Owen Leonard [Mon, 28 Aug 2023 10:59:29 +0000 (10:59 +0000)]
Bug 34627: CMS pages do not correctly display the opaccredits footer
This patch corrects the page structure of CMS pages in the OPAC so that
the contents of the footer, including opaccredits, OpacKohaUrl, and the
language selection bar, are displayed correctly.
This patch contains indentation changes, so ignore whitespace when
viewing the diff.
To test you should have these settings:
- OpacKohaUrl enabled in system preferences
- Some content in the opaccredits HTML customization region
- Some content in the OpacNav HTML customization region
- At least one translation installed and enabled
- The opaclanguagesdisplay preference enabled
- The OpacLangSelectorMode set to "only footer" or "both top and footer"
- Apply the patch and go to Tools -> Pages and create a page with the
display location "OPAC."
- Open the OPAC link for your newly-created page and confirm that the
page looks correct:
- The "main" region with the white background should contain the
breadcrumb navigation, the sidebar OpacNav content, and the contents
of your CMS page.
- The opaccredits and OpacKohaUrl content should appear below that
region.
- The language selection footer should be at the bottom of the page.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Fridolin Somers [Wed, 9 Aug 2023 07:44:24 +0000 (21:44 -1000)]
Bug 34505: Patron invalid age in search_for_data_inconsistencies.pl skip expired patrons
Bug 26311 added patron invalid age in search_for_data_inconsistencies.pl
But this is not relevant for expired patrons, especially in child categories.
Check should skip expired patrons
1) Set a non-expired patron with invalid age
2) Run misc/maintenance/search_for_data_inconsistencies.pl
=> Check you see the patron
3) Edit patron to be expired
4) Run misc/maintenance/search_for_data_inconsistencies.pl
=> Check you do not see the patron
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[EDIT] If we do not want to test valid age for expired patrons, you should
obviously test expired first. Reversing the order in the test.
Putting it in the search criteria would be nicer but leads to more
complicated code.
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Tue, 6 Jun 2023 15:05:17 +0000 (15:05 +0000)]
Bug 33910: Improve translation of title tags: Authorities
This patch updates authorities templates so that title
tags can be more easily translated.
To test, apply the patch and confirm that the following authorities
pages have the correct title tags:
- Authorities -> Authorities home page
- Authority search results
- Authority details
- Edit authority
- Merge authorities
- Cataloging -> New or edit record
- Trigger the authority search plugin on a field which is linked to an
authority type.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Thu, 24 Aug 2023 20:55:37 +0000 (20:55 +0000)]
Bug 33913: (QA follow-up) Move variables into strings
To test:
1) Checking out to {patron}
* Search for any patron
* Click on cardnumber in patron search results
* Verify that page title reads correctly and includes patron's name
2) Batch check out to {patron}
* Activate BatchCheckouts system preference
* Check all patron categories for BatchCheckoutsValidCategories
* Go to any patron account
* Click on batch checkout tab
* Verify that the page title reads correctly and includes patron's name
3) Place a hold on {title}
* Search for a record with items in the staff interface catalog
* Click on 'place holds'
* Verify that the page title reads correctly and includes the title of the record
4) Overdues as of {date}
* Set DateFormat system preference to any other than default
* Go to circulation > overdues
* Verify the page title includes today's date in the correct format
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Tue, 6 Jun 2023 15:13:18 +0000 (15:13 +0000)]
Bug 33913: Improve translation of title tags: Circulation, holds, and ILL
This patch updates circulation, holds, and ILL templates so that title
tags can be more easily translated.
To test, apply the patch and confirm that the following pages have the
correct title tags:
- Circulation -> Article requests
- Catalog -> Bibliographic record -> Items -> View item's checkout history
- Circulation -> Overdues with fines
- Circulation -> Transfers
- Circulation -> Checkout notes
- Circulation -> Circulation home
- Circulation -> Check out
- Circulation -> Batch checkouts
- Circulation -> Curbside pickups
- Circulation -> On-site checkouts
- Circulation -> Overdues
- Circulation -> Holds to pull
- Circulation -> Checkout to patron -> Print slip
- Circulation -> Renew
- Catalog -> Bibliographic record -> Request article
- Circulation -> Hold ratios
- Circulation -> Check in
- Circulation -> Set library
- Circulation -> Transfers to receive
- Circulation -> Transfers to send
- Circulation -> Holds queue
- Circulation -> Holds awaiting pickup
- ILL requests
- Catalog -> Bibliographic record -> Holds
Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Pascal Uphaus [Thu, 17 Aug 2023 11:58:24 +0000 (11:58 +0000)]
Bug 34240: Added hint about having to use Koha-to-MARC mappings for Koha link in frameworks
To test:
1. Go to administration > marc bibliographic framework > choose framework > marc structure
choose any tag
2. go to actions and edit subfields
3. check that the koha link pulldown can not be edited
=> There is no hint
4. Apply patch
5. Refresh the page, the select box is replaced by text and there is a hint on how to edit
Signed-off-by: Christina Fairlamb <cjf@wmu.se> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Tue, 6 Jun 2023 15:18:02 +0000 (15:18 +0000)]
Bug 33920: Improve translation of title tags: Patrons
This patch updates patron module templates so that title
tags can be more easily translated.
To test, apply the patch and confirm that the following patron-related
pages have the correct title tags:
- Patrons home page
- Patron search ->
- Select two patrons -> Merge selected
- Add patron ->
- Add a patron with the same name and email address ->
- Click "View existing record" in "Duplicate patron record?"
dialog.
- Patron details
- Manage API keys (must have RESTOAuth2ClientCredentials enabled)
- Accounting
- Transactions
- Print fee receipt
- Print invoice
- Make a payment
- Create manual invoice
- Create manual credit
- Routing lists (must have RoutingSerials enabled)
- Circulation history
- Notices
- Statistics
- Files (must have EnableBorrowerFiles enabled)
- Purchase suggestions
- Discharges (must have useDischarge enabled)
- Housebound (must have HouseboundModule enabled)
- ILL requests history (must have ILLModule enabled)
- Set permissions
- Change password
- Print summary
- Print account balance
- Two-factor authentication (must have TwoFactorAuthentication
enabled)
- Edit patron
- Update child to adult patron:
- Must have more than one "adult" type category defined
- Locate a patron with a "child" type category
- Choose More -> Update child to adult patron
- Delete patron (confirmation page)
- Pending discharge requests
- Patrons requesting modifications
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34313: Add patron information in pass validation response
This patch makes the password validation response return the following
patron attributes to the API consumer:
* cardnumber
* userid
This will give hints on what was used to validate in the fallback
bahvior the endpoint has.
To test:
1. Apply the unit tests patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/password_validation.t
=> FAIL: The endpoint doesn't return this valuable data
3. Apply this patch
4. Repeat 2
=> SUCESS: Tests pass! We got the cardnumber and the userid!
5. Sign off :-D
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Lucas Gass [Thu, 17 Aug 2023 17:25:56 +0000 (17:25 +0000)]
Bug 34356: Make sort order always default to correct column
To test:
1- Check out an item to a patron
2- View checkout history, default sort is on 'Date due'
3- Enable RecordStaffUserOnCheckout
4- View checkout history, default sort is on 'Checked out by'
5- Apply patch
6- Table should sort to 'Date due' no matter what the sys pref is set to
Signed-off-by: Jason <jrobb@sekls.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 18 Aug 2023 11:18:45 +0000 (11:18 +0000)]
Bug 34384: Fix inconsistencies in Library transfer limits page titles, breadcrumbs, and heading
This patch makes a few minor corrections to the library transfer limits
pages, both basic and advanced, standardizing on the name "Library
transfer limits" for page title, breadcrumb navigation, and page
heading.
To test, apply the patch and go to Administration -> Library transfer
limits.
- Confirm that the page shows "Library transfer limits for [library]
[library code]"
- Breadcrumb navigation, page title, and heading should match.
- Swith to the advanced editor
- The title should now be simply "Library transfer limits"
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 18 Aug 2023 11:43:15 +0000 (11:43 +0000)]
Bug 34386: Fix inconsistencies in Cities and tows page titles, breadcrumbs, and header
This patch updates the cities administration page so that page title,
breadcrumb navigation, and headings are consistent with each other and
with other parts of Koha.
To test, apply the patch and go to Administration -> Cities and towns.
Check each variation of the page to confirm that page title, breadcrumb
navigation, and heading are correct.
- Main page (listing cities)
- New city
- Edit city
- Delete city
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 18 Aug 2023 10:03:49 +0000 (10:03 +0000)]
Bug 34382: Fix inconsistencies in Patron categories page titles, breadcrumbs, and header
This patch makes some changes to the patron categories administration
page so that the page title, breadcrumb navigation, and headings are
more consistent with each other.
To test, apply the patch and go to Administration -> Patron categories.
- Test all variations of the page:
- Main page (listing categories)
- New category
- Edit category
- Confirm deletion of category when the category is in use (there are
existing patrons who have that category)
- Confirm deletion of category when the category is not in use
Note: This patch contains whitespace changes, so please ignore
whitespace if you're checking the diff.
Signed-off-by: Amanda Hovey <amanda.hovey@parliament.nsw.gov.au> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 18 Aug 2023 09:07:59 +0000 (09:07 +0000)]
Bug 34381: Correct inconsistencies in Authorized values page title
This patch rewords the authorized values template title logic so that it
matches the breadcrumb navigation for consistency.
To test, apply the patch and go to Administration -> Authorized values.
Test all versions of the page to confirm that the breadcrumbs and page
title are consistent with each other:
- Main view
- New category
- View category (click a category, e.g. CCODE, in the main view)
- Add authorized value
- Edit authorized value
Signed-off-by: Christian Nelson <christian.nelson@uwasa.fi> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 18 Aug 2023 08:52:06 +0000 (08:52 +0000)]
Bug 34379: Fix label of new library group button
This patch corrects the label on the button for creating a new library
group, changing it from "Add group" to "New group" for consistency.
To test, apply the patch and go to Administration -> Library groups.
Confirm that the button is now labeled "New group" and that it
still works to trigger the library group creation modal.
Signed-off-by: Andrew <andrew.auld@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 18 Aug 2023 08:39:50 +0000 (08:39 +0000)]
Bug 34378: Fix inconsistencies in Libraries page titles, breadcrumbs, and header
This patch makes changes to the libraries administration page so that
the page title, breadcrumbs, and page headings are more consistent with
each other.
To test, apply the patch and go to Administration -> Libraries.
- Click "New library"
- The page title, breadcrumb navigation, and page heading should all
read "New library"
- Enter some details, save your new library, and then click the "Delete"
button corresponding to your new library.
- On the deletion conformation page, the page title and breadcrumb
navigation should match, "Confirm deletion of library 'X'"
- Edit a library. On the edit page, the page title, breadcrumb
navigation, and page heading should match: "Modify library 'X'"
Signed-off-by: paul <paul.poulain@biblibre.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 21 Jul 2023 11:38:32 +0000 (11:38 +0000)]
Bug 25023: Claims returned dates not formatted according to dateformat preference
This patch updates the code for rendering the claims returned table on
the checkout and patron detail pages. Now the dates are formatted using
the global js-date-format.inc code.
To test, apply the patch and make sure the claims returned feature is
enabled by setting a value in the ClaimReturnedLostValue system
preference.
- Check out some items to a patron.
- Under the checkouts tab, mark several checkouts as "Claim returned."
- Open the claims tab.
- The dates in the "Created on" column should be formatted according to
your dateformat system preference.
- Change the dateformat preference and return to the checkouts page.
Confirm that the claims tab shows dates formatted correctly.
- The "created on" and "updated on" columns should sort correctly with
any dateformat setting. You may have to directly modify the dates in
the database in order to have the right data for testing this.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Thu, 6 Jul 2023 14:13:22 +0000 (16:13 +0200)]
Bug 34219: Allow getAll to receive additional URL parameters
It's not possible to pass additional URL parameters. We need it at least for bug 32474.
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Nick Clemens [Thu, 24 Aug 2023 12:22:23 +0000 (12:22 +0000)]
Bug 34331: Use register from userenv if parameter not passed
To recreate:
1. Enable the "EnablePointofSale" syspref.
2. Set the "UseCashRegisters" syspref to use.
3. Create 3 new registers (Register A, B and C) with a float amount of $25.
4. Under POS, configure 3 new debit types (i.e. Copies, Earbuds, Friends Donation)
-- You can leave the default amounts blank, or add an amount if desired.
-- Set "Can be manually invoiced?" and "Can be sold?"
5. Under point of sale make a $5 sale of copies under Register A.
6. Under point of sale make a $10 sale of earbuds under Register B.
7. Under point of sale make a $100 sale of Friends Donation under Register C.
8. At circ/set-library.pl set your register to Register A.
9. Go back to POS and view the "Transaction history for Register A" - it shows the correct amount of $5 sold in copies.
10. Go back to circ/set-library.pl and change your register to Register B.
11. Go back to POS and view the "Transaction history for Register B" - it shows the incorrect transaction history. It is showing the transaction history for Register A.
12. Go back to circ/set-library.pl and change your register to Register C.
13. Go back to POS and view the "Transaction history for Register C" - it shows the incorrect transaction history. It is showing the transaction history for Register A.
14. Apply patch, repeat. The correct transactions should now show.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Thu, 10 Aug 2023 13:26:54 +0000 (13:26 +0000)]
Bug 33759: Fix typo 'Thankyou' in sample notices
This fixes the typo 'Thankyou' in some of the sample notices.
To test:
* With the sample data
* Create and run a report:
SELECT code,content FROM letter where content LIKE "%Thankyou%";
* Verify 3 notices contain 'Thankyou'
* Apply patch
* Drop your database
* Run the web installer
* Run report again, you should no longer get any results
Signed-off-by: Alexander Wagner <alexander.wagner@desy.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Mon, 14 Aug 2023 11:49:43 +0000 (11:49 +0000)]
Bug 34341: Revert Bug 34072: Holds queue search interface hidden on small screens
This patch undoes the changes made by 34072 because they have had a more
far-reaching effect than was expected. I have never been able to
reproduce Bug 34072 before the patch.
To test, apply the patch and rebuild the staff interface CSS.
- Go to Circulation -> Holds queue
- Try adjusting the width of the browser window to confirm that it is
responsive at various widths.
- When the viewport width is below 768 the page layout will adjust, and
the contents of the sidebar will drop below the table of holds. This
is consistent with other pages in the staff interface.
- Check that the corrected CSS has resulted in a correction to the
layout of submit buttons in forms:
- For example, in Administration -> Cities and towns -> New city.
- Before the patch there was no padding between the submit button and
the white fieldset containing the form fields.
- After the patch the correct padding has been restored.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Tue, 15 Aug 2023 08:38:20 +0000 (08:38 +0000)]
Bug 34533: jsdiff library missing from guided reports page
This patch restores the inclusion of the jsdiff JS library on the guided
reports page when displaying saved SQL reports. This fixes a JS error in
the browser console when the user tries to use our automatic update on
SQL reports which use an older syntax.
The patch also corrects a problem with svc/convert_report which was
causing an error when trying to display the diff information.
To test, apply the patch and restart services.
- Go to Reports -> Create from SQL.
- Add a report which is based on an older db structure. The example I
found was:
SELECT biblionumber,
ExtractValue(marcxml,'//datafield/@tag/text()[substring(.,1,1) = "5"]') as 'notes'
FROM biblioitems
HAVING notes <> ''
- Save the report and go to the list of saved reports. There should be
an "Update" column in the table, with a message about your newly-added
report:
"This report seems obsolete, it uses biblioitems.marcxml field."
- Clicking the "Update SQL" button should trigger a modal window that
shows the before an after versions of the report. There should be
no error in the browser console. Unfortunately the diff will not
display because of a separate bug in svc/convert_report
Signed.off-by: Jessie Zairo <jzairo@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Thu, 17 Aug 2023 11:37:30 +0000 (11:37 +0000)]
Bug 34565: Label mismatch in MARC21 006 and 008 cataloging plugins
This patch modifies the JS which builds the table of options for
populating MARC21 fields 006 and 008 when using the cataloging plugin.
To test, apply the patch and go to Cataloging -> New record.
- Click the plugin trigger link next to the 006 input field (you may
need to click the tag to expand it.
- In the table of input fields, test that clicking the label, e.g. "Type
of material", "00 - Form of material," etc, moves focus to the
corresponding form field.
- Perform the same test on the plugin-popup for field 008.
Signed-off-by: Andrew <andrew.auld@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Wed, 5 Jul 2023 12:47:41 +0000 (14:47 +0200)]
Bug 34129: Fix plus and minus icon
This patch fixes the plus and minus on the buttons to expand the columns
in mobile or zoomed in view.
To test:
1. Apply the patch
2. Rebuild css (yarn build)
3. Go to the OPAC and search for a record with an item
4. Zoom in to 400% or change view to mobile
--> The items table should have a plus (+) button in the last column to
expand and have the rest of the information
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Lucas Gass [Wed, 23 Aug 2023 18:18:57 +0000 (18:18 +0000)]
Bug 34601: Fix edit/delete links on suggestion.tt
1. Make a suggestion
2. Try to edit, delete the suggestion.
3. Error:
4. Apply patch and restart_all
5. Try again and you should not get the error anymore.
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Andreas Roussos [Tue, 21 Feb 2023 19:02:19 +0000 (20:02 +0100)]
Bug 29578: Upgrade the jQuery highlighter plugin
Under certain conditions, the jQuery term highlighter
can break and in the process make the "Highlight" /
"Unhighlight" button disappear altogether. This affects
catalog searches in both the OPAC and the Staff Client,
with UNIMARC-based instances affected the most as the
"Highlight" / "Unhighlight" button disappears if you
perform a specific OPAC search (see Test plan below).
This patch fixes that by upgrading the highlighter
plugin to its latest version for both the OPAC and
the Staff interface. Then, the changes from commit 2e4b574074 (Bug 5844) are applied to the plugin code.
Also, Koha uses "term" instead of "highlight" as the
class name for the <span> highlighting elements, so
the plugin code is modified for that aspect, too.
Finally, the plugin file is renamed to reflect the
version change (v3 -> v5) and all references to the
old filename in the Template files are updated.
Test plan:
0) In a UNIMARC instance, catalogue two books using
the titles given below (Title subfield = 200$a):
Book 1: Συλλογής των εν επιτομή τοῖς πάλαι γεωγραφηθέντων
Book 2: Επιτομή της ιστορίας των Βαλκανικών Πολέμων (1912-1913)
1) OpacHighlightedWords and StaffHighlightedWords
should both be set to "Highlight".
2) Search the OPAC for "επιτομή των" (without the
quotes). In the results page, notice that:
a) You get an Uncaught DOMException error in the
web browswer's JavaScript Console (press F12):
"Failed to execute 'splitText' on 'Text': The
offset 3 is larger than the Text node's length."
b) the "Highlight" / "Unhighlight" button vanishes
c) some search terms matches are not highlighted
(for example "των" in the 2nd Book)
3) Repeat the same search in the Staff interface.
In the results page, notice that:
a) You get an Uncaught DOMException error in the
web browswer's JavaScript Console (press F12):
"Failed to execute 'splitText' on 'Text': The
offset 3 is larger than the Text node's length."
b) Even though some terms are highlighted, the
button still says "Highlight"
c) some search terms matches are not highlighted
(for example "των" in the 2nd Book)
4) Apply this patch.
5) Repeat the searches (you may have to press CTRL-F5
to reload the JavaScript code). This time the
"Highlight" / "Unhighlight" button is displayed
in the OPAC, and all your search terms should be
highlighted in yellow. Toggling the highlight
should cause no problems, and there shouldn't be
any errors logged in your browser's Console.
Signed-off-by: Christian Nelson <christian.nelson@uwasa.fi> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kevin Carnes [Fri, 18 Aug 2023 11:37:51 +0000 (13:37 +0200)]
Bug 27496: Accessibility: Navigation buttons are poorly described by screen readers
This patch adds aria-haspopup and aria-expanded attributes to the language
and welcome user buttons so that screen readers will know that they cause a
popup menu to be displayed.
To test:
1. Use an installation with at least 2 active languages
2. Log in the OPAC
3. Use a screen reader (e.g. ChromeVox in Chrome) and use the tab key to
navigate to the language and welcome user buttons while noticing that
they are described as "Button collapsed" and "Button", respectively
4. Alternatively, inspect the buttons and notice that they are missing
aria-haspopup and aria-expanded attributes
5. Apply the patch
6. Observe that these buttons now are described as "Popup button collapsed"
or that they contain the aria-haspopup and aria-expanded attributes like
the lists button
7. Sign off
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Nick Clemens [Wed, 9 Aug 2023 17:39:45 +0000 (17:39 +0000)]
Bug 34509: Use select2 to load vendors on basket creation
This patch moves the dropdown to use select2 and avoids loading all
vendors at page load.
To test:
1 - Create some extra vendors in your system, ideally over 20
2 - Search for a vendor in acquisitions
3 - Click 'New->basket'
4 - Note the dropdown of all vendors
5 - Choose a vendor and create a basket
6 - Apply patch
7 - Repeat
8 - Note only a partial list of vendors is loaded
9 - Search in the dropdown and confirm vendors are returned
10 - Select a vendor and create the basket
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Pedro Amorim [Fri, 11 Aug 2023 13:08:15 +0000 (13:08 +0000)]
Bug 34518: Fix 'Renew all' button in OPAC
Test plan:
- Checkout an item to koha user (42)
- Log-in to OPAC and visit user summary to see check-outs
- Press 'Renew all' button at the bottom, notice it doesn't work.
- Apply patch. Repeat and verify it now works
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34024: (QA follow-up) Allow pickup location changing for in transit holds
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34024: Block changing pickup location for found holds
This patch adds a check on holds for 'found' statuses. Holds with the
following statuses have special workflows in Koha, and overwritting
their pickup locations yields uncertain scenarios:
* Waiting: the item has probably been put on a special shelve
* In transit: the item is travelling to a new destination, and changing
the pickup location should include some validations, and probably
generate some notifications. At least.
* In processing: the item has already been taken out of the shelve for
some internal processing. Changing the pickup location could interfere
with this workflow. Overriding this limitation could be introduced
with care on a separate report.
To test:
1. Apply the unit tests patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: Tests don't pass. Holds go through (200) instead of being
rejected (409).
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass!
5. Sign off :-D
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Mon, 3 Jul 2023 23:52:53 +0000 (23:52 +0000)]
Bug 34193: SSLProtocol enable in use versions and disable deprecated versions
This patch changes the default SSLProtocol for the Let's Encrypt
HTTPS template, so that it enables in use versions of TLS while
disabling the deprecated versions of TLS.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Hammat Wele [Mon, 23 Jan 2023 15:41:41 +0000 (15:41 +0000)]
Bug 30846: 'If any unavailable' doesn't consider negative notforlan values as unavailable
When we set up a circulation rule where 'On shelf holds allowed' is 'If any unavailable' and we have a record with one 'Ordered' item, we cannot place this item on hold.
This patch allows placing hold on item with negative not for loan values, when using rule with 'On shelf holds allowed' set to 'If any unavailable'
To test:
1. Set up a circulation rule where on shelf holds are not allowed and force the choosing of an item (to facilitate the test)
1.1. Go to Administration > Circulation and fines rules
1.2. In the matrix, add a circulation like this
- Patron category: All
- Item type: Books
- Current checkouts allowed: 10
- Current on-site checkouts allowed: 10
- Loan period: 21
- Holds allowed (total): 10
- Holds allowed (daily): 10
- Holds per record (count): 10
- On shelf holds allowed: If any unavailable
- OPAC item level holds: Force
1.3. Click Save
2. Create a record with one 'Ordered' item (or any negative value not for loan status)
2.1. Go to Cataloging
2.2. Click New record
2.3. Fill out the mandatory fields (by default in MARC21: 000, 003, 005, 008, 040, 245, and 942 (942 should be set to Books))
2.4. Click Save
2.5. Fill out the following item fields
- Not for loan: Ordered
- Koha item type: Books
2.6. Click Add item
2.7. Click Normal to go to the detailed record
3. Try to place a hold on the 'Ordered' item
3.1. From the detailed record, click OPAC view: Open in new window.
--> Note that the 'Place hold' option is not present
4. Add a second 'Available' item
4.1. Back in the staff interface tab with the detailed record, click New > New item
4.2. Make sure the item type is set to Books
4.3. Add a barcode in p
4.4. Click Add item
5. Try again to place a hold on the 'Ordered' item
5.1. Go back to the OPAC tab and refresh the page
--> Note that the 'Place hold' option is still not present
6. Check out the available item to a patron
6.1. In the staff interface tab, copy the barcode from the available item
6.2. Go to Patrons
6.3. Click on Search
6.4. Click Check out next to one of the patrons
6.5. Paste the barcode in the box and click Check out
7. Try again to place a hold on the 'Ordered' item
7.1. Go back to the OPAC tab and refresh the page
--> Note that the 'Place hold' option is now present
7.2. Click Place hold
--> Note that only the checked out item is available to place on hold, if you click Show unholdable items, it will show the Ordered item, but you can't place a hold on it.
8. Apply the patch
9. Go to the OPAC tab and click on the book title right next to 'Place a hold on' checkbox to go back to the record details.
--> Note that the 'Place hold' option is still present
9.1. Click Place hold
--> Note that you can now place a hold on the 'Checked out' or the 'Ordered' item.
10. Check in the item to make it available again
10.1. In the staff interface tab, click on 'Show checkouts' button
10.2. Select the Checked out item and click on 'Renew or check in selected items' button.
11. Try again to place a hold on the 'Ordered' item
11.1. Go back to the OPAC tab and click on the book title right next to 'Place a hold on' checkbox to go back to the record details.
--> Note that the 'Place hold' option is still present
11.2. Click Place hold
--> Note that only the 'Ordered' item is available to place on hold, if you click Show unholdable items, it will show the Available item and you can't place a hold on it.
12. Delete the available item to keep only the Ordered item
12.1 in the staff interface tab, click on 'Search catalog' and search for the record
12.2 click on 'Edit' then 'Edit items'
12.3 Delete the available item
13. Try to place a hold on the remain 'Ordered' item
13.1 Go back to the OPAC tab and click on the book title right next to 'Place a hold on' checkbox to go back to the record details.
--> Note that the 'Place hold' option is present
13.2. Click Place hold
--> Note that you can place a hold on the Ordered item.
Signed-off-by: Amaury GAU <amaury.gau@bulac.fr> Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle M Hall [Thu, 12 Mar 2015 16:24:00 +0000 (12:24 -0400)]
Bug 12421: no way to get back to search results from overdrive results
When on your search results you can click the link to overdrive results,
but then you can't get back to your catalog search results, the
line that links to the results should be there on both pages.
Test Plan:
1) Apply this patch
2) Enable Overdrive searching
3) Perform a search
4) View the overdrive results
5) Note the "Catalog search for '$q'" link in the breadcrumbs
6) Click the link
7) Note you return to the search results page
Signed-off-by: Barry Cannon <bc@interleaf.ie> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Pedro Amorim [Mon, 24 Jul 2023 10:23:41 +0000 (10:23 +0000)]
Bug 34351: Add link to access_url
On k-t-d
1) Run bash <(curl -s https://raw.githubusercontent.com/ammopt/koha-ill-dev/master/start-ill-dev.sh)
2) Create a new Freeform request
3) Update access_url field. Run this mysql query:
update illrequests set accessurl = https://koha-community.org/;
4) Visit ill table list at /cgi-bin/koha/ill/ill-requests.pl
5) Verify access url is not clickable
6) Apply patch. Refresh. Verify it's now clickable.
Signed-off by: Jeremy Evans <Jeremy.Evans@ukhsa.gov.uk>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Mon, 24 Jul 2023 10:36:18 +0000 (10:36 +0000)]
Bug 34343: Update style of fixed footer navbar in Z39.50 searches
We use a Bootstrap fixed navbar in the footer of two pages: the popup
Z39.50 searches in cataloging and authorities. The style of these
footers needs to be udpated for the new staff interface design.
This patch also changes the style of the "cancel" controls in these
footers from links to buttons. The popup window in cataloging has been
adjusted to be the same size as the one in authorities.
To test, apply the batch and rebuild the staff interface CSS.
- Go to Cataloging -> New from Z39.50/SRU.
- In the popup window, the form should fit comfortably in the window.
- The footer should be white with a grey border at the top, with
Bootstrap-styled buttons aligned to the right.
- Perform the same test in Authorities -> New from Z39.50/SRU
- Install and enable an additional translation so that you can confirm
that the language-selection footer still has the correct style.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Tue, 25 Jul 2023 15:32:44 +0000 (15:32 +0000)]
Bug 31667: Merge 'tip' and 'hint' classes
This patch corrects a few instances of the use of the "tip" class and
replaces them with "hint." The patch also removes the class from the
staff interface CSS.
To test, apply the patch and rebuild the staff interface CSS.
- View a patron account and click the "Routing lists" link in the
left-hand sidebar.
- On the subscription routing lists page the "Search subscriptions"
page label should look correct.
- Go to Reports -> Catalog by item type.
- The "Select none..." hint should be styled correctly.
- The third instance, in the installer, is only visible if you try to
install Koha using a MySQL user who doesn't have the correct
privileges, so may be too much trouble to really test. A check of the
patch should be adequate.
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Andreas Jonsson [Sun, 5 Mar 2023 12:21:34 +0000 (13:21 +0100)]
Bug 33140: Use facet label value for mouseover text on facet removal link
This patch updates the facets includes in both the staff interface and
OPAC so that the title attribute on "remove" links uses the full name
rather than the code of the facet. So, library name instead of
branchcode, collection code description instead of authorized value
code.
To test, apply the patch and perform a search in the staff interface.
- Click a facet in the left-hand sidebar which will return more than one
result.
- On the reloaded page there should be a link next to that facet: [X].
Hovering your mouse over it should show "Remove facet [facet name]"
e.g. "Remove facet Centerville" instead of "Remove facet CPL"
- Test on library facets, item type facets, and collection code facets.
- Perform the same test in the OPAC.
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Tue, 18 Jul 2023 14:47:43 +0000 (14:47 +0000)]
Bug 34305: Account for negative prices on acq details tab
The acquisition detail tab shows the estimated cost while
the order is still pending and the actual price, once received.
At least the tool tip on the table header row says so. This
was not working correctly.
To test:
* Create a basket
* Create a new order line with a negative list price (credit)
* Close the basket
* Verify that the price shows correctly in the acquisition details
tab on the record
* Receive the order and enter a different negative actual price.
* Reload detail view, verify it still shows the estimated price
* Apply patch, restart_all
* Verify now the correct actual price displays
* Create another basket and order line
* Verify while not yet received, it still shows the estimated price
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Mon, 31 Jul 2023 11:23:53 +0000 (13:23 +0200)]
Bug 34447: Do not export "Actions" columns
In the KohaTable Vue component we should add the noExport class to the actions columns to not export them.
Test plan:
Go to the ERM module, create at least one agreement.
Go to the agreement list view and click "export" to export the table
=> Without this patch the "Actions" column was exported
=> With this patch is no longer there
Sponsored-by: BULAC - http://www.bulac.fr/ Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34435: Remove side effect from get_password_expiry_date
If get_password_expiry_date is passed a DateTime object
as a parameter, it modifies and returns the original
object. This can create possible side effects.
This patch modifies get_password_expiry_date to clone the
DateTime object that it receives as a parameter and
return the modified clone, so that object references can
be passed in safely.
To test:
prove t/db_dependent/Koha/Patron/Category.t
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
To test:
prove t/db_dependent/Koha/Patron/Category.t
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Mon, 24 Jul 2023 10:56:45 +0000 (10:56 +0000)]
Bug 34344: Make item types breadcrumbs uniform
This patch updates the breadcrumbs on the item types administration page
so that it reads "Item types" instead of "Item types administration,"
making it more consistent with other administration pages. The same
change is made to the page's main heading.
To test, apply the patch and go to Administration -> Item types.
The breadcrumbs should read "Home -> Administration -> Item types. The
page heading should read "Item types."
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Fri, 26 May 2023 17:28:50 +0000 (17:28 +0000)]
Bug 33848: Enabling Coce in the OPAC breaks cover images on bibliographic detail page
Bug 32412 added an additional "context" parameter to KOHA.coce.getURL.
The code which pulls a Coce image for the "main" cover image slider
needs to include the correct context parameter for the images to load.
This patch also makes a minor correction to CSS in order to make the
cover image slider "dots" change color to highlight the current slide.
To test, apply the patch and rebuild the OPAC CSS.
- Enable multiple cover image sources in the OPAC including Coce, e.g.
Amazon, Google, OpenLibrary, etc.
- Search for a title which will match multiple cover image sources. In
the sample data a search for "Perl" will return good results.
- Note the number of cover images loading for a title in the search
results.
- View the detail page for that title. There should be the same number
of covers in the cover image slider.
- Clicking the slider navigation dots should work to show each image,
and the dot should change color to highlight the current image.
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Matt Blenkinsop [Mon, 31 Jul 2023 08:52:23 +0000 (08:52 +0000)]
Bug 33755: Set profile_id and add missing import
This patch adds a missed parameter (profile_id) in stage-marc-import.pl and also adds a missing import in the background job for staging marc files. This means that the profile used when importing can now be shown in the import batches table and also in batch details
Test plan:
1) Stage a record for import and make sure to save the import profile you use
2) Import a record using that profile
3) Navigate to Cataloging > Manage staged MARC records
4) In the Profile column, no value will be shown for the staged record
5) Click on the batch, the profile will be missing in this screen as well
6) Apply patch
7) Restart_all
8) Repeat steps 2-5, the profile name should be visible in both places
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Emmanuel Bétemps <e.betemps@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Wed, 19 Jul 2023 11:23:58 +0000 (11:23 +0000)]
Bug 34197: Group and label vendor contact settings
This patch changes the layout of vendor contact settings, both in the
entry form and in the detail view. Now acquisitions-specific contact
settings and serials-specific contact settings are grouped together and
labeled as such.
The patch also corrects some markup to make the display more consistent.
JS handling of some labels has been removed because the structure change
eliminated the need for a "for" attribute.
The patch also makes a minor unrelated change to the display of discount
percentages to ensure that a blank value doesn't display.
To test, apply the patch and go to Acquisitions -> New vendor.
- In the vendor entry form, in the "Contacts" section, you should see
two groups of checkboxes, "Acquisitions options" and "Serials
options." Confirm that the labels can be clicked to check checkboxes.
- Test the process of adding another contact and confirm that the
additional entry fields work correctly.
- Confirm that the "Primary acquisitions contact" and "Primary serials
contact" checkboxes act like radio buttons between the two contacts:
Checking the box under one contact should uncheck the same box under
the other contact.
- Confirm that all your data is saved correctly.
- Test the page during the edit process as well.
- View your updated vendor and confirm that the detail view looks
correct.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Thu, 27 Jul 2023 14:49:50 +0000 (14:49 +0000)]
Bug 34433: 'Custom cover image' in lightbox is untranslatable
In the staff interface, when viewing a custom cover image in the
lightbox, at the bottom, it says 'Custom cover image'. This string is
not translatable. The string is missing the _() i18n function.
This patch also corrects the "Coce image from Amazon.com" which was
missing the correct i18n function too.
If necessary, import the MARC records attached to this bug to use
in testing.
1. Enable CustomCoverImages
1.1. Go to Administration > System preferences
1.2. Search for CustomCoverImages
1.3. Select "Show" in CustomCoverImages
1.4. Set CustomCoverImagesURL to {956$u}
1.5. Click "Save all Enhanced content preferences"
2. Install a new language
2.1. gulp po:update --lang fr-CA
2.2. Search for "Custom cover image" and "Coce image from Amazon.com"
in fr-CA-staff-prog.po file, make sure it is translated
2.3. Install translations
./misc/translator/translate install fr-CA
2.4. In the staff interface, go to Administration > System
preferences
2.5. Search for language
2.6. Check the box next to the newly installed language
2.7. Click "Save all I18N/L10N preferences"
3. View the image in the lightbox in the staff interface
3.1. If using the attached records, search the catalog in the staff
interface for "As you like it";
If not using the file, add an image URL in 956$u, or finagle
something with CustomCoverImagesURL
3.2. Click on the title to view the detailed record
3.3. Click on the image to view it in the lightbox
Test the lightbox in the default English translation and in your
newly-translated language. In both cases the caption in the lightbox
footer should be correct.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Thu, 27 Jul 2023 15:12:12 +0000 (15:12 +0000)]
Bug 34434: Terminology: Biblio should be bibliographic
This patch corrects several more instances where the templates use the
term "biblio" where it should use "bibliographic."
To test, apply the patch and confirm that these instances read
correctly:
- About -> Special thanks... -> Mines Paristech: "bibliographic
frameworks"
- Acquisitions -> Vendor -> Receive shipments: "Record count" in the
table of shipments.
- Catalogue -> Bibliographic record details -> Labeled MARC: "Labeled
MARC record" heading.
- Circulation -> Holds to pull: Error message, "hold has been placed at
the bibliographic record level."
* I'm not sure how one can trigger this error message.
- Tools -> Log viewer -> Filter by "Catalog" and "Add": "Bibliographic
record..." link in the "Object" column.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Pedro Amorim [Mon, 24 Jul 2023 13:36:02 +0000 (13:36 +0000)]
Bug 34354: Fix progess typo
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Thu, 20 Jul 2023 12:16:22 +0000 (12:16 +0000)]
Bug 34322: Correct icon triggering more fund search options
This patch updates the budget/fund administration header search form so
that it uses the "fa-slider" Font Awesome icon instead of a folder icon.
This makes it consistent with other search forms which have a similar
set of additional options.
To test, apply the patch and go to Administration -> Budgets.
- The "Search funds" form should have the "fa-sliders" icon.
- Clicking it should trigger the expansion of the additional search
options.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Mon, 17 Jul 2023 08:35:22 +0000 (10:35 +0200)]
Bug 34292: (bug 33804 follow-up) Format "checked out on" date
Test plan:
1) Without applying this patch, issue an item to a patron and
notice that in the 'Checkouts' table the 'Checked out on'
date is of the form YYYY-MM-DD HH:MM:SS.
2) Apply this patch, restart Plack if necessary.
3) Refresh the patron 'Checkouts' table: this time the 'Checked
out on' date will observe the setting of your `dateformat`
System Preference.
4) Extra credit: repeat step 3) for different `dateformat`
settings, each time you should get a 'Checked out on' date
that matches the date format you chose.
Signed-off-by: Andreas Roussos <a.roussos@dataly.gr> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Fridolin Somers [Mon, 7 Aug 2023 23:11:14 +0000 (13:11 -1000)]
Bug 34493: Fix indenting in search_indexes.inc
Bug 32683 broke indenting in koha-tmpl/intranet-tmpl/prog/en/includes/search_indexes.inc
Not on purpose looks like.
Test plan :
1) Look at changes to validate indenting
2) Run prove xt/tt_valid.t
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Mon, 17 Jul 2023 16:42:13 +0000 (16:42 +0000)]
Bug 34289: Add missing class to one condition of the checkin template
The markup of the checkin template varies depending on the conditions of
the operation, and in one case the barcode field was missing the
"barcode" class. This patch adds it.
To test, apply the patch and make sure the finesMode system preference
is enabled.
- Go to returns.pl (/cgi-bin/koha/circ/returns.pl)
- Expand the the options so you see 'Forgive overdue charges'.
- Check that box and check in an item
- After checkin, the barcode field should keep the same style it had
before the transaction.
- Note: The yellow background of the input when the "Forgive" checkbox
is checked is to be expected.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 4 Aug 2023 15:13:36 +0000 (15:13 +0000)]
Bug 34469: Block editing for received order lines
When an already received order line is modified/edited,
we experience data loss. Most prominently, we will lose the
linked invoiceid. Therefore we should not allow editing an
order line that was already received. If something needs to be
changed, the receipt should be cancelled first.
To test:
* Create basket as standing order with items added in cataloguing
* Add an order line
* Receive shipment
* Go to the basket summary page, click on 'Modify'
* Change the actual cost
* Save
* Verify that the invoice is now empty
* In the database aqorders.invoiceid will be NULL
* Apply patch
* Receive another shipment for the standing order
* Go back to basket summary page
* Verify the 'Modify' link is no longer present
* Click 'Modify' on the unreceived order line
* Edit the URL parameter odernumber to have the number of an
already received order line
* Verify you see a nice error message:
This order cannot be edited, the basket is closed or the order was already received.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Laura Escamilla <laura.escamilla@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Nick Clemens [Thu, 3 Aug 2023 12:26:17 +0000 (12:26 +0000)]
Bug 34108: Preserve checked orders after item editing
The js that buils the new row after editing expects to receive a
value '_checked' indicating if theitem was selected. The 'item' variable
used to create the row after edit comes from the api and doesn't include this.
We need to inspect the previous html before building the new row to confirm the box wa checked
To test:
1 - Create a basket with 'items created on receive'
2 - Add an order line with multiple items to it
3 - Close basket
4 - Receive shipment
5 - Add invoice information
6 - Receive through receive link in the table
7 - Check some items
8 - Click on the "Edit" link and make some change to the item
9 - Save
10 - Checkboxes have disappeared
11 - Cancel receipt
12 - Apply patch
13 - Reload the page
14 - Repeat 7-9
15 - Checkbox is preserved
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34359: Remove unneeded module Koha/BiblioUtils/Iterator.pm with test
Test plan:
git grep BiblioUtils::Iterator
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle M Hall [Tue, 8 Aug 2023 11:07:34 +0000 (07:07 -0400)]
Bug 34494: Table tmp_holdsqueue fails to be created for MySQL 8
It appears that MySQL 8 rejects creating any table where the primary key is nullable. The table tmp_holdsqueue has a nullable pk ( itemnumber ) but there is no reason for this column to be nullable ( generating a holds queue entry with no itemnumber is not possible ) so it make sense to just remove the nullability for MySQL compatiability.
Test Plan:
1) Using MySQL 8.0, attempt to create a database from kohastructure.sql
If you use ktd, you can try: DB_IMAGE=mysql:8.0 ktd up
2) Note the failure to create the table
3) Apply this patch
4) Repeat step 1
5) The table is created!
Signed-off-by: David Nind <david@davidnind.com> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Jonathan Druart [Mon, 19 Jun 2023 08:15:20 +0000 (10:15 +0200)]
Bug 34056: Add -api-client suffit to authorised-values API client
In koha-tmpl/intranet-tmpl/prog/js/vue/fetch all files have the -api-client suffix but authorised-values. For consistency we should add it.
Test plan:
Go to the ERM module and confirm that dropdown lists are correctly
filled in with authorised values.
You can also inspect the console and confirm that a GET query to /authorised_value_categories is done
Sponsored-by: BULAC - http://www.bulac.fr/ Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Thu, 27 Jul 2023 16:11:54 +0000 (16:11 +0000)]
Bug 34436: Some breadcrumbs lack <span> for translatability
This patch modifies several templates which were updated recently so
that breadcrumbs markup could be built using template wrappers. The
patch wraps strings in <span> in cases where it is necessary to make
them translatable.
To test, apply the patch and view the following pages to confirm that
the breadcrumbs still show up correctly:
- Administration -> MARC bibliographic framework
- Add framework
- Edit framework
- Delete framework
- Administration -> Share content with Mana KB
- Administration -> Circulation and fine rules
- Authorities ->
- Add authority
- Edit authority
- Catalog -> Advanced search
- Bibliographic detail page
- Must have EasyAnalyticalRecords enabled.
- Edit -> Link to host record
- Patrons
- Reports -> Average loan time
- Serials -> Serials home
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34365: Add cancellation request flow to DELETE /holds
This patch adds a new `x-koha-override` header to allow enforcing the
cancellation request flow for waiting holds.
If the hold is not waiting, the header has no effect.
To test:
1. Apply the tests patch
2. Run:
$ ktd --shell
k$ prove t/db_dependent/api/v1/holds.t
=> FAIL: The endpoint doesn't implement the required logic
3. Apply this patch
4. Repeat 2
=> SUCCESS: Tests pass! The endpoint behavior is changed!
5. Sign off :-D
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Wed, 26 Jul 2023 10:35:28 +0000 (10:35 +0000)]
Bug 33909: (follow-up) QA fixes
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Tue, 6 Jun 2023 15:04:43 +0000 (15:04 +0000)]
Bug 33909: Improve translation of title tags: Administration
This patch updates administration templates so that title tags can be
more easily translated.
To test, apply the patch and confirm that the following
Administration pages have the correct title tags:
- Libraries
- Library groups
- Item types
- Authorized values
- Patron categories
- Circulation and fines rules
- Patron attribute types
- Library transfer limits
- Library transfer limits advanced editor
- Transport cost matrix
- Item circulation alerts
- Cities and towns
- Curbside pickup
- Patron restriction types
- Debit types
- Credit types
- Cash registers
- Manage plugins
- Manage jobs
- MARC bibliographic framework
- Koha to MARC mapping
- MARC Bibliographic framework test
- Authority types
- Classification configuration
- Record matching rules
- Record overlay rules
- OAI sets configuration
- Item search fields
- Search engine configuration
- Currencies and exchange rates
- Budgets
- Funds
- EDI accounts
- Library EANs
- Network Printers
- Identity providers
- Z39.50/SRU servers
- SMTP servers
- Did you mean?
- Table settings
- Audio alerts
- Share your usage statistics
- Share content with Mana KB
- Additional fields
- Keyboard shortcuts
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Owen Leonard [Mon, 24 Jul 2023 11:11:56 +0000 (11:11 +0000)]
Bug 34345: 'Circulation and fine rules' vs 'Circulation and fines rules'
This patch corrects two instances of the phrase "Circulation and fines
rules" in favor of the more common "Circulation and fine rules" for
consistency's sake.
To test, apply the patch and go to Administration.
- In the description under the "Circulation and fine rules" link it
should read, "Define circulation and fine rules..."
- Open the Circulation and fine rules page and confirm that the link in
the sidebar menu is correct.
Signed-off-by: Caroline Cyr La Rose <caroline.cyr-la-rose@inlibro.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Emily Lamancusa [Wed, 9 Aug 2023 16:29:35 +0000 (12:29 -0400)]
Bug 34470: Initialize random seed after spawning a child worker process
When background_jobs_worker.pl spawns a new child process, it needs to
explicitly reinitialize the random seed - otherwise each child process
will inherit the same random seed from the parent process, and any
randomization will produce identical results each time.
This patch adds a call to srand immediately after the fork to
reinitialize the seed. Note that child processes should not call
srand with no parameter anywhere else, as the Perl documentation
indicates that srand should not be called with no parameter more than
once per process.
To test:
1. Apply the logging patch only
2. Set system preferences:
a. RealTimeHoldsQueue -> Enable
b. RandomizeHoldsQueueWeight -> in random order
3. Watch the logs for the staff interface
in ktd:
ktd --shell
koha-intra-err
4. Place a hold. Note that the logs display the branch list before and
after it is randomized.
5. Place some more holds. Note that the branch order after randomization
is identical each time.
6. Apply both patches and restart_all
7. Repeat steps 3-5.
-> Note that the branch order before randomization hasn't changed
-> Note that the branch order after randomization is now different
each time.
Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Bug 34117: Remove side effect from get_expiry_date
If get_expiry_date is passed a DateTime object as a parameter,
it modifies and returns the original object. When memberentry.pl
prefills the input fields for duplicating a patron, it passes the
enrollment date object to get_expiry_date. This causes the enrollment
date object to be modified with the expiry date value.
This patch modifies get_expiry_date to clone the DateTime object that it
receives as a parameter and return the clone, so that references to an
enrollment date object can be passed in safely.
To test:
1. Have or make a patron
2. Duplicate that patron
3. Before saving the new patron, scroll down to Registration Date and
see that it's defaulting to a date in the future.
4. Apply patch and restart_all
5. Try duplicating a patron again
6. Registration Date should correctly set to today
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org> Signed-off-by: Lucas Gass <lucas@bywatersolutions.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Julian Maurice [Mon, 17 Jul 2023 09:10:07 +0000 (11:10 +0200)]
Bug 34155: Hide 'Next available' at OPAC when item-level hold is forced
This was a regression caused by bug 24860
Test plan:
1. Set up circulation rules so that OPAC users can place holds only on
specific items ("OPAC item level holds" = "force")
2. Try to place a hold at OPAC. The "Next available item" option should
not appear.
3. Set "OPAC item level holds" to "allow"
4. Try to place a hold at OPAC. The "Next available item" option should
appear
Signed-off-by: Owen Leonard <oleonard@myacpl.org> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 14 Jul 2023 09:17:27 +0000 (09:17 +0000)]
Bug 34269: (QA follow-up) Add missing TT filters
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Thu, 13 Jul 2023 16:01:07 +0000 (17:01 +0100)]
Bug 34269: Convert to using codes in select compares
This patch updates the logic in smart rules to compare option values to
codes as apposed to option texts to value descriptions.
0. Apply patch
1. Install another language in the staff interface
1. ./translate install xx-XX
2. Check the box of the language in the 'language' system preference
3. Refresh
2. Create an item type with a parent
1. Go to Administration > Item types
2. Create a new item type or modify an existing one, assigning a parent type
Example: Create a 'Children's books' itemtypetype
and assig 'Books' as its parent
3. Create a third item type with the same description but something added in ():
Example: 'Children's books (3-5)'
3. Create a circulation rule for the parent type
Example: All/Books, with 2 checkouts allowed
4. Create a circulation rule for:
All/All with 3 checkouts allowed
5. In English, click on "Edit" next to the parent type rule (All/Books)
--> Note that the item type in the bottom row (the modifiable row) is changed to 'Books (All)'
6. Modify the number of checkouts allowed (e.g. 99)
--> The All/Books rule is modified
7. Switch the interface to the other language
8. Click on "Edit" next to the parent type rule (All/Books)
--> The All/Books rule is modified
9. Add rules for Children's books and Children's books (3-5)
10. Click on "Edit" next to each rule and change a value
--> Verify that the changed values are always saved for the correct rule
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 4 Aug 2023 14:29:11 +0000 (14:29 +0000)]
Bug 34452: Restore fund label and 'Update adjustments' button
This patch fixed 2 small and recent regressions:
* The "Update adjustments" button used to always display. It's
required to save a new first adjustment, but also to save
changes to existing adjustments edited inline. It now would
only display after "Add adjustments" was clicked. We retore
to display it always. (bug 32746)
* We have several "Fund" pull downs on this page, but they are
for different things and require different labelling.
"Fund" was changed to "Shipping fund" which matches at the top,
but doesn't work for the adjustments table and single adjustment
form. Now we use "Shipping fund" "Fund" and no label in the table
as the table header covers it there. (bug 33721)
To test.
* Add a vendor
* Receive shipment
* Add invoice and save
* Click on "Finish receiving"
* Verify the button "Update adjustments" appears after clicking
"Add new adjustment"
* Verify the button is gone after you clicked it and the table shows
* Change something in the table - no button to save change :(
* Apply patch
* Repeat steps, button "Update adjustments" should not always be
visible.
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Michaela Sieber <michaela.sieber@kit.edu> Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Fri, 21 Jul 2023 14:39:07 +0000 (14:39 +0000)]
Bug 30451: Update FK constraint on aqorders.subscriptionid
This updates the FK constrant from ON DELETE CASCADE to ON DELETE
SET NULL. This means that if a subscription linked to an order is
deleted, we no longer will also delete the order, but we will just
set subscrptinid in the order to NULL. This will avoid data loss
that can cause the budgets/funds not to add up anymore with the
real espenses of the library.
To test:
Preparation:
* Create 2 subscriptions on different records
* Create a new basket
* Use the "order from subscription" functionality to create order
lines for both of your subscriptions
* Close basket
Without patch:
* Delete the first subscription
* Verify the order line for this subscription is gone from your basket
Apply patch:
* Run database update and restart_all
* Delete the second subscription
* Verify the order line now remained in the basket
Pedro Amorim [Mon, 19 Jun 2023 14:24:30 +0000 (14:24 +0000)]
Bug 34059: Add only issues from the branch that is creating the notice
Test plan, on k-t-d
1) Go to 'my account' on top right user menu
2) On 'Patron messaging preferences', click 'Edit'
3) On the 'Item due' row, check the 'Email' and 'Digests only' checkboxes and save
4) On the top search bar, press 'Check out' and enter '42' (koha user cardnumber)
5) On the checkout input bar, enter 39999000001372 and press checkout
7) Go to 'Set library' on top right user menu and pick a different library
8) Repeat step 4), then, on the checkout input, enter 39999000004571 and press checkout
9) Verify that this user now has 2 items checked out, from 2 different libraries at /cgi-bin/koha/circ/circulation.pl?borrowernumber=51
9) Run the following 2 queries to force the due_date to be equal to 'today's' date for both issues:
NOTE: change the YYYY-MM-DD below to whatever day it is you're running this test plan
UPDATE issues SET date_due = '2023-06-19 23:59:00' where issue_id = 1;
UPDATE issues SET date_due = '2023-06-19 23:59:00' where issue_id = 2;
10) Run the cronjob:
./koha/misc/cronjobs/advance_notices.pl -c --digest-per-branch
11) Verify that two DUEDGEST notices were created, one per each library, but both notices contain both issues:
SELECT letter_code, time_queued, content FROM message_queue ORDER BY message_id DESC LIMIT 2;
12) Apply patch, then do 10) and 11) again
13) Verify that each notice only contains the issue for its respective library
Signed-off-by: Sam Lau <samalau@gmail.com> Signed-off-by: Stephen Graham <s.graham4@herts.ac.uk> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Katrin Fischer [Sat, 29 Jul 2023 21:14:39 +0000 (21:14 +0000)]
Bug 34387: (QA follow-up) Fix display of 'Import batches'
Fixes the heading and sidebar display of the 'Import batches'
section.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Edit: I removed the wrongly introduced import_batches.yaml file Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Wed, 26 Jul 2023 06:15:56 +0000 (07:15 +0100)]
Bug 34387: (follow-up) Minor spelling and quoting fixes
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This patch aims to make our API docs be more consistent.
It addresses two particular things:
* There's no consistency on the `tags` used across the spec, and not all
of them are correctly described and have an `x-displayName` entry.
More on this later.
* This are not sorted either by some for of grouping, or at least
alphabetically.
For the former, I did my best trying to harmonize (specially on the ERM
front) with what we do in the rest of the use cases.
For the latter, I opted for sorting everything alphabetically, as a
first step. Hoping someone else could work on grouping things.
To test (ON YOUR HOST MACHINE):
1. On current master run:
$ cd api/v1/swagger
$ docker run --rm -v $(pwd):/api --workdir /api redocly/cli \
build-docs swagger.yaml --output index.html
=> SUCCESS: It doesn't break or anything
2. Open your browser, open the generated api/v1/swagger/index.html file
=> FAIL: The left column has
* several lower case entries
* not everything is correctly grouped (ERM? packages?)
* Things are not sorted. There's an attempt but looks messy
3. Apply this patch
4. Repeat 1 and 2
=> SUCCESS: Things look much better!
5. Sign off :-D
CAVEAT1: I'm not sure why, but import_batches doesn't work. Ideas are
welcome, I'll keep looking for fixes.
CAVEAT2: I don't have enough eHoldings background to weight in, but I
feel like 'ERM eHoldings packages' could just be 'ERM packages'.
Follw-up patches with better ideas are welcome.
CAVEAT3: Patron credits, debits, balance... They could all go in to
'Patrons accounts' or similar. Open to ideas.
CAVEAT4: Old redocly didn't support mapping an endpoint to more than one
target section. Something to explore if we want (for example) to reach
'credits' through the 'Patrons' section but also from 'Accounting'.
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Tue, 6 Jun 2023 03:48:06 +0000 (03:48 +0000)]
Bug 33881: Clear self-check JWT during auth kick out
This patch clears the JWT cookie during auth kick out (ie
when a web user navigates from the self-check out/in to
the rest of Koha).
Test plan:
0. Apply patch and koha-plack --reload kohadev
1. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
2. Log in as the "koha" user
3. In another tab, go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
4. Go to http://localhost:8080/cgi-bin/koha/opac-search.pl?idx=&q=a&weight_search=1
5. Note that you are prompted to "Log in to your account" via the normal Koha prompt
6. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
7. Note that you are prompted to "Log in to your account" within the "Self checkout system",
and note that your self-checkout session for the "koha" user has *not* persisted like
it did before the patch was applied
Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org> Signed-off-by: Nick Clemens <nick@bywatersolutions.com> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Kyle M Hall [Thu, 27 Jul 2023 11:45:57 +0000 (07:45 -0400)]
Bug 30524: (QA follow-up) Only generate CSRF token if it will be used
This patch avoids generating CSRF tokens unless the csrf-token.inc file
is included in the template.
Passed token doesn't need HTML escaped. The docs for WWW::CSRF state:
The returned CSRF token is in a text-only form suitable for inserting into a HTML form without further escaping (assuming you did not send in strange things to the Time option).
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
i.e. `">test<a ...` was successfully injected into the HTML.
I'm attaching a quick patch I've used to patch up our instance. It just indiscriminately URI-escapes all parameter keys. I didn't decode them back since as far as I understand all valid keys do not contain special characters.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Martin Renvoize [Thu, 16 Sep 2021 14:13:23 +0000 (15:13 +0100)]
Bug 22990: Fix for shelves table
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Amit Gupta [Wed, 22 Jan 2020 16:07:22 +0000 (21:37 +0530)]
Bug 22990: Add CSRF protection to boraccount, pay and suggestion
Signed-off-by: David Cook <dcook@prosentient.com.au> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Test plan would have been nioe.
Tested by changing MAX_AGE with suggestions. Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
David Cook [Tue, 25 Jul 2023 05:18:00 +0000 (05:18 +0000)]
Bug 34368: Add CSRF token to Content Management pages
This change adds a CSRF token to the Content Management pages
at additional-contents.pl.
Test plan:
0. Apply patch
1. koha-plack --restart kohadev
2. Try to add "News", "HTML customizations", and "Pages".
3. Try to delete these new content entries
4. Note that you were successful in your endeavours
JD amended patch: remove empty line removal (no need to create
unecessary conflicts)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl> Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>