]>
git.koha-community.org Git - koha.git/log
Tomas Cohen Arazi [Tue, 30 Jan 2024 15:32:50 +0000 (12:32 -0300)]
Bug 34478: actionType parameter not used - memberentry.pl
Bug 34478: [TO SQUASH] actionType parameter not used - memberentry.pl
syntax error at members/memberentry.pl line 103, near "\|"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Tue, 30 Jan 2024 16:05:57 +0000 (16:05 +0000)]
Bug 34478: Manual fix - problem_reports
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 15:33:42 +0000 (16:33 +0100)]
Bug 34478: Replace POST with GET - request.tt
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 15:12:52 +0000 (16:12 +0100)]
Bug 34478: Rename action with op - members/boraccount
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Tomas Cohen Arazi [Tue, 30 Jan 2024 14:55:16 +0000 (11:55 -0300)]
Bug 34478: Manual fix - Course reserves
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 12:37:52 +0000 (13:37 +0100)]
Bug 34478: Manual fix - opac-shareshelf
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 11:26:42 +0000 (12:26 +0100)]
Bug 34478: Manual fix - opac-shelves (WIP)
Share still needs attention, moved to "later"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 11:13:36 +0000 (12:13 +0100)]
Bug 34478: Log if CSRF is wrong (debug)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 10:39:39 +0000 (11:39 +0100)]
Bug 34478: Fix new forms
New forms that need to be fixed after rebase.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 10:28:07 +0000 (11:28 +0100)]
Bug 34478: op =~ ^cud- in pl/pm - Manual branches.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 10:08:24 +0000 (11:08 +0100)]
Bug 34478: Rename action with op - import_export_framework
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Tomas Cohen Arazi [Mon, 29 Jan 2024 20:13:10 +0000 (17:13 -0300)]
Bug 34478: Manual fix - Batch rm items (course reserves)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Tomas Cohen Arazi [Mon, 29 Jan 2024 20:05:47 +0000 (17:05 -0300)]
Bug 34478: Manual fix - Batch add items (course reserves)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Tomas Cohen Arazi [Mon, 29 Jan 2024 19:47:38 +0000 (16:47 -0300)]
Bug 34478: Manual fix - Add items (course reserves)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 26 Jan 2024 19:15:17 +0000 (14:15 -0500)]
Bug 34478: Manual fix - change to post - guided_reports
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 26 Jan 2024 17:56:39 +0000 (12:56 -0500)]
Bug 34478: Manual fix - change to post remove cud from confirm step - serials-collection
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 26 Jan 2024 17:45:21 +0000 (12:45 -0500)]
Bug 34478: Manual fix - remove cud from search op - authorities-home
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 26 Jan 2024 16:58:07 +0000 (11:58 -0500)]
Bug 34478: Manual fix - Switch to post, update op - neworderempty_duplicate
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 26 Jan 2024 16:27:52 +0000 (11:27 -0500)]
Bug 34478: Manual fix - Switch to post, update op, add missing include - basket
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 26 Jan 2024 16:01:18 +0000 (11:01 -0500)]
Bug 34478: Manual fix - fix ops and method - deletemem
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 26 Jan 2024 15:52:54 +0000 (10:52 -0500)]
Bug 34478: Manual fix - Rename action with op change to post - merge-patrons
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 10:35:20 +0000 (11:35 +0100)]
Bug 34478: Rename action with op - circ/request-article
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 10:33:02 +0000 (11:33 +0100)]
Bug 34478: Rename action with op - circ/checkout-notes
svc/checkout_notes will need to be adjusted as well
Bug 34478: [TO SQUASH] Rename action with op - circ/checkout-notes
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 10:11:58 +0000 (11:11 +0100)]
Bug 34478: Rename action with op - catalogue/search-history
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 10:02:56 +0000 (11:02 +0100)]
Bug 34478: Rename action with op - admin/library_groups
This is a bit dirty but it works.
form is not styling correctly when put within the li
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 09:28:06 +0000 (10:28 +0100)]
Bug 34478: Rename action with op - admin/item_circulation_alerts
Also fix possible XSS.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 09:06:20 +0000 (10:06 +0100)]
Bug 34478: Rename action with op - admin/columns_settings
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 09:00:41 +0000 (10:00 +0100)]
Bug 34478: Rename action with op - acqui/cancelorder
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Wed, 24 Jan 2024 11:44:02 +0000 (11:44 +0000)]
Bug 34478: Remove no longer reference form
Cleanup whilst we're here.. the form here isn't actually included
anywhere and the acompanying controller no longer exists.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Wed, 24 Jan 2024 11:09:22 +0000 (11:09 +0000)]
Bug 34478: Update label ops 'edit' to 'edit_form'
This serves to clarify that the 'edit' is not an update action in this
case, but instead is a form fetch.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 24 Jan 2024 11:12:22 +0000 (12:12 +0100)]
Bug 34478: op =~ ^cud- in pl/pm - Manual parcels.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 24 Jan 2024 10:27:01 +0000 (11:27 +0100)]
Bug 34478: Manual fix - preferences
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 24 Jan 2024 10:32:34 +0000 (11:32 +0100)]
Bug 34478: op =~ ^cud- in pl/pm - Manual preferences.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 23 Jan 2024 15:59:44 +0000 (16:59 +0100)]
Bug 34478: Add method="get" to forms without method
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 23 Jan 2024 15:57:05 +0000 (16:57 +0100)]
Bug 34478: Remove duplicated form in virtualshelves/downloadshelf.tt
Just... don't ask... It's there since 2010
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Mon, 22 Jan 2024 11:56:37 +0000 (11:56 +0000)]
Bug 34478: Manual fix - label-edit-profile (cud-save)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Mon, 22 Jan 2024 11:52:58 +0000 (11:52 +0000)]
Bug 34478: Manual fix - label-edit-template (cud-save)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Mon, 22 Jan 2024 11:13:41 +0000 (11:13 +0000)]
Bug 34478: Manual fix - label-edit-layout (cud-save)
Also updated 'cud-edit' in the controller back to 'edit' as it's a 'get'
request to display the form.. i.e. read not create, write or update.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 19 Jan 2024 17:05:26 +0000 (17:05 +0000)]
Bug 34478: Manual fix - subscription-nuberpatterns (cud-del)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 19 Jan 2024 17:03:47 +0000 (17:03 +0000)]
Bug 34478: Manual fix - subscription-frequencies (cud-del)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 19 Jan 2024 17:00:44 +0000 (17:00 +0000)]
Bug 34478: Manual fix - parcels.pl (cud-confirm cud-new)
Bug 34478: [TO SQUASH] Manual fix - parcels.pl (cud-confirm cud-new)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 19 Jan 2024 16:50:47 +0000 (16:50 +0000)]
Bug 34478: Manual fix - edi_ean (cud-ediorder)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Nick Clemens [Fri, 19 Jan 2024 16:39:37 +0000 (16:39 +0000)]
Bug 34478: Manual fix - basketgroups
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 19 Jan 2024 16:22:53 +0000 (16:22 +0000)]
Bug 34478: Manual fix - account refund - Add op param to forms
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 19 Jan 2024 15:25:35 +0000 (10:25 -0500)]
Bug 34478: Manual fix - delete baskets - Add csrf include
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 19 Jan 2024 14:19:58 +0000 (09:19 -0500)]
Bug 34478: Manual fix - delete baskets
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 19 Jan 2024 14:16:46 +0000 (09:16 -0500)]
Bug 34478: Manual fix - account line discount
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 19 Jan 2024 14:15:19 +0000 (09:15 -0500)]
Bug 34478: Manual fix - account refund
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Kyle M Hall [Fri, 19 Jan 2024 14:11:40 +0000 (09:11 -0500)]
Bug 34478: Manual fix - account payout
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 13 Dec 2023 08:27:45 +0000 (09:27 +0100)]
Bug 34478: Display programming errors in case plack.psgi caught something suspicious
It will help developpers to debug the problematic places.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 13 Dec 2023 07:31:04 +0000 (08:31 +0100)]
Bug 34478: Manual fix - duplicate_orders (cud-select)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 13 Dec 2023 07:23:54 +0000 (08:23 +0100)]
Bug 34478: Manual fix - preferences
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 16:03:58 +0000 (17:03 +0100)]
Bug 34478: Manual fix - memberentry (modify)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 15:43:21 +0000 (16:43 +0100)]
Bug 34478: Manual fix - batchMod
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 15:43:08 +0000 (16:43 +0100)]
Bug 34478: op =~ ^cud- in pl/pm
This is the result of
bash op_must_start_with_cud-perl.sh
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 15:26:51 +0000 (16:26 +0100)]
Bug 34478: Manual fix - additem
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 13:54:34 +0000 (14:54 +0100)]
Bug 34478: Manual fix - opac-suggestions
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 13:39:15 +0000 (14:39 +0100)]
Bug 34478: Replace POST with GET when needed - add_form
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 13:32:59 +0000 (14:32 +0100)]
Bug 34478: Adjust selenium tests
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 13:12:20 +0000 (14:12 +0100)]
Bug 34478: Add missing csrf-token.inc for opac
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 12 Dec 2023 10:21:07 +0000 (11:21 +0100)]
Bug 34478: op =~ ^cud- everywhere
This is the result of
perl op_must_start_with_cud.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 22 Sep 2023 08:55:29 +0000 (10:55 +0200)]
Bug 34478: op =~ ^cud-
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 21 Sep 2023 10:00:17 +0000 (12:00 +0200)]
Bug 34478: op-cud - Trick CGI directly
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 21 Sep 2023 08:50:07 +0000 (10:50 +0200)]
Bug 34478: op-cud - Rename op with op-cud in templates
This is the result of
perl rename_op_with_op-cud.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 21 Sep 2023 08:23:41 +0000 (10:23 +0200)]
Bug 34478: op-cud - Adjust C4::Auth code
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 21 Sep 2023 07:59:09 +0000 (09:59 +0200)]
Bug 34478: Move C4::Auth check
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2023 09:37:52 +0000 (11:37 +0200)]
Bug 34478: Remove check_csrf from pl files
We should no longer need to check CSRF token from pl files
TODO - there is a change for some files where we returned 403
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2023 09:32:27 +0000 (11:32 +0200)]
Bug 34478: Check CSRF in get_template_and_user
Not sure this is the right place in get_template_and_user
Will have to test login and 2FA
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2023 09:13:14 +0000 (11:13 +0200)]
Bug 34478: Add 'op' to opac-passwd
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2023 09:06:16 +0000 (11:06 +0200)]
Bug 34478: Add 'op' to opac-user.tt
Bug 34478: [TO SQUASH] Add 'op' to opac-user.tt
Bug 34478: [TO SQUASH] Add 'op' to opac-user.tt
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 12 Jan 2024 14:00:48 +0000 (15:00 +0100)]
Bug 34478: Add missing CSRF token to POST forms
This is the result of
% perl csrf_add_missing_csrf.pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2023 09:15:54 +0000 (11:15 +0200)]
Bug 34478: Remove generate_csrf from pl
We do not longer need to generate_csrf from pl files
TODO - members/boraccount.tt and sco/sco-main.tt needs to be adjusted
Bug 34478: [TO SQUASH] Remove generate_csrf from pl
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2023 08:57:42 +0000 (10:57 +0200)]
Bug 34478: Replace csrf_token input with include file - manual
A couple of left not caught by the previous regex
Still TODO:
% git grep csrf_token **/*.inc **/*.tt
still shows example that needs to be replaced, later (because we use GET)
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2023 08:56:50 +0000 (10:56 +0200)]
Bug 34478: Replace csrf_token input with include file
perl -p -i -n -e 's#<input type="hidden" name="csrf_token" value="\[% csrf_token \| html %]" />#[% INCLUDE '\''csrf-token.inc'\'' %]#g' **/*.tt **/*.inc
This should have actually been done at the same time as
"Bug 30524: (QA follow-up) Only generate CSRF token if it will be used"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 4 Aug 2023 08:32:17 +0000 (10:32 +0200)]
Bug 34478: Replace get with post when needed
This is what has been marked as done in "csrf_get.txt"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 27 Feb 2024 07:56:24 +0000 (08:56 +0100)]
Bug 35955: Add tests
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
David Cook [Tue, 27 Feb 2024 06:05:24 +0000 (06:05 +0000)]
Bug 35955: Cache CSRF token in template plugin
This change uses the Koha::Cache::Memory::Lite cache to
cache the CSRF token, so that it is only generated once,
and is re-used by the Koha::Template::Plugin::Koha object
throughout the entire template processing for the HTTP request.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 21 Feb 2024 08:42:16 +0000 (09:42 +0100)]
Bug 36098: Default to 'file' if pref does not exist
During the installer process there is a bunch of warnings
"Use of uninitialized value $storage_method in string eq at"
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
David Cook [Thu, 15 Feb 2024 23:07:02 +0000 (23:07 +0000)]
Bug 36098: (follow-up) extend test to check driver
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
David Cook [Thu, 15 Feb 2024 22:49:19 +0000 (22:49 +0000)]
Bug 36098: Fix storage_method pass
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 15 Feb 2024 13:05:21 +0000 (14:05 +0100)]
Bug 36098: Allow to pass storage_method
Will need this on follow-up bugs.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Thu, 15 Feb 2024 11:53:02 +0000 (11:53 +0000)]
Bug 36098: (QA follow-up) Add POD to Koha::Session
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
David Cook [Thu, 15 Feb 2024 02:49:18 +0000 (02:49 +0000)]
Bug 36098: Add Koha::Session module to ease session handling
This patch adds a Koha::Session module that makes it easier
to work with Koha sessions without needing the full C4::Auth module.
Test plan:
0. Apply the patch
1. Run the following unit tests:
prove ./t/db_dependent/Auth.t
prove ./t/db_dependent/Auth_with_cas.t
prove ./t/db_dependent/Koha/Session.t
2. Observe that they all pass
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 08:02:19 +0000 (09:02 +0100)]
Bug 35935: Ensure login branch will be used after incorrect login
If a different branch is selected after an incorrect login, the previous
branch will be used.
To recreate:
* login with foo/bar, select CPL => FAIL
* login with koha/koha, select another branch => OK but CPL is picked!
It was caused by a dup of "branch" in CGI param list (and first was
picked).
This patch patch also removes "koha_login_context" to not have it twice.
You can also open the source of the page to confirm that form#loginform
contains "branch" and "koha_login_context" in hidden inputs.
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested in KTD. Works as advertised.
Signed-off-by: Julian Maurice <julian.maurice@biblibre.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 14 Feb 2024 08:45:45 +0000 (09:45 +0100)]
Bug 36092: Pass sessionID at the end of get_template_and_user
It seems safer to pass the logged in user and session info at the end of
the sub.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 14 Feb 2024 09:33:11 +0000 (10:33 +0100)]
Bug 36092: Pass the sessionID from checkauth if we hit auth
If we hit the auth page we were not passing sessionID to the template
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 14 Feb 2024 09:56:17 +0000 (10:56 +0100)]
Bug 36092: Add test
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 07:58:17 +0000 (08:58 +0100)]
Bug 35918: Fix auto library connect (AutoLocation)
This code is a bit weird, its purpose it to auto select the library depending on the IP.
A problem appears if the same IP is used, then the user's choice will
might be overwritten randomly by another library.
To recreate the problem:
Turn on AutoLocation
Use koha/koha @CPL for test
And the following config:
*************************** 1. row ***************************
branchcode: CPL
branchname: Centerville
branchip: 172.18.0.1
*************************** 2. row ***************************
branchcode: FFL
branchname: Fairfield
branchip: 172.18.0.1
*************************** 3. row ***************************
branchcode: FPL
branchname: Fairview
branchip: 172.18.0.4
Connect and select CPL. Randomly FFL will be picked instead.
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Tested this on top of 35890 and 35904 because git bz said they were required dependencies.
Figured out the IP Koha was seeing me as coming from in /var/log/koha/kohadev/plack.log.
Added that IP to the branchip for Centerville, Fairfield and Fairview. Set AutoLocation = Yes.
After this I could recreate the problem: If i left the "Library" field in the login screen
at "My Library" I got logged into a random library selected from the three i had set
branchip for. Applying the patches fixed this, as expected.
Tests pass, with AutoLocation off.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Fri, 26 Jan 2024 07:57:03 +0000 (08:57 +0100)]
Bug 35918: Add test
Signed-off-by: Magnus Enger <magnus@libriotech.no>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 25 Jan 2024 08:36:01 +0000 (09:36 +0100)]
Bug 35890: Add tests for AutoLocation
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 24 Jan 2024 15:25:30 +0000 (16:25 +0100)]
Bug 35890: Reject login if IP is not valid
Signed-off-by: Matt Blenkinsop <matt.blenkinsop@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Victor Grousset/tuxayo [Thu, 15 Feb 2024 03:18:37 +0000 (04:18 +0100)]
Bug 35904: (QA follow-up): tidy up code
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Thu, 25 Jan 2024 09:35:41 +0000 (10:35 +0100)]
Bug 35904: Make C4::Auth::checkauth testable easily
This patch suggests to add a new flag do_not_print to
C4::Auth::checkauth to not print the headers and allow to test this
subroutine more easily.
We do no longer need to mock safe_exit and redirect STDOUT to test its
return values.
There are still 3 left:
1.
733 # checkauth will redirect and safe_exit if not authenticated and not authorized
=> Better to keep this one, not trivial to replace
2.
806 # This will fail on permissions
This should be replaced but testing $template->{VARS}->{nopermission}
fails, I dont' think the comment is better.
3.
828 # Patron does not have the borrowers permission
Same as 2.
2. and 3. should be investigated a bit more.
This patch also move duplicated code to set patron's password to a
subroutine set_weak_password.
Test plan:
Read the code and confirm that everything makes sense.
QA: Do you have a better way for this? Yes it's dirty!
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 24 Jan 2024 15:24:51 +0000 (16:24 +0100)]
Bug 35904: Remove var loggedin
It is never used and add confusion
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 7 Feb 2024 14:54:28 +0000 (15:54 +0100)]
Bug 36019: Remove dead code in tags/review
Since bug 20489 it is no longer possible to login with the DB user.
At the time, get_template_and_user returned borrowernumber=0 in this case.
In tags/review.pl we have:
$borrowernumber == 0 and push @errors, {op_zero=>1};
This condition is never met, and op_zero related code can be removed in the template.
Test plan:
Confirm the above
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Wed, 7 Feb 2024 14:42:40 +0000 (15:42 +0100)]
Bug 36017: Remove dead code in admin/clone-rules
Since
commit
61628c97c245e72c750b61d9df6fa9b9100f3093
Bug 18936: (follow-up) Add cloning of circulation rules back to Koha
There are some dead code in admin/clone-rules.
"result" is always passed to the template.
Test plan:
Confirm the above and that cloning rules from the circ rules page still
works correctly.
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Jonathan Druart [Tue, 30 Jan 2024 15:40:17 +0000 (16:40 +0100)]
Bug 35949: Remove useless code pointing to branchreserves.pl in request.tt
messagetransfert is never set (it is from circ/waitingreserves.pl, `git grep messagetransfert`) and branchreserves.pl does not exist!
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Marcel de Rooy [Fri, 23 Jun 2023 09:56:40 +0000 (09:56 +0000)]
Bug 34426: (QA follow-up) Polishing xt script
Test plan:
Run it again. Same results?
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Martin Renvoize [Wed, 16 Jun 2021 10:04:42 +0000 (11:04 +0100)]
Bug 34426: Add xt/find-missing-csrf.t
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Andreas Jonsson [Mon, 12 Feb 2024 11:16:02 +0000 (11:16 +0000)]
Bug 35930: Add guards for plugins_enabled
The 'new' method in Koha::Plugins returns undefined if
plugins are disabled. Therefore, calls to this method
must be guarded by a check that plugins actually are enabled.
Test plan:
* Code inspection of patch, alternatively
* Activate the ill system by installing a backend such as
koha-illbackend-libris:
https://github.com/Libriotech/koha-illbackend-libris
* Make sure plugins are disabled in koha-conf.xml
* In the staff interface, go to ILL requests.
* The page should load without getting an error 500.
PA amended commit message: This is not related to ILL backends being plugins or not
This is about ILL batches, where checking for metadata enrichment plugins was missing 'enable_plugins' guard
Additionally, unrelated to batches, it's also about ILLAvailability, where checking for ILL availabililty plugins was missing enable_plugins guard
Signed-off-by: Pedro Amorim <pedro.amorim@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Hans PĂ„lsson <hans.palsson@hkr.se>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>