1 Evergreen 2_8 Release Notes
2 ===========================
19 ==== Duplicate Order Detection Improvements ====
21 Provides tools to make it more clear to staff when a purchase order or
22 items on an order have been ordered before.
24 ===== Prevent Duplicate PO Names =====
26 Staff now have the option to specify a PO name during PO creation.
27 If the selected name is already in use by another PO at or below
28 the ordering agency for the PO, the user is warned, the save/submit
29 operations are disabled, and a link to the existing PO is display. The
30 link opens the related PO in a new tab when clicked.
32 Selecting a name which is not yet used or clearing the name field
33 (which defaults upon creation to the PO ID) will clear the warning and
34 re-enable the submit/save operation.
36 Similarly, when editing a PO, if the user attempts to use a name already
37 used, the user will be warned and a link to the offending PO will be
40 ===== Show Existing Copies =====
42 In the select list and PO view interfaces, beside the lineitem ID #, we
43 now also display the number of catalog copies already owned at or below
44 the ordering agency for the bib record in question.
46 The count does not include copies linked to the lineitem in question
47 nor does it include copies that are in some form of lost, missing, or
59 Apache Access Handler: OpenILS::WWW::AccessHandler
60 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
61 This Perl module is intended for limiting patron access to configured locations
62 in Apache. These locations could be folder trees, static files, non-Evergreen
63 dynamic content, or other Apache features/modules. It is intended as a more
64 patron-oriented and transparent version of the OpenILS::WWW::Proxy and
65 OpenILS::WWW:Proxy::Authen modules.
67 Instead of using Basic Authentication the AccessHandler module instead redirects
68 to the OPAC for login. Once logged in additional checks can be performed, based
69 on configured variables:
71 * Permission Checks (at Home OU or specified location)
72 * Home OU Checks (Org Unit or Descendant)
73 * "Good standing" Checks (Not Inactive or Barred)
75 Use of the module is a simple addition to a Location block in Apache:
78 <Location /path/to/be/protected>
79 PerlAccessHandler OpenILS::WWW::AccessHandler
80 # For each option you wish to set:
81 PerlSetVar OPTION "VALUE"
84 The available options are:
86 OILSAccessHandlerLoginURL::
87 Default: /eg/opac/login +
88 The page to redirect to when Login is needed
89 OILSAccessHandlerLoginURLRedirectVar::
90 Default: redirect_to +
91 The variable the login page wants the "destination" URL stored in
92 OILSAccessHandlerFailURL::
94 URL to go to if Permission, Good Standing, or Home OU checks fail. If not set
95 a 403 error is generated instead. To customize the 403 you could use an
96 ErrorDocument statement.
97 OILSAccessHandlerCheckOU::
98 Default: <User Home OU> +
99 Org Unit to check Permissions at and/or to load Referrer from. Can be a
101 OILSAccessHandlerPermission::
103 Permission, or comma- or space-delimited set of permissions, the user must have to
104 access the protected area.
105 OILSAccessHandlerGoodStanding::
107 If set to a true value the user must be both Active and not Barred.
108 OILSAccessHandlerHomeOU::
110 An Org Unit, or comma- or space-delimited set of Org Units, that the user's Home OU must
111 be equal to or a descendant of to access this resource. Can be set to
113 OILSAccessHandlerReferrerSetting::
115 Library Setting to pull a forced referrer string out of, if set.
117 As the AccessHandler module does not actually serve the content it is
118 protecting, but instead merely hands control back to Apache when it is done
119 authenticating, you can protect almost anything else you can serve with Apache.
123 The general use of this module is "protect access to something else" - what that
124 something else is will vary. Some possibilities:
127 ** Automatic Directory Indexes
128 ** Proxies (see below)
129 *** Electronic Databases
130 *** Software on other servers/ports
131 * Non-Evergreen software
132 ** Timekeeping software for staff
133 ** Specialized patron request packages
134 * Static files and folders
135 ** Semi-public Patron resources
136 ** Staff-only downloads
140 One potentially interesting use of the AccessHandler module is to protect an
141 Apache Proxy configuration. For example, after installing and enabling
142 mod_proxy, mod_proxy_http, and mod_proxy_html you could proxy websites like so:
147 # Base "Rewrite URLs" configuration
148 ProxyHTMLLinks a href
149 ProxyHTMLLinks area href
150 ProxyHTMLLinks link href
151 ProxyHTMLLinks img src longdesc usemap
152 ProxyHTMLLinks object classid codebase data usemap
153 ProxyHTMLLinks q cite
154 ProxyHTMLLinks blockquote cite
155 ProxyHTMLLinks ins cite
156 ProxyHTMLLinks del cite
157 ProxyHTMLLinks form action
158 ProxyHTMLLinks input src usemap
159 ProxyHTMLLinks head profile
160 ProxyHTMLLinks base href
161 ProxyHTMLLinks script src for
163 # To support scripting events (with ProxyHTMLExtended On)
164 ProxyHTMLEvents onclick ondblclick onmousedown onmouseup \
165 onmouseover onmousemove onmouseout onkeypress \
166 onkeydown onkeyup onfocus onblur onload \
167 onunload onsubmit onreset onselect onchange
169 # Limit all Proxy connections to authenticated sessions by default
170 PerlAccessHandler OpenILS::WWW::AccessHandler
172 # Strip out Evergreen cookies before sending to remote server
173 RequestHeader edit Cookie "^(.*?)ses=.*?(?:$|;)(.*)$" $1$2
174 RequestHeader edit Cookie "^(.*?)eg_loggedin=.*?(?:$|;)(.*)$" $1$2
177 <Location /proxy/example/>
179 ProxyPass http://www.example.net/
180 ProxyPassReverse http://www.example.net/
181 ProxyPassReverseCookieDomain example.net example.com
182 ProxyPassReverseCookiePath / /proxy/example/
185 ProxyHTMLURLMap http://www.example.net/ /proxy/example/
186 ProxyHTMLURLMap / /proxy/mail/
187 ProxyHTMLCharsetOut *
189 # Limit to BR1 and BR3 users
190 PerlSetVar OILSAccessHandlerHomeOU "BR1,BR3"
194 As mentioned above, this can be used for multiple reasons. In addition to
195 websites such as online databases for patron use you may wish to proxy software
196 for staff or patron use to make it appear on your catalog domain, or perhaps to
197 keep from needing to open extra ports in a firewall.
202 Deleted flag for copy locations
203 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
204 A deleted flag is now available for copy locations, allowing them to be
205 "deleted" without losing statistical information for circulations in a given
206 copy location. It also allows copy locations that are only used by deleted
209 When a copy location is deleted, it will remain in the database, but will be
210 removed from display in the staff client and the catalog.
216 New TPAC config option: Show more details
217 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
218 There is a new option for TPAC to show more details by default.
220 The Option for full details as a default, which may be especially important
221 for e-content. Valid values are 'true', 'false' and 'hide'.
223 Setting this to 'true' shows full details by default but allows the link
224 to appear for 'Show Fewer Details'. The 'hide' option shows full details
225 and also suppresses the link from displaying at all.
227 Look for "show_more_details.default" in config.tt2.
237 ==== Vandelay Authority Record Match Sets ====
239 Vandelay MARC Batch Import/Export now supports match sets for authority
240 record import matching. Matches can be made against MARC tag/subfield
241 entries and against a record's normalized heading + thesaurus. Internal
242 identifier (901c) matches are also supported.
244 ===== UI Modifications =====
246 * Authority matches display the normalized heading/thesuarus for each
248 * Item import summary is not displayed for authority queues, since
249 items cannot be imported with authority records.
260 Active date display in OPAC
261 ^^^^^^^^^^^^^^^^^^^^^^^^^^^
262 If a library uses the copy's active date to calculate holds age protection,
263 the active date will display with the copy details instead of the create date
264 in the staff client view of the catalog. Libraries that do not enable the
265 _Use Active Date for Age Protection_ library setting will continue to display
271 Option to stop billing activity on zero-balance billed transactions
272 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
273 A new setting is available via the Library Settings Editor to stop any billing
274 activity on fully-paid lost or longoverdue transactions. When the _Do not
275 change fines/fees on zero-balance LOST transaction_ setting is enabled, once a
276 lost of long overdue transaction
277 has been fully paid, no more lost fees will be voided or overdue fines restored
278 or generated if the item is returned. The setting will reduce, though not
279 eliminate, negative balances in the system.
283 * Do not change fines/fees on zero-balance LOST transaction (circ.checkin.lost_zero_balance.do_not_change') - When an item has been marked lost and all
284 fines/fees have been completely paid on the transaction, do not void or
285 reinstate any fines/fees EVEN IF circ.void_lost_on_checkin and/or
286 circ.void_lost_proc_fee_on_checkin are enabled.
291 Patron Message Center
292 ^^^^^^^^^^^^^^^^^^^^^
293 There is now a new mechanism via which messages can be sent to
294 patrons for them to read while logged into the public catalog.
296 Patron messages can be generated in two ways: when a new public
297 note is added to the patron's record, and when an A/T event
298 that is configured to generate messages is processed. Three
299 new default A/T event definitions are added to generate
300 patron messages when a hold is canceled due to lack of a target,
301 staff action, or the item expiring on the shelf.
303 In the public catalog, patrons can read their messages, mark
304 one or more messages as read or unread, or delete messages that
305 they do not want to see again. The XUL staff client has a new
306 menu option on the patron display, "Message Center", that allows
307 staff to view messages. Messages are intentionally not meant
308 to be editable by patrons or library staff.
310 During upgrade, existing public patron notes that are marked
311 public are copied over as new patron messages that are marked
314 There are four new fields available in the A/T event definition:
318 * Message Library Path
321 If these four fields are set, when the A/T event is processed,
322 a message is generated in addition to whatever reactor is
323 specified by the event definition. This means that, for example,
324 an email overdue notice can also generate a message that the
325 patron can view in the public catalog.
330 Void Lost and Long Overdue Bills on Claims Returned
331 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
332 Four new settings have been added to allow sites to void lost item and long
333 overdue billings and processing fees when an item is marked as Claims Returned.
337 * Void lost item billing when claims returned (circ.void_lost_on_claimsreturned)
338 * Void lost item processing fee when claims returned (circ.void_lost_proc_fee_on_claimsreturned)
339 * Void long overdue item billing when claims returned (circ.void_longoverdue_on_claimsreturned)
340 * Void long overdue item processing fee when claims returned (circ.void_longoverdue_proc_fee_on_claimsreturned)
353 TPAC Discoverability Enhancements
354 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
356 A number of discoverability enhancements have been made to the catalog
357 to better support search engines:
359 * Titles of catalog pages now follow a "Page title - Library name" pattern
360 to provide more specific titles in search results, bookmarks, and browser
362 * The OpenSearch title now specifies the library name instead of the generic
363 "Evergreen OpenSearch" at every scope.
364 * Subject headings are now exposed as http://schema.org/about[schema:about]
365 properties instead of http://schema.org/keyword[schema:keyword].
366 * Electronic resources are now assigned a http://schema.org/url[schema:url]
367 property, and any notes or link text are assigned a
368 http://schema.org/description[schema:description] property.
369 * Given a Library of Congress relator code for 1xx and 7xx fields, we now
370 surface the URL for that relator code along with
371 the http://schema.org/contributor[schema:contributor] property to give
372 machines a better chance of understanding how the person or organization
373 actually contributed to this work.
374 * Linking out to related records:
375 ** Given an LCCN (010 field), we link to the corresponding Library of Congress
376 record using http://schema.org/sameAs[schema:sameAs].
377 ** Given an OCLC number (035 field, subfield `a` beginning with `(OCoLC)`), we
378 link to the corresponding WorldCat record using
379 http://schema.org/sameAs[schema:sameAs].
380 ** Given a URI (024 field, subfield 2 = `'uri'`), we link to the
381 corresponding OCLC Work Entity record using
382 http://schema.org/exampleOfWork[schema:exampleOfWork].
383 * The sitemap generator script now includes located URIs as well as copies
384 listed in the `asset.opac_visible_copies` materialized view, and checks
385 the children or ancestors of the requested libraries for holdings as well.
386 * Links that robots should not crawl, such as search result links, are now
387 marked with the https://support.google.com/webmasters/answer/96569?hl=en[@rel="nofollow"]
389 * Catalog pages for record details and for library descriptions now express
390 a https://support.google.com/webmasters/answer/139066?hl=en[@rel="canonical"]
391 link to simplify the number of variations of page URLs that could otherwise
392 have been derived from different search parameters.
393 * Catalog pages that do not exist now return a proper 404 "HTTP_NOT_FOUND"
394 HTTP status code, and record detail pages for records that have been deleted
395 now return a proper 410 "HTTP_GONE" HTTP status code, instead of returning a
396 misleading 200 "OK" HTTP status code.
397 * Record detail and library pages now include http://ogp.me/[Open Graph Protocol]
403 Add new link to My Lists in My Account
404 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
405 There is now a direct link to "My Lists" from the "My Account" area in the
406 top upper-right part of the screen. This gives users the ability to quickly
407 access their lists while logged into the catalog.
414 The record summary page will now offer a link to a shorter permalink that
415 can be used for sharing the record with others. All URL parameters are stripped
416 from the link with the exception of the locg and copy_depth parameters. Those
417 parameters are maintained so that people can share a link that displays just
418 the holdings from one library/system or displays holdings from all libraries
419 with a specific library's holdings floating to the top.
424 Staff option to place another hold on same title
425 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
426 When a hold is successful in the client, staff will now see a link
427 to place another hold on the same title. This link provides some workflow
428 improvement for times when staff are placing holds for multiple patrons on a
429 newly-added title or when they are placing holds for book clubs.
435 Removal of Bib Call Number Search
436 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
437 The Bib Call Number Search has been removed as a default numeric search in
438 the catalog. Evergreen sites that wish to restore this search to the catalog
439 can add the following to the numeric_qtype menu in the numeric.tt2 file.
442 <option value="identifier|bibcn">[% l('Bib Call Number') %]</option>
448 Improved styling on Text call number screen
449 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
450 New styling on the _Text call number_ screen has added highlighting to the
451 displayed message, makes the font consistent with other text on the screen, and
452 displays better on mobile devices.
460 IMPORTANT SECURITY INFORMATION
461 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
462 A serious security flaw that allows unauthorized remote access to
463 organizational unit settings is fixed in the following releases of
464 Evergreen: 2.5.9, 2.6.7, and 2.7.4. All prior releases of Evergreen
465 are vulnerable to exploitation of this flaw to reveal sensitive system
466 information. If you are running a vulnerable release of Evergreen you
467 are *strongly* encouraged to upgrade to a non-vulnerable release as
472 The Evergreen project would like to acknowledge the following
473 organizations who commissioned developments in this release of
478 We would also like to thank the following individuals who contributed
479 code and documentations patches to this release of Evergreen:
483 We also thank the following organizations whose employees contributed
488 We regret any omissions. If a contributor has been inadvertantly
489 missed, please open a bug at http://bugs.launchpad.net/evergreen/