]> git.koha-community.org Git - koha.git/log
koha.git
8 months agoBug 34478: op-cud - Trick CGI directly
Jonathan Druart [Thu, 21 Sep 2023 10:00:17 +0000 (12:00 +0200)]
Bug 34478: op-cud - Trick CGI directly

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: op-cud - Rename op with op-cud in templates
Jonathan Druart [Thu, 21 Sep 2023 08:50:07 +0000 (10:50 +0200)]
Bug 34478: op-cud - Rename op with op-cud in templates

This is the result of
  perl rename_op_with_op-cud.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: op-cud - Adjust C4::Auth code
Jonathan Druart [Thu, 21 Sep 2023 08:23:41 +0000 (10:23 +0200)]
Bug 34478: op-cud - Adjust C4::Auth code

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Move C4::Auth check
Jonathan Druart [Thu, 21 Sep 2023 07:59:09 +0000 (09:59 +0200)]
Bug 34478: Move C4::Auth check

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Remove check_csrf from pl files
Jonathan Druart [Fri, 4 Aug 2023 09:37:52 +0000 (11:37 +0200)]
Bug 34478: Remove check_csrf from pl files

We should no longer need to check CSRF token from pl files

TODO - there is a change for some files where we returned 403

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Check CSRF in get_template_and_user
Jonathan Druart [Fri, 4 Aug 2023 09:32:27 +0000 (11:32 +0200)]
Bug 34478: Check CSRF in get_template_and_user

Not sure this is the right place in get_template_and_user
Will have to test login and 2FA

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Add 'op' to opac-passwd
Jonathan Druart [Fri, 4 Aug 2023 09:13:14 +0000 (11:13 +0200)]
Bug 34478: Add 'op' to opac-passwd

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Add 'op' to opac-user.tt
Jonathan Druart [Fri, 4 Aug 2023 09:06:16 +0000 (11:06 +0200)]
Bug 34478: Add 'op' to opac-user.tt

Bug 34478: [TO SQUASH] Add 'op' to opac-user.tt

Bug 34478: [TO SQUASH] Add 'op' to opac-user.tt

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Add missing CSRF token to POST forms
Jonathan Druart [Fri, 12 Jan 2024 14:00:48 +0000 (15:00 +0100)]
Bug 34478: Add missing CSRF token to POST forms

This is the result of
  % perl csrf_add_missing_csrf.pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Remove generate_csrf from pl
Jonathan Druart [Fri, 4 Aug 2023 09:15:54 +0000 (11:15 +0200)]
Bug 34478: Remove generate_csrf from pl

We do not longer need to generate_csrf from pl files

TODO - members/boraccount.tt and sco/sco-main.tt needs to be adjusted

Bug 34478: [TO SQUASH] Remove generate_csrf from pl

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Replace csrf_token input with include file - manual
Jonathan Druart [Fri, 4 Aug 2023 08:57:42 +0000 (10:57 +0200)]
Bug 34478: Replace csrf_token input with include file - manual

A couple of left not caught by the previous regex

Still TODO:
% git grep csrf_token **/*.inc **/*.tt
still shows example that needs to be replaced, later (because we use GET)

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Replace csrf_token input with include file
Jonathan Druart [Fri, 4 Aug 2023 08:56:50 +0000 (10:56 +0200)]
Bug 34478: Replace csrf_token input with include file

perl -p -i -n -e 's#<input type="hidden" name="csrf_token" value="\[% csrf_token \| html %]" />#[% INCLUDE '\''csrf-token.inc'\'' %]#g' **/*.tt **/*.inc

This should have actually been done at the same time as
  "Bug 30524: (QA follow-up) Only generate CSRF token if it will be used"

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34478: Replace get with post when needed
Jonathan Druart [Fri, 4 Aug 2023 08:32:17 +0000 (10:32 +0200)]
Bug 34478: Replace get with post when needed

This is what has been marked as done in "csrf_get.txt"

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35955: Add tests
Jonathan Druart [Tue, 27 Feb 2024 07:56:24 +0000 (08:56 +0100)]
Bug 35955: Add tests

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35955: Cache CSRF token in template plugin
David Cook [Tue, 27 Feb 2024 06:05:24 +0000 (06:05 +0000)]
Bug 35955: Cache CSRF token in template plugin

This change uses the Koha::Cache::Memory::Lite cache to
cache the CSRF token, so that it is only generated once,
and is re-used by the Koha::Template::Plugin::Koha object
throughout the entire template processing for the HTTP request.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36098: Default to 'file' if pref does not exist
Jonathan Druart [Wed, 21 Feb 2024 08:42:16 +0000 (09:42 +0100)]
Bug 36098: Default to 'file' if pref does not exist

During the installer process there is a bunch of warnings
  "Use of uninitialized value $storage_method in string eq at"

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36098: (follow-up) extend test to check driver
David Cook [Thu, 15 Feb 2024 23:07:02 +0000 (23:07 +0000)]
Bug 36098: (follow-up) extend test to check driver

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36098: Fix storage_method pass
David Cook [Thu, 15 Feb 2024 22:49:19 +0000 (22:49 +0000)]
Bug 36098: Fix storage_method pass

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36098: Allow to pass storage_method
Jonathan Druart [Thu, 15 Feb 2024 13:05:21 +0000 (14:05 +0100)]
Bug 36098: Allow to pass storage_method

Will need this on follow-up bugs.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36098: (QA follow-up) Add POD to Koha::Session
Martin Renvoize [Thu, 15 Feb 2024 11:53:02 +0000 (11:53 +0000)]
Bug 36098: (QA follow-up) Add POD to Koha::Session

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36098: Add Koha::Session module to ease session handling
David Cook [Thu, 15 Feb 2024 02:49:18 +0000 (02:49 +0000)]
Bug 36098: Add Koha::Session module to ease session handling

This patch adds a Koha::Session module that makes it easier
to work with Koha sessions without needing the full C4::Auth module.

Test plan:
0. Apply the patch
1. Run the following unit tests:
prove ./t/db_dependent/Auth.t
prove ./t/db_dependent/Auth_with_cas.t
prove ./t/db_dependent/Koha/Session.t
2. Observe that they all pass

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35935: Ensure login branch will be used after incorrect login
Jonathan Druart [Tue, 30 Jan 2024 08:02:19 +0000 (09:02 +0100)]
Bug 35935: Ensure login branch will be used after incorrect login

If a different branch is selected after an incorrect login, the previous
branch will be used.

To recreate:
* login with foo/bar, select CPL => FAIL
* login with koha/koha, select another branch => OK but CPL is picked!

It was caused by a dup of "branch" in CGI param list (and first was
picked).

This patch patch also removes "koha_login_context" to not have it twice.
You can also open the source of the page to confirm that form#loginform
contains "branch" and "koha_login_context" in hidden inputs.

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested in KTD. Works as advertised.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36092: Pass sessionID at the end of get_template_and_user
Jonathan Druart [Wed, 14 Feb 2024 08:45:45 +0000 (09:45 +0100)]
Bug 36092: Pass sessionID at the end of get_template_and_user

It seems safer to pass the logged in user and session info at the end of
the sub.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36092: Pass the sessionID from checkauth if we hit auth
Jonathan Druart [Wed, 14 Feb 2024 09:33:11 +0000 (10:33 +0100)]
Bug 36092: Pass the sessionID from checkauth if we hit auth

If we hit the auth page we were not passing sessionID to the template

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36092: Add test
Jonathan Druart [Wed, 14 Feb 2024 09:56:17 +0000 (10:56 +0100)]
Bug 36092: Add test

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35918: Fix auto library connect (AutoLocation)
Jonathan Druart [Fri, 26 Jan 2024 07:58:17 +0000 (08:58 +0100)]
Bug 35918: Fix auto library connect (AutoLocation)

This code is a bit weird, its purpose it to auto select the library depending on the IP.
A problem appears if the same IP is used, then the user's choice will
might be overwritten randomly by another library.

To recreate the problem:
Turn on AutoLocation
Use koha/koha @CPL for test
And the following config:
*************************** 1. row ***************************
branchcode: CPL
branchname: Centerville
  branchip: 172.18.0.1
*************************** 2. row ***************************
branchcode: FFL
branchname: Fairfield
  branchip: 172.18.0.1
*************************** 3. row ***************************
branchcode: FPL
branchname: Fairview
  branchip: 172.18.0.4

Connect and select CPL. Randomly FFL will be picked instead.

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested this on top of 35890 and 35904 because git bz said they were required dependencies.
Figured out the IP Koha was seeing me as coming from in /var/log/koha/kohadev/plack.log.
Added that IP to the branchip for Centerville, Fairfield and Fairview. Set AutoLocation = Yes.
After this I could recreate the problem: If i left the "Library" field in the login screen
at "My Library" I got logged into a random library selected from the three i had set
branchip for. Applying the patches fixed this, as expected.
Tests pass, with AutoLocation off.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35918: Add test
Jonathan Druart [Fri, 26 Jan 2024 07:57:03 +0000 (08:57 +0100)]
Bug 35918: Add test

Signed-off-by: Magnus Enger <magnus@libriotech.no>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35890: Add tests for AutoLocation
Jonathan Druart [Thu, 25 Jan 2024 08:36:01 +0000 (09:36 +0100)]
Bug 35890: Add tests for AutoLocation

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35890: Reject login if IP is not valid
Jonathan Druart [Wed, 24 Jan 2024 15:25:30 +0000 (16:25 +0100)]
Bug 35890: Reject login if IP is not valid

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35904: (QA follow-up): tidy up code
Victor Grousset/tuxayo [Thu, 15 Feb 2024 03:18:37 +0000 (04:18 +0100)]
Bug 35904: (QA follow-up): tidy up code

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35904: Make C4::Auth::checkauth testable easily
Jonathan Druart [Thu, 25 Jan 2024 09:35:41 +0000 (10:35 +0100)]
Bug 35904: Make C4::Auth::checkauth testable easily

This patch suggests to add a new flag do_not_print to
C4::Auth::checkauth to not print the headers and allow to test this
subroutine more easily.

We do no longer need to mock safe_exit and redirect STDOUT to test its
return values.

There are still 3 left:
1.
733         # checkauth will redirect and safe_exit if not authenticated and not authorized
=> Better to keep this one, not trivial to replace

2.
806         # This will fail on permissions
This should be replaced but testing $template->{VARS}->{nopermission}
fails, I dont' think the comment is better.

3.
828         # Patron does not have the borrowers permission
Same as 2.

2. and 3. should be investigated a bit more.

This patch also move duplicated code to set patron's password to a
subroutine set_weak_password.

Test plan:
Read the code and confirm that everything makes sense.
QA: Do you have a better way for this? Yes it's dirty!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35904: Remove var loggedin
Jonathan Druart [Wed, 24 Jan 2024 15:24:51 +0000 (16:24 +0100)]
Bug 35904: Remove var loggedin

It is never used and add confusion

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36019: Remove dead code in tags/review
Jonathan Druart [Wed, 7 Feb 2024 14:54:28 +0000 (15:54 +0100)]
Bug 36019: Remove dead code in tags/review

Since bug 20489 it is no longer possible to login with the DB user.
At the time, get_template_and_user returned borrowernumber=0 in this case.

In tags/review.pl we have:
  $borrowernumber == 0 and push @errors, {op_zero=>1};

This condition is never met, and op_zero related code can be removed in the template.

Test plan:
Confirm the above

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 36017: Remove dead code in admin/clone-rules
Jonathan Druart [Wed, 7 Feb 2024 14:42:40 +0000 (15:42 +0100)]
Bug 36017: Remove dead code in admin/clone-rules

Since
  commit 61628c97c245e72c750b61d9df6fa9b9100f3093
  Bug 18936: (follow-up) Add cloning of circulation rules back to Koha

There are some dead code in admin/clone-rules.

"result" is always passed to the template.

Test plan:
Confirm the above and that cloning rules from the circ rules page still
works correctly.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35949: Remove useless code pointing to branchreserves.pl in request.tt
Jonathan Druart [Tue, 30 Jan 2024 15:40:17 +0000 (16:40 +0100)]
Bug 35949: Remove useless code pointing to branchreserves.pl in request.tt

messagetransfert is never set (it is from circ/waitingreserves.pl, `git grep messagetransfert`) and branchreserves.pl does not exist!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34426: (QA follow-up) Polishing xt script
Marcel de Rooy [Fri, 23 Jun 2023 09:56:40 +0000 (09:56 +0000)]
Bug 34426: (QA follow-up) Polishing xt script

Test plan:
Run it again. Same results?

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 34426: Add xt/find-missing-csrf.t
Martin Renvoize [Wed, 16 Jun 2021 10:04:42 +0000 (11:04 +0100)]
Bug 34426: Add xt/find-missing-csrf.t

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
8 months agoBug 35930: Add guards for plugins_enabled
Andreas Jonsson [Mon, 12 Feb 2024 11:16:02 +0000 (11:16 +0000)]
Bug 35930: Add guards for plugins_enabled

The 'new' method in Koha::Plugins returns undefined if
plugins are disabled.  Therefore, calls to this method
must be guarded by a check that plugins actually are enabled.

Test plan:

* Code inspection of patch, alternatively
* Activate the ill system by installing a backend such as
  koha-illbackend-libris:
  https://github.com/Libriotech/koha-illbackend-libris
* Make sure plugins are disabled in koha-conf.xml
* In the staff interface, go to ILL requests.
* The page should load without getting an error 500.

PA amended commit message: This is not related to ILL backends being plugins or not
This is about ILL batches, where checking for metadata enrichment plugins was missing 'enable_plugins' guard
Additionally, unrelated to batches, it's also about ILLAvailability, where checking for ILL availabililty plugins was missing enable_plugins guard

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Hans PÃ¥lsson <hans.palsson@hkr.se>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
8 months agoBug 35518: Tidy the moved blocks
Martin Renvoize [Thu, 8 Feb 2024 15:55:43 +0000 (15:55 +0000)]
Bug 35518: Tidy the moved blocks

This patch just tidies the moved blocks to get us past the QA script
check.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
8 months agoBug 35518: Check authentication and set userenv before fetching userenv variables
Nick Clemens [Fri, 26 Jan 2024 14:10:01 +0000 (14:10 +0000)]
Bug 35518: Check authentication and set userenv before fetching userenv variables

Currently we get the userenv before we have set it correctly for the session

To test:
 1 - Sign in as a user with fast cataloging permission
 2 - Bring up a patron, type gibberish into barcode field to get a fast cataloging link
 3 - Check the link, it should have your current signed in barcode
 4 - Sign in to a different browser with a different user and at a different branch
 5 - Bring up a aptron in circulation and type gibberish into barcode field to get a fast cataloging link
 6 - It may have your branch, but it may also have the other user's branch from the other window
 7 - Keep entering gibberish to get a link until one user has the correct branch
 8 - Then switch to the other browser, and keep entering gibberish, watch the branchcode change
 9 - Apply patch, restart all
10 - Test switching between browsers. generating fast cataloging links
11 - Users should now consistently have the correct branch

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
8 months agoBug 36034: Add test
Jonathan Druart [Wed, 14 Feb 2024 07:49:33 +0000 (08:49 +0100)]
Bug 36034: Add test

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
8 months agoBug 36034: (bug 34893 follow-up) fix capture of return values from checkpw
Andreas Jonsson [Thu, 8 Feb 2024 10:57:03 +0000 (11:57 +0100)]
Bug 36034: (bug 34893 follow-up) fix capture of return values from checkpw

Adapt code to the change of return value type of checkpw
introduced in bug 34893

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
8 months agoBug 29002: Remove whitespace only lines
Martin Renvoize [Thu, 11 Jan 2024 11:14:27 +0000 (11:14 +0000)]
Bug 29002: Remove whitespace only lines

Jonathan highlighted some trailing whitespace.. I only see a few cases
where a line only contains whitespace and I didn't see these caught by
the QA script at the time of submission.

Anyway, this removes the spaces

8 months agoBug 35962: (bug 35843 follow-up 2) Fix BackgroundJob.t on D10
Jonathan Druart [Tue, 6 Feb 2024 07:32:31 +0000 (08:32 +0100)]
Bug 35962: (bug 35843 follow-up 2) Fix BackgroundJob.t on D10

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
9 months agoBug 34893: Unit tests for C4::Auth::checkpw
Tomas Cohen Arazi [Fri, 15 Dec 2023 13:54:11 +0000 (10:54 -0300)]
Bug 34893: Unit tests for C4::Auth::checkpw

This patch introduces some tests on the current (and new) behavior for
the `checkpw` function.

I needed it to better understand if an edge case was actually possible
(it wasn't).

Found a really minor annoyance for the internal check with expired
password not returning the $patron object for consistency with the other
use cases.

I think this method deserves (at least) changing the return value to a
sane data structure. But that's not target for backporting to stable
releases. So a separate bug.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34893: (QA follow-up) Tidy code for qa script
Kyle M Hall [Fri, 1 Dec 2023 11:29:19 +0000 (06:29 -0500)]
Bug 34893: (QA follow-up) Tidy code for qa script

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34893: Add checkpw change to REST API
David Cook [Tue, 28 Nov 2023 22:57:39 +0000 (22:57 +0000)]
Bug 34893: Add checkpw change to REST API

This patch adds the checkpw return value change to the REST API
route for validating user identifiers and password.

Test plan:
0. Apply patch
1. prove t/db_dependent/api/v1/password_validation.t

Bonus points:
1. koha-plack --reload kohadev
2. Enable syspref RESTBasicAuth
3. curl -XPOST -H "Content-Type: application/json" \
-u <staff_userid>:<staff_password> \
-d '{"identifier":"<cardnumber>","password":"<password>"}' \
http://localhost:8081/api/v1/auth/password/validation
4. Validation doesn't fail. It gives you cardnumber, patron_id, userid

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34893: ILS-DI can return the wrong patron for AuthenticatePatron
Kyle M Hall [Fri, 22 Sep 2023 18:20:59 +0000 (14:20 -0400)]
Bug 34893: ILS-DI can return the wrong patron for AuthenticatePatron

Imagine we have a set of users. Some of those users have a NULL userid. We then call AuthenticatePatron from ILS-DI for a patron with a NULL userid, but a valid cardnumber. We call checkpw, which returns the cardnumber and userid. We then call Koha::Patrons->find on the userid *which is null*, meaning the borrowernumber returned is not the correct one, but instead the earliest patron inserted into the database that has a NULL userid.

Test Plan:
1) Give three patrons a userid and a password
2) From the database cli, set all patrons's userid to null
   Run this query: update borrowers set userid = null;
3) Call AuthenticatePatron with username being the 1st patron cardnumber,
   and password being the password you set for that patron
   http://localhost:8080/cgi-bin/koha/ilsdi.pl?service=AuthenticatePatron&username=kohacard&password=koha
4) Note you get back a borrowernumber for a different patron. Refresh the page and the number is correct.
5) Do the same with the 2nd patron. Same issue at 1st and correct number after.
6) Apply this patch
7) Restart all the things!
8) Do the same with the 3rd patron.
9) Note you get the correct borrowernumber! :D
10) prove t/Auth.t t/db_dependent/Auth_with_ldap.t t/Auth_with_shibboleth.t t/db_dependent/Auth_with_cas.t

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34893: Add unit tests
Kyle M Hall [Wed, 29 Nov 2023 17:18:32 +0000 (17:18 +0000)]
Bug 34893: Add unit tests

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: (follow-up): Tell the tests to wait for the intercepted request responses
Matt Blenkinsop [Fri, 2 Feb 2024 10:29:06 +0000 (10:29 +0000)]
Bug 32474: (follow-up): Tell the tests to wait for the intercepted request responses

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35962: (bug 35843 follow-up) Fix BackgroundJob.t on D10
Jonathan Druart [Wed, 31 Jan 2024 15:44:47 +0000 (16:44 +0100)]
Bug 35962: (bug 35843 follow-up) Fix BackgroundJob.t on D10

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35940: Close modal before typing
Matt Blenkinsop [Wed, 31 Jan 2024 16:36:27 +0000 (16:36 +0000)]
Bug 35940: Close modal before typing

Tests currently fail due to a modal remaining open. This patch closes the modal to make the tests pass

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35940: (bug 35477 follow-up) Fix cypress tests
Jonathan Druart [Tue, 30 Jan 2024 13:30:31 +0000 (14:30 +0100)]
Bug 35940: (bug 35477 follow-up) Fix cypress tests

AssertionError: Timed out retrying after 10000ms: Expected to find element: `main div[class='dialog message']`, but never found it.

We moved from message to alert.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35506: Move the checkouts table load delay logic out of document ready
Jonathan Druart [Tue, 23 Jan 2024 15:04:32 +0000 (16:04 +0100)]
Bug 35506: Move the checkouts table load delay logic out of document ready

== Test plan ==
0. Have Selenium running
   ktd --selenium up
1. prove t/db_dependent/selenium/regressions.t
2. It should still work

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34862: (follow-up) Fix some misplaced messages and add missing
Owen Leonard [Thu, 9 Nov 2023 18:06:03 +0000 (18:06 +0000)]
Bug 34862: (follow-up) Fix some misplaced messages and add missing

This patch fixes some templates where the messages include was appearing
in the wrong place, for instance above the left-hand sidebar instead of
at the top of the main content.

The patch also adds the new include to some templates which lacked it.

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34862: Manual changes
Jonathan Druart [Thu, 21 Sep 2023 13:12:45 +0000 (15:12 +0200)]
Bug 34862: Manual changes

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34862: Add messages.inc
Jonathan Druart [Thu, 21 Sep 2023 13:08:54 +0000 (15:08 +0200)]
Bug 34862: Add messages.inc

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34862: Include messages.inc
Jonathan Druart [Thu, 21 Sep 2023 13:10:48 +0000 (15:10 +0200)]
Bug 34862: Include messages.inc

Generated using `perl add_blocking_errors.pl`

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34862: Remove blocking_errors where there is no main
Jonathan Druart [Thu, 21 Sep 2023 12:13:22 +0000 (14:13 +0200)]
Bug 34862: Remove blocking_errors where there is no main

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 18397: (follow-up) Some tiny style and spelling changes
Katrin Fischer [Wed, 31 Jan 2024 12:55:01 +0000 (12:55 +0000)]
Bug 18397: (follow-up) Some tiny style and spelling changes

* cc is an abbreviation, so updated to CC
* Adding consistency with punctuation for error messages
* Updated a borrower to patron

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 18397: Add message delivery details to the notices tab
Martin Renvoize [Wed, 8 Nov 2023 16:41:02 +0000 (16:41 +0000)]
Bug 18397: Add message delivery details to the notices tab

This patch adds further delivery details to the notices tab in patron
details in the staff client.

Once a message is sent, we display the 'from:', 'to:' and 'cc:'
addresses in the 'Delivery note' column when they exist.

Test plan
1. Enable KTD to send email [1] (without email configured the
   delivery note displayed "Unhandled email failure, check the logs for
   further details").

2. Add email addresses to two patrons and to KohaAdminEmailAddress,
   and run misc/cronjobs/process_message_queue.pl after generating
   notices.

3. For the two patrons with email addresses, make one a guarantor.

4. Sent Welcome messages (Patron account > More > Send welcome email) -
   nothing in delivery note column.

5. Checkout out an item to the guarantee (item checkout email enabled) -
   nothing in delivery note column.

6. Send the notices by running misc/cronjobs/process_message_queue.pl
   again.

7. Now the 'Delivery note' columns should contain from:, to: and cc:
   address details.

[1] Option 1 - smpt-sink (aka the sandboxes way)
    - Install the postfix package inside ktd (sudo apt install postfix)
      When asked in the wizard, I named mine 'local'
    - Start smpt-sink with
      `nohup smtp-sink -u root -D mail 127.0.0.1:25 100 </dev/null >/dev/null 2>&1 &`

    Option 2 - To test sending emails using a Google account:
    - Set up an App password for your Google Account
    - Edit /etc/koha/sites/kohadev/koha-conf.xml file and add this
      configuration near the end (where <user_name> = your Google email
      address; <password> = your APP password, not your Google account
      password):

      <smtp_server>
        <host>smtp.gmail.com</host>
        <port>587</port>
        <timeout>5</timeout>
        <ssl_mode>STARTTLS</ssl_mode>
        <user_name>GOOGLEACCOUNTUSER</user_name>
        <password>GOOGLEAPPPASSWORD</password>
        <debug>1</debug>
      </smtp_server>

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Aleisha Amohia <aleishaamohia@hotmail.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35479: (QA follow-up): Tidy
Pedro Amorim [Mon, 18 Dec 2023 12:51:16 +0000 (12:51 +0000)]
Bug 35479: (QA follow-up): Tidy

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35479: (follow-up) Match formatting for other cronjob logs
Nick Clemens [Tue, 5 Dec 2023 13:40:48 +0000 (13:40 +0000)]
Bug 35479: (follow-up) Match formatting for other cronjob logs

To test:
1 - Install the Kitchen Sink plugin
2 - Restart all
3 - Enable 'CronjobLog' system preference
4 - perl misc/cronjobs/plugins_nightly.pl
5 - Note you see on the command line 'Remember to clean the kitchen' - this indicates the plugin cron ran
6 - Tools->log viewer, select 'cronjob' and view
7 - Note you only see 'plugins_nightly.pl' Run and End lines
8 - Apply patches
9 - perl misc/cronjobs/plugins_nightly.pl
10 - View logs agian
11 - Note you now see Run and End lines for 'Koha::Plugin::Com::ByWaterSolutions::KitchenSink'
12 - Confirm they look like the other lines
13 - Edit KitchenSink.pm and add 'die "Kittens";' to the cronjob nightly
14 - perl misc/cronjobs/plugins_nightly.pl
15 - View logs, confirm there is a FAILED error message for the KitchenSink cron

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35479: Log start, end, and any failures for each plugin's nightly cronjob
Kyle M Hall [Mon, 4 Dec 2023 17:41:32 +0000 (12:41 -0500)]
Bug 35479: Log start, end, and any failures for each plugin's nightly cronjob

When running the plugins_nightly.pl cronjob, we should record the plugins that have a nightly method, logging the start and end of each plugins routine

Test Plan:
1) Enable CronjobLog
2) Install a plugin with a nightly cronjob ( e.g.
   https://github.com/bywatersolutions/koha-plugin-book-list-printer )
3) Run plugins_nightly.pl
4) Note new entries in the cronjob viewer for the start and end of the
   plugin's nightly cronjob run
5) Edit the plugin, add a line like "die 'this is a test';" to the
   plugin's nightly cronjob
6) Run plugins_nightly.pl
7) View the action logs, not the log for the error you added!

Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35490: Remove GetMarcItem from C4::Biblio module
Marcel de Rooy [Tue, 5 Dec 2023 15:51:35 +0000 (15:51 +0000)]
Bug 35490: Remove GetMarcItem from C4::Biblio module

Test plan:
Compile module, run qa tools.
Search for the use of C4::Items in C4/Biblio.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 34282: Fix availability check in ILL batches
Pedro Amorim [Fri, 14 Jul 2023 15:46:56 +0000 (15:46 +0000)]
Bug 34282: Fix availability check in ILL batches

Staging modal area had issues listing availability checks for each request in the batch creation process

To test:
1) Run bash <(curl -s https://raw.githubusercontent.com/ammopt/koha-ill-dev/master/start-ill-dev-plus.sh)
2) Install a metadata enrichment plugin, e.g. https://github.com/PTFS-Europe/koha-plugin-api-pubmed/releases
3) Install and configure an availability plugin, e.g. eds https://github.com/PTFS-Europe/koha-plugin-ill-avail-eds/releases
4) Enable ILLCheckAvailability sys pref
5) Create a new ILL batch and input some pubmedids, i.e. 3489859431452466
6) Verify that the availability results show and are working, for each request in the batch

Signed-off-by: Edith Speller <Edith.Speller@ukhsa.gov.uk>
Sponsored-by: UKHSA (UK Health Security Agency)
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35389: (QA follow-up) Update circ-nav too
Marcel de Rooy [Fri, 19 Jan 2024 09:53:14 +0000 (09:53 +0000)]
Bug 35389: (QA follow-up) Update circ-nav too

As Katrin spotted, we need to not forget the sidebar menu.

Test plan:
Check if the item is visible/invisible on the sidebar menu of
Circulation. (Depending on StockRotation pref.)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35389: Hide 'Transfer to send' if StockRotation disabled
Marcel de Rooy [Thu, 23 Nov 2023 09:08:18 +0000 (09:08 +0000)]
Bug 35389: Hide 'Transfer to send' if StockRotation disabled

Test plan:
Disable StockRotation pref. Check if report is hidden on circ home.
Enable. Check if report is visible.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35951: Remove useless include category-out-of-age-limit.inc
Tomas Cohen Arazi [Tue, 30 Jan 2024 17:01:26 +0000 (14:01 -0300)]
Bug 35951: Remove useless include category-out-of-age-limit.inc

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Store the selected option label
Jonathan Druart [Thu, 30 Nov 2023 09:34:54 +0000 (10:34 +0100)]
Bug 32474: Store the selected option label

It prevents the label to be removed when the selected option is not
longer in the item list.

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Add cypress tests
Matt Blenkinsop [Thu, 30 Nov 2023 10:51:14 +0000 (10:51 +0000)]
Bug 32474: Add cypress tests

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Pass label and identifier
Jonathan Druart [Tue, 3 Oct 2023 08:22:46 +0000 (10:22 +0200)]
Bug 32474: Pass label and identifier

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Adjust tests
Jonathan Druart [Tue, 3 Oct 2023 14:30:46 +0000 (16:30 +0200)]
Bug 32474: Adjust tests

We need to use the same data, for instance we had "license name" and
"first license name" for the license with license_id=1

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Adjust tests - X-Total-Count
Jonathan Druart [Tue, 3 Oct 2023 07:59:24 +0000 (09:59 +0200)]
Bug 32474: Adjust tests - X-Total-Count

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Fix required
Jonathan Druart [Tue, 3 Oct 2023 07:58:27 +0000 (09:58 +0200)]
Bug 32474: Fix required

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Fix scroll bump when new data loads
Matt Blenkinsop [Fri, 29 Sep 2023 15:08:02 +0000 (15:08 +0000)]
Bug 32474: Fix scroll bump when new data loads

This patch addresses an annoying scroll bump when new data loads. Previously the
scrollbar would jump all the way to the top of the selct before resetting, this
has now been stopped.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Fix duplicate API call
Matt Blenkinsop [Thu, 27 Apr 2023 14:39:04 +0000 (14:39 +0000)]
Bug 32474: Fix duplicate API call

This patch fixes a duplicate API call and fixes the "required" attribute

Test plan as before

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Properly call getAll
Jonathan Druart [Thu, 27 Apr 2023 06:56:39 +0000 (08:56 +0200)]
Bug 32474: Properly call getAll

To encode q parameter correctly, based on bug 33623

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Do not fetch all the licenses
Jonathan Druart [Thu, 27 Apr 2023 06:54:25 +0000 (08:54 +0200)]
Bug 32474: Do not fetch all the licenses

Otherwise we are loosing all the point of the pagination!

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 32474: Infinite scroll v-selects
Matt Blenkinsop [Fri, 21 Apr 2023 10:57:43 +0000 (10:57 +0000)]
Bug 32474: Infinite scroll v-selects

This patch is an example ajax based v-select. The v-select will load the first
20 items and then continue to load paginated sections of 20 items as the user
scrolls down. The v-select also offers ajax based searches (unpaginated) and
will return to 20 item pagination if the search is cleared.

Currently the pagination just works with an Intersection Observer based on
scrolling - the main issue with this is that the size of the v-select window
changes every time new data is added to the list and this causes the scrollbar
to jump before resetting at the correct size. This can be a bit annoying,
especially when scrolling quickly.

The only way round this will either be to paginate using buttons i.e.
(previous/next page) or to limit the data to 20 items at all times and
re-paginate when scrolling back up - interested to hear thoughts/suggestions
on this or whether anyone has a magic CSS fix that solves it ;)

The new v-select is only in one location so far as a test - Agreement Licenses

Test plan:
1) You will need to add multiple licenses in order to see the pagination,
   attached is a script that will create 100 dummy licenses at a time if you
   wish to use that
2) Once licenses are created, apply patch and run yarn build
3) Navigate to Agreements and click the New Agreement button
4) Scroll down to the Add new license option and click the button
5) The License select is the InfiniteScrollSelect and should display the
   licenses you have added
6) Open the dropdown and 20 items will be listed
7) Scroll down and as you scroll, more items will be loaded (this can be seen
   in the Network tab in developer tools)
8) Enter a search query and the results should reflect the search query
9) Delete the search query and the dropdown should return to the first 20
   paginated items and pagination will work again when scrolling
10) Try submitting the form with paginate/searched options and the form should
    still work as intended

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35483: (follow-up) Trivial indentation changes
Owen Leonard [Fri, 26 Jan 2024 17:51:36 +0000 (14:51 -0300)]
Bug 35483: (follow-up) Trivial indentation changes

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Anneli Österman <anneli.osterman@koha-suomi.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35483: Restore holds table select to switch item level holds to record level...
Lari Taskula [Mon, 4 Dec 2023 22:51:45 +0000 (22:51 +0000)]
Bug 35483: Restore holds table select to switch item level holds to record level holds

To test:
1. Apply patch
2. Add item level hold to a record/item, make sure patron has no other
   holds on that record
3. Go to /cgi-bin/koha/reserve/request.pl?biblionumber=xxx where xxx is
   the record you placed the hold for
4. Under "Existing holds" table, in "Details" column you should see
   "Only item <barcode>" dropdown
5. Select "Next available" from the dropdown
6. Click Update hold(s)
7. Observe dropdown is gone and cell value has changed from
   "Only item <barcode>" to "Next available"
8. Cancel the hold and add two item level holds for the same patron
9. Under "Existing holds" table, in "Details" column you should see
   "Only item <barcode>", but no select dropdown

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Anneli Österman <anneli.osterman@koha-suomi.fi>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35936: Fix saving existing report with incorrect AV category
Jonathan Druart [Tue, 30 Jan 2024 09:04:45 +0000 (10:04 +0100)]
Bug 35936: Fix saving existing report with incorrect AV category

When an existing report is saved and an incorrect AV category is selected,
the UI is asking "do you want to save anyway", but the "Update SQL" button
leads to a blank page and the report is not saved.

On bug 33966 the value is been adjust to 'update_sql' but this incorrect
was left.

To test you need to use the browser inspector to adjust the value of the
selected option.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35300: Add page-section to invoice files page
Katrin Fischer [Sat, 6 Jan 2024 19:57:04 +0000 (19:57 +0000)]
Bug 35300: Add page-section to invoice files page

To test:
* Enable AcqEnableFiles system preference
* Go to acquisitions
* Search for a vendor and receive shipment
* Enter an invoice number and create new invoice
* Finish receive
* Click on 'manage invice files' link
* Upload a sample file
* Verify the table is missing the usual white background
* Apply patch
* Verify the the table now displays with the usual white
  background

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35406: (follow-up) More HTML fixes
Owen Leonard [Wed, 29 Nov 2023 13:51:15 +0000 (13:51 +0000)]
Bug 35406: (follow-up) More HTML fixes

This patch fixes even more markup errors and HTML validation issues.

Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35406: Fix typo in holds queue viewer template
Tomas Cohen Arazi [Mon, 27 Nov 2023 15:08:42 +0000 (12:08 -0300)]
Bug 35406: Fix typo in holds queue viewer template

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Phil Ringnalda <phil@chetcolibrary.org>
Signed-off-by: Emily Lamancusa <emily.lamancusa@montgomerycountymd.gov>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35368: Add public to "Add a new checkout" in API documentation
Katrin Fischer [Fri, 12 Jan 2024 23:51:14 +0000 (23:51 +0000)]
Bug 35368: Add public to "Add a new checkout" in API documentation

Without this patch the "Add a new checkout" label showed
up twice in the Checkouts section of the API documentation.
This adds (public) to the end of one, to make it possible
to distinguish them.

To test (ON YOUR HOST MACHINE):
1. Run:
   $ cd api/v1/swagger
   $ docker run --rm -v $(pwd):/api --workdir /api redocly/cli \
           build-docs swagger.yaml --output index.html
2. Open the generated index.html in your browser
3. Verify doubled up headings
4. Apply patch
5. Re-run docker command form 1.
6. Verify there are now 2 different labels and "(public)" is on the
   right one.

Note: if you have wrong permissions on the file, chown it to your
own user to open it in the browser.

Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35922: Fix www/batch.t
Tomas Cohen Arazi [Mon, 29 Jan 2024 13:04:50 +0000 (10:04 -0300)]
Bug 35922: Fix www/batch.t

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: (follow-up) Fix permission check in staff interface navigation
Katrin Fischer [Mon, 29 Jan 2024 11:18:10 +0000 (11:18 +0000)]
Bug 30230: (follow-up) Fix permission check in staff interface navigation

The patron module should now show up in the staff main navigation on
top of the page if the user only has the new list_borrowers permission.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: (follow-up) Update missing descriptions
Katrin Fischer [Mon, 29 Jan 2024 11:10:18 +0000 (11:10 +0000)]
Bug 30230: (follow-up) Update missing descriptions

One of the follow-ups fixed the description in the
atomic update, but missed the SQL and include files.

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: DBRev 23.12.00.006
Katrin Fischer [Mon, 29 Jan 2024 10:57:40 +0000 (10:57 +0000)]
Bug 30230: DBRev 23.12.00.006

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: (QA follow-up) Also add list_borrowers to the singular endpoint
Martin Renvoize [Mon, 22 Jan 2024 14:23:59 +0000 (14:23 +0000)]
Bug 30230: (QA follow-up) Also add list_borrowers to the singular endpoint

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: (QA follow-up) Add unit tests for API definition change
Martin Renvoize [Mon, 22 Jan 2024 14:23:34 +0000 (14:23 +0000)]
Bug 30230: (QA follow-up) Add unit tests for API definition change

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: (follow-up) Add list permission on home-search include and update atomic...
Thibaud Guillot [Tue, 16 Jan 2024 16:01:58 +0000 (17:01 +0100)]
Bug 30230: (follow-up) Add list permission on home-search include and update atomic update file

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: (follow-up) fix unit test
David Cook [Tue, 19 Dec 2023 02:47:12 +0000 (02:47 +0000)]
Bug 30230: (follow-up) fix unit test

Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: (follow-up) Fix display issue on search bar
Thibaud Guillot [Fri, 8 Dec 2023 08:46:16 +0000 (09:46 +0100)]
Bug 30230: (follow-up) Fix display issue on search bar

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 30230: Add new 'list_borrowers' permission
Thibaud Guillot [Thu, 30 Nov 2023 14:14:42 +0000 (15:14 +0100)]
Bug 30230: Add new 'list_borrowers' permission

When a patron search is performed only a user with edit_borrowers
permission can search by name. Search can works only with cardnumber but
it makes searching less intuitive I think.

So, as mentioned in the discussion, I've added a new 'list_borrowers' permission,
completely independent of 'edit_borrowers', so that I can search for a member via the interface
and get the results. In addition to the permission to perform check in and checkouts, this no longer poses an obstacle to simple use.

Test plan:

1) Check with a user without 'edit_borrowers' permission that the patron search can only be performed with cardnumber
2) Apply this patch
3) Make the updatedatabase to add new 'list_borrowers' permissions
4) Set 'list_borrowers' permission on one user and see the difference

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Emmi Takkinen <emmi.takkinen@koha-suomi.fi>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35535: Allow for cancellation of holds with or without a reason
Lucas Gass [Wed, 17 Jan 2024 15:45:53 +0000 (15:45 +0000)]
Bug 35535: Allow for cancellation of holds with or without a reason

TO TEST:
1. Have a waiting hold on a particular barcode
2. Have at least 1 HOLD_CANCELLATION auth value
3. Check in the barcode and try to cancel the hold on the modal while
   selecting a reason.
=> SUCCESS: You can cancel a hold when selecting a reason.
4. Repeat 1-3 but not selecting any reason.
=> SUCCESS: Hold cancelled correctly.
5. Delete all HOLD_CANCELLATION auth values.
6. Repeat Try 1-3
=> SUCCESS: No reason displayed
=> FAIL: Cancelling does nothing. There's an error in the browser
   inspector
7. Apply this patch
8. Repeat 1-3
=> SUCCESS: No reason displayed
=> SUCCESS: Cancelling works
9. Sign off :-D

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Edit: amended the test plan to make it clearer
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35753: Remove Checkbox() function
Lucas Gass [Tue, 9 Jan 2024 21:57:49 +0000 (21:57 +0000)]
Bug 35753: Remove Checkbox() function

To test:
1. APPLY PATCH and clear browser cache.
2. Have multiple additional content items ( news/HTML customization/Pages )
3. From one of the pages ( news/HTML customization/Pages ) click the 'Delete selected' button. Since no items are checked you should see the 'Please select content to delete' alert.
4. Check some items and click 'Delete selected' they should be correctly deleted.

Note: There is no change in behavior from this patch.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>
9 months agoBug 35774: Use itemnumber instead of biblioitemnumber
Lucas Gass [Fri, 12 Jan 2024 18:05:22 +0000 (18:05 +0000)]
Bug 35774: Use itemnumber instead of biblioitemnumber

With Bug 33639 already pushed to master there should be NO change in behavior.

To test:
1. APPLY PATCH
2. Create one or more item groups for a bib if needed
3. Create a new item, and at the bottom of the 'Add item' screen, select the item group to which you want this item added. Save.
4. The item should succesffuly be added to the item group.
5. Add a new item and to the same record and this time try the 'Create a new item group' from the dropdown.
6. Name the new item group.
7. Make sure it is correctly added to the item group.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>