceipts
5. Repeat 3
=> FAIL: You get something like:
ERROR PROCESSING TEMPLATE: undef error - The method Koha::Account::Offsets->debit is not covered by tests!
Trace begun at /kohadevbox/koha/Koha/Objects.pm line 595
Koha::Objects::AUTOLOAD('Koha::Account::Offsets=HASH(0x561cbe2ac930)') called at input text line 6
eval {...} at input text line 6
eval {...} at input text line 23
6. Apply this patch
7. Repeat 3
=> SUCCESS: It doesn't explode anymore!
8. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Mon, 27 Sep 2021 11:55:06 +0000 (11:55 +0000)]
Bug 29121: Add POD to plugins
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 29121: Catch errors in ->install and ->upgrade calls on plugins
This patch adds a try/catch block when instantiating plugins. Calling
->new on a plugin eventually triggers a call to ->install (this has
always been like this since bug 7804). If the ->install method is
somehow borked, then the process dies. We need to prevent that, and
report back some error took place. That's what this patch does.
The same happens to the ->upgrade.
To test:
1. Install any plugin you like
2. Restart plack (just in case)
=> SUCCESS: All good
3. Manually change its install method to:
sub install {
die "plugin, die!";
}
4. Run:
$ koha-mysql kohadev
> DELETE FROM plugin_data;
(to make sure there's no __INSTALLED__ entry, do on a safe to delete DB).
5. Point your browser to the plugins-home.pl page
=> FAIL: Boom
6. Apply up to the regression tests
7. Run:
$ kshell
k$ prove t/db_dependent/Koha/Plugins/Plugins.t \
t/Koha/Exceptions.t
=> FAIL: Tests fail!
8. Apply this patch
9. Repeat 2
=> SUCCESS: Tests pass!
10. Run:
$ restart_all
11. Repeat 5
=> SUCCESS: The page is not broken
12. Sign off :-D
Note: I used
$ kshell
k$ perl misc/devel/install_plugins.pl
to test as well.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds regression tests for broken ->install and ->upgrade
methods on plugins.
It adds two dummie plugins named BrokenInstall and BrokenUpgrade, for
convenience.
Tests are added to catch the warnings that will be logged when trying to
load this plugins on different scenarios.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/Koha/Exceptions.t
=> SUCCESS: Tests pass!
3. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 30 Sep 2021 06:56:36 +0000 (08:56 +0200)]
Bug 29137: Add new syspref to disable AV creation within the cataloguing module
"I don't like this patch at all!"
"We will see a cataloger revolt if we do not find a way to make this
optional for catalogers."
I imagined a hord of catalogers running behind me and I got scared.
This patch will allow to turn the new feature added by bug 25728 off.
Test plan:
Confirm that the new CreateAVFromCataloguing will permit to turn the
feature off.
Signed-off-by: Andrew Fuerste-Henry <andrew@bywatersolutions.com> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Agustin Moyano [Thu, 25 Feb 2021 16:07:12 +0000 (13:07 -0300)]
Bug 23678: Allow cancel holds in bulk
This patch allows staff patrons to cancel multiple holds in bulk.
To test:
1. Apply this patch
2. restart_all
3. In cataloge go to a book and place many holds
CHECK => Holds table shows a column of checkboxes
4. Play with checkboxes (have some fun ;-P)
CHECK => When you manually check all checkboxes, the checkbox in the
header also gets checked.
=> When you uncheck one of the checkboxes, the one in the header also gets unchecked.
=> If no checkbox is checked and you check the one in the header,
all checkboxes get checked.
=> If there are some checkboxes that are checked and others are
not, when you click on the checkbox in the header all checkboxes get
unchecked.
=> If all checkboxes are checked, when you uncheck the one in the
header, all checkboxes get unchecked.
=> Every time you play with checkboxes, the number in the button
"Cancel selected" changes.
5. Check some of the checkboxes and click on cancel selected.
SUCCESS => A background job gets fired to cancel all selected holds.
=> A message should appear with a link to the job.
6. Wait a few seconds and click on the link
SUCCESS => A message appears with the report of the execution of the
background job.
7. Grab a patron and search to hold
8. Select multiple biblios and click on "place hold for <patron>"
CHECK => After holds are confirmed, multiple holds table are shown.. one for
each record. Checkboxes work exactly the same as before, but scoped
for each individual table. Checkboxes from one table will not affect
checkboxes from other tables.
9. Repeat steps 4 to 6.
10. Check In some of the items so the get in Waiting state.
11. Update expirationdate os some of those holds and set it to
ReservesMaxPickUpDelay + 1 days earlier
NOTE => ReservesMaxPickUpDelay = 7 days by default, so sql syntax to update would be
=> update reserves set expirationdate = date_sub(expirationdate, interval 8 day) where reserve_id in (...)
12. Repeat steps 4 to 6 but in waitingreserves.pl, in both tabs.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 23678: (QA follow-up) Add missing template filter
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 23678: (QA follow-up) Add missing filters
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Bug 23678: (QA follow-up) Use correct indentation
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
JD amended patch: also Koha/BackgroundJob/BatchCancelHold.pm
JD Amended patch: Full rebase and adjustements made on top of bug 26080.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch changes the mapping so it is more readable, and also allows
adding things there more easily, like allowing to add code => class
mappings from plugins, when time comes.
To test:
1. Just verify things still work
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Mon, 26 Jul 2021 17:22:29 +0000 (19:22 +0200)]
Bug 29149: Add the capability to provide more info to the background job detail view
(Patch extracted from bug 28445 to make it reusable for bug 23678)
We already had the need for that, when bibliographic records are
modified in batch we wanted to add a "Add to list" feature, and so pass
a list of lists/virtual shelves to the template.
Here (in 28445) we will want to pass the infos of the items that have been modified
to display a table.
Test plan:
0. Create at least one list (virtual shelf)
1. batch update biblios
2. Go to the job detail
3. Notice that dropdown list to add the record to a list
=> No regression found!
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 29 Jul 2020 10:13:39 +0000 (12:13 +0200)]
Bug 26080: Use the task queue for batch delete authorities
Same as the first patch, for authorities
Test plan:
Delete authority records using the batch record deletion tool
Confirm that the job is now delegated to the task queue and that
everything else is working as before
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 29 Jul 2020 10:12:59 +0000 (12:12 +0200)]
Bug 26080: Some refactoring
A new include file is created per background job to avoid
background_jobs.tt to grow too much
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 29 Jul 2020 09:17:34 +0000 (11:17 +0200)]
Bug 26080: Use the task queue for batch delete biblios
This patch takes advantage of the task queue to delegate the batch
delete biblios tool.
Test plan:
Delete bibliographic records using the batch record deletion tool
Confirm that the job is now delegated to the task queue and that
everything else is working as before
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 28772: Make secret validation use the new method
This patch makes the Koha::OAuth library use the new validation method
To test:
1. In master, enable RESTOAuth2ClientCredentials and have your
superlibrarian patron a client_id/secret pair generated
2. Use Postman to gain an access token with the client_id/secret pair
=> SUCCESS: This works in Koha
3. Use the access token to GET /api/v1/patrons
=> SUCCESS: It works
4. Apply this patchset up to the regression tests
5. Run:
$ updatedatabase
$ koha-plack --restart kohadev
=> SUCCESS: All good
6. Repeat 2
=> FAIL: You get an error trying to acquire an access token. Boo
7. Run:
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> FAIL: Tests fail!
8. Apply this patch
9. Run:
$ koha-plack --restart kohadev
$ kshell
k$ prove t/db_dependent/api/v1/oauth.t
=> SUCCESS: Tests pass!
10. Repeat 2
=> SUCCESS: Your original client_id/secret pair works!
11. Sign off :-D
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch makes the apikeys.pl display the generated API secret once,
when generated. After that, it won't be displayed by the UI.
To test:
1. Generate a new API key
=> FAIL: The secret is displayed in the API keys table
2. Visit some other page, and go back to the API keys page
=> FAIL: The API key secret is there
3. Apply this patch
4. Go to More > Manage API keys
=> SUCCESS: It no longer displays the secret
5. Generate a new API key
=> SUCCESS: The API key details (including the secret) are displayed.
=> SUCCESS: A message telling to copy the secret because it won't be
displayed again is shown.
6. Repeat 4
=> SUCCESS: The secret is no longer displayed
7. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 28772: Add a warning about hash_password usage in updatedatabase.pl
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 28772: Make Koha::ApiKey->store encrypt the secret
This patch refactors the Koha::ApiKey class so:
- It encrypts the generated secret
- Allows accessing the plain text secret only immediately after the key
creation (this implies that it won't be accessible if the key is
fetched from the DB).
- It implements an allow list for attributes, that are not read only.
Changing any other of them will make ->store throw an exception.
- A method for validating plain text secrets against the encrypted one
is added.
- A method for accessing the plain text secret is added. Returns undef
if the object is not 'fresh'.
To test:
1. Apply this patch
2. Run:
$ kshell
k$ prove t/db_dependent/Koha/ApiKey.t
=> SUCCESS: Tests pass! Expected behavior is confirmed
3. Sign off :-D
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Petro Vashchuk [Tue, 10 Aug 2021 15:08:53 +0000 (18:08 +0300)]
Bug 28759: limit accessibility for "Manage API keys"
This patch limits the accessibility for "Manage API keys" section only
to superlibrarians and the owner of that said API key account.
The way it does it is by checking if user is superlibrarian or if
logged-in user is the same as a patron id/borrower number is the same
as logged-in user number both in template and apikeys.pl and making sure
the link is inaccessible or redirects to the 403 page if user tries to
go there directly.
To reproduce:
1) create/pick existing patron, set Staff access, allows viewing
of catalogue in staff interface (catalogue)" and "Add, modify and
iew patron information (borrowers)" permissions on;
2) enable "RESTOAuth2ClientCredentials" in sysprefs;
3) login with that user into staff interface;
4) check any other patron, go to the "More"->"Manage API keys" and
check that you can see, add delete their API keys;
5) apply patch;
6) with that same user try to access "Manage API keys" page again.
Ensure that you can't access that page of other patrons but can
access your own page and manage your own API keys.
7) log in with superlibrarian now and ensure that you can access every
"Manage API keys" page of every patron and apply changes there.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 2 Sep 2021 09:51:48 +0000 (11:51 +0200)]
Bug 28941: Filter suggestion inputs at the OPAC
The following sequence is bad:
46 my $suggestion = $input->Vars;
181 &NewSuggestion($suggestion);
All columns can be set when we insert the suggestion into the DB
We definitely want to avoid the following fields to be set by the final
user: acceptedby, accepteddate, STATUS, etc...
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Julian Maurice <julian.maurice@biblibre.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 3 Sep 2021 10:01:12 +0000 (12:01 +0200)]
Bug 28947: Prevent OPAC user to create new users
This patch prevents an existing user from exploiting the patron edit form in order to
force create new patrons
To test:
Try all combinations of PatronSelfRegistration and PatronSelfRegistrationVerifyByEmail
with and without this patch.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Mon, 13 Sep 2021 12:56:30 +0000 (12:56 +0000)]
Bug 28935: (QA follow-up) Use BorrowerUnwantedField on staff client
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Bug 28935: No filtering on patron's data on member entry pages
Security patch. Follow-up for 28929.
Including correction for gonenoaddress and two others.
Includes unwanted fields too now.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 31 Aug 2021 15:12:22 +0000 (17:12 +0200)]
Bug 28929: Add selenium tests
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Bug 28929: (follow-up) Add exec flag to tests
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 31 Aug 2021 13:55:15 +0000 (15:55 +0200)]
Bug 28929: Prevent flags to be sent during patron's edition
* selfreg and selfmod for OPAC
* patron's edition on staff
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Tested OPAC and staff side. Prevents mangling flags column.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
This patch adds a keydown event listener onto the flatpickr instance and
looks for the down arrow key. When such an event is detected we take
that to mean the user wants to keyboard navigate the calendar widget and
so disable the buggy allowInput option allowing keyboard navigation to
work as expected.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Tue, 31 Aug 2021 19:23:21 +0000 (19:23 +0000)]
Bug 28937: Use Flatpickr on circulation and patron pages
This patch replaces the use of jQueryUI's datepicker on circulation and
patron-related pages.
The patch modifies Flatpickr's default configuration (in calendar.inc)
so that it has the following features:
- A Flatpickr input with a "futuredate" class will require that the
selected date be after today.
- The Flatpickr input field will be wrapped in a container to
facilitate better CSS styling.
- Generic handling of paired date fields is enabled using
".flatpickrfrom" and ".flatpickrto" field classes. This mimics the
same feature we have for jQueryUI datepickers using ".datepickerfrom"
and ".datepickerto".
This patch also removes an unused function which was repeated in three
templates: validate1.
To test, apply the patch and rebuild the staff interface CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- Go to Circulation and check out to a patron.
- Open the Restrictions tab and click "Add manual restriction."
- In the "Expiration" field, test that the Flatpickr widget works
correctly and limits to dates after today.
- Enable the SpecifyDueDate preference if necessary.
- Test the behavior of the SpecifyDueDate controls: Setting a date,
clearing a date, session persistence.
- Enable the SuspendHoldsIntranet system preference if necessary.
- Check out to a patron with existing holds.
- Open the Holds tab and click the "Suspend" button for one of the
holds.
- In the modal window which appears, check that the Flatpickr
widget works correctly and limits to dates after today.
- At the bottom of the table of holds, test that the "Suspend all
holds" Flatpickr works correctly and limits to dates after
today.
- Perform this same test from the patron details page.
- Enable the BatchCheckouts system preference if necessary.
- Open a patron record and click "Batch check out" in the left-hand
sidebar menu.
- Test that the "Hard due date" Flatpickr works correctly as a date
and time picker.
- Go to Circulation -> Overdues.
- Test that the date due filters in the sidebar work correctly and
are linked, e.g. the "to" field cannot be before the "from" field.
- Perform the same test here: Circulation -> Holds to pull; and
here: Circulation -> Hold ratios.
- Enable the HouseboundModule system preference if necessary.
- Check out to or view details of a patron.
- Click "Housebound" in the sidebar menu.
- Save delivery day and frequency settings for that patron.
- Click "Add a new delivery."
- Test that the "Date" Flatpickr widget works correctly.
- Go to Patrons -> A patron record -> Edit.
- Test that Flatpickr widgets work on the following fields:
- Date of birth
- Registration date & Expiration date (linked).
- Patron restrictions -> Add manual restriction -> Expiration.
- View a bibliographic record and start the process of placing a hold.
- After selecting a patron, test the "Hold starts on" and "Hold
expires on" date fields. The fields should be linked and each
should limit to future dates.
- Confirm that the dates are saved correctly when you submit the
hold.
- Locate a bibliographic record with multiple holds and view the holds.
- In the table of holds, test each date field: Date, expiration, and
suspend-until.
- Test that Flatpickr's static "formatDate" method is working
correctly:
- Locate a bibliographic record's item so that there is text in both
the "Public note" and "Non-public note" field.
- Check that item out to a patron.
- After the page reloads the public and non-public notes should be
shown under the checkout title highlighted in red.
- Check for references to a "validate1" function. There should be none.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Lucas Gass [Tue, 31 Aug 2021 20:36:37 +0000 (20:36 +0000)]
Bug 28933: Add subscription class to each subscription in opac-detail
To Test:
1. Go to a record with some subscriptions, have some closed and some
open.
2. Go to the opac-detail page, click on the subscription tab and use
your developer tools to inscept the element.
3. Notice the hierarchy of HTML structure, everything is a sibling of
the next.
4. Apply patch
5. Reload the same opac-detail page and again inscept the element.
6. Now every individual subscription should be wrapped in an element
with the class name of 'subscription'.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Owen Leonard [Wed, 15 Sep 2021 17:40:19 +0000 (17:40 +0000)]
Bug 29030: Make authorized value and description fields required
This patch modifies the markup of the "Create a new authorized value"
modal so that a minimum set of fields is required: Authorized value and
description.
The patch also modifies the JavaScript which handles the submission so
that the jQuery Validation plugin can handle the field checks.
The spelling "authorised" is changed to "authorized" following coding
guidelines.
To test, apply the patch and rebuild the staff interface CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).
- Locate a record in the catalog which has items and open an item for
editing.
- In the add item form, test the process of adding an authorized
value on the fly with the following fields: Withdrawn, Lost,
Damaged, Use restrictions, Not for loan, Collection code, Shelving
location, and Shelving control number.
- In each case you should be able to type a new value in the
dropdown's search box and be shown the option "Select to create."
- Selecting should trigger a modal window, "Create a new authorized
value."
- Test that both "Authorized value" and "Description" fields are
required, and the form can't be submitted without them.
- Test that an error message shows up when you submit an authorized
value which already exists, e.g. authval "1" for "DAMAGED."
- After triggering this error, click the "Cancel" button and try
creating another new authorized value. When the modal reopens the
form should be reset: No previously-entered data, no error messages.
- Submitting a valid form with a new authorized value should work
correctly. The modal window should close automatically.
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 6 Aug 2021 18:50:35 +0000 (18:50 +0000)]
Bug 28826: Add FacetOrder system preference
This bug adds a system preference to control ordering of facets and
adds the control to both Zebra and Elasticsearch
To test:
1 - Have a koha that can use both Zebra and ES
2 - Set 'displayFacetCount' to true
3 - Search in ES and Zebra
4 - Note facets in Zebra sorted alphabetically, ES by usage
5 - Apply patch, updatedatabase
6 - Search in ES and Zebra, facets are alphabetically sorted in both
7 - Find new syspref FacetOrder and set to 'by usage'
8 - Search in both engines, facets sorted by usage
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>