Bill Erickson [Fri, 17 Jul 2015 20:00:17 +0000 (16:00 -0400)]
LP#1468422 Password storage/migration SQL getting started
* Backwards compatible salted password storage using pgcrypt
* Adds actor.passwd and actor.passwd_type tables
* Includes pgtap tests
* Includes installation of pgcrypto
Current flow:
1. Application requests a salt to use as the CHAP-style seed
2. If new-style password exists, salt is returned.
3. Else, old password is migrated and the new salt is returned.
4. App finalizes login by checking verify_passwd.
== continued...
Store the iter_count and start using the crypt_algo column.
Make it possible to change the salt, and potentially strengthen
the salt, when changing passwords.
Make is possible to start salt-less passwords, for pw's that are managed
outside of the DB.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Dan Wells <dbw2@calvin.edu>
Bill Erickson [Thu, 25 Feb 2016 18:33:20 +0000 (13:33 -0500)]
LP#1333254 Improve entry debit maintenance for inv. open/close.
Improve handling of debit->entry links for invoices that cross the
open/close boundary, modifying the number of items invoiced on an entry,
and rolling back invoice entry debits.
Prior to this, some debits would be unnecessarily linked to entries and
fail to clean up properly when rolled back.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Kathy Lussier <klussier@masslnc.org>
Set encumbrance=false on invoiced fund debits when the invoice is closed
(complete=true) instead of when the invoice is created.
To test:
1. Activate a purchase order.
2. Create an invoice for the PO.
3. Confirm PO shows same amount encumbered as befor invoicing and $0
paid.
4. Close the invoice.
5. Confirm amount encumbered on the PO is reduced by the amount invoiced
and the amount paid on the PO is increased by the amount invoiced.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Kathy Lussier <klussier@masslnc.org>
Checkout history is now derived from the new action.usr_circ_history
table. When a patron disables circ history, all history is deleted from
the new table. Also, when disabling circ or holds history, the patron
is now warned if data will be deleted or, in the case of holds, become
inaccessible.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Kathy Lussier <klussier@masslnc.org>
Adds a new table action.usr_circ_history for tracking opt-in checkout
history. History is maintained via trigger on action.circulation.
Includes updates to html/email/csv checkout history templates to
gracefully handle NULL checkin_time values, since history starts as soon
as an item is checked out.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Kathy Lussier <klussier@masslnc.org>
Bill Erickson [Sat, 16 Jan 2016 20:15:01 +0000 (15:15 -0500)]
LP#1452950 Remove unsaved data warning after click-thru
Once the user clicks through the unsaved data warning, clear the warning
for future navigation. If more fields are changed, the warning will be
reinstated.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Bill Erickson [Thu, 19 Nov 2015 13:47:09 +0000 (08:47 -0500)]
LP#1452950 Patron reg loading dialog; more caching
* Hide the patron edit form and show a loading dialog while data loads.
* Cache net access levels and ident types to speed up navigation between
patron edit and other pages within the patron app.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Set the current field doc via function instead of directly within the
ng-click handler. For unknown reasons, the direct approach was not
working with addresses.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
For new patrons, focus the barcode field. For existing patrons, disable
the barcode field (except when a new barcode is needed) and focus the
username field by default.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Replace patron barcode. Includes duplicate barcode detection, but no
styling/warning is produced when a dupe is found, since the structure
for handling invalid form fields in patron reg does not yet exist.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Recover the patron summary show/hide link, which was lost in the
fixed-position elements shuffle. This moves the patron's name back into
the fixed bar along the top so that it's always visible, as before.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Wire up links for Required, suggested, and All fields links.
Also move the patron control bar out to its own template since it must
be loaded from 2 different places in the markup, one for edit and one
for register.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Register patron now has a page-level banner consistent w/ other
full-page UI's. Patron edit gets a smaller header since it's nestled
under the patron tabs.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
* Reduce vertical space by a few pixels
* Make field labels non-bold
* Make input fields bold
* Remove duplicate padding to avoid label misalignment.
* Use blue alert-info banner along the top of the screen.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Sort each level of the shared org unit tree in the browser client by org
unit shortname. This primarily affects org unit selectors / dropdowns
(unless otherwise sorted).
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
* floating save, clone, etc pane arranged vertically with less padding.
* reduce vertical spacing between fields
* alert_message field rendered as textarea
* avoid showing 'Example:' label when no phone example exists.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Replace legacy Dojo patron registration / edit UI's in the browser
client with an initial cut of an Angular version. For this commit, the
UI is basically a wireframe, but the selectors display values and
most fields display the correct values set on the patron.
No save or clone etc. operations or data validation are functional.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Kathy Lussier [Thu, 25 Feb 2016 04:33:51 +0000 (23:33 -0500)]
LP1402770: Do not show Holds Count by default in most item screens
The Holds Count columns was displaying by default in many xul item interfaces
where this info may not be as useful for staff. Let's hide them by default
in most column pickers, and only display it by default in the patron's Items
Out tab.
Signed-off-by: Kathy Lussier <klussier@masslnc.org> Signed-off-by: Ben Shum <ben@evergreener.net>
Added a virtual IDL defintion. Added a OpenSRF method to return
the number of holds that a copy is a member of action.hold_copy_map.
Added javascript column definition to surface this in the xul staff client.
Added the column in the web based staff client as well.
Signed-off-by: blake <blake@mobiusconsortium.org> Signed-off-by: Andrea Neiman <aneiman@kent.lib.md.us> Signed-off-by: Kathy Lussier <klussier@masslnc.org> Signed-off-by: Ben Shum <ben@evergreener.net>
Chris Sharp [Mon, 30 Nov 2015 14:48:26 +0000 (09:48 -0500)]
LP#1206936 - Fix wrong billing info in money.transaction_billing_summary
The money.transaction_billing_summary view was showing the wrong
last billing type and last billing note for certain transactions.
This fix, from Dan Scott, in turn from Mike Rylander, recreates
that view so that it depends on the speedier and more accurate
money.materialized_billable_xact_summary view.
Signed-off-by: Chris Sharp <csharp@georgialibraries.org> Signed-off-by: Dan Wells <dbw2@calvin.edu>
Remington Steed [Wed, 16 Dec 2015 20:46:17 +0000 (15:46 -0500)]
LP#1526546 Sort copies by part label in holdings maint.
This commit improves the sorting of copies on the Holdings Maintenance
screen in the XUL-based staff client. The previous code sorted the
copies by their barcodes after retrieval. This commit moves the sorting
logic into the search call and adds logic to first sort by the part
label sort key.
Signed-off-by: Remington Steed <rjs7@calvin.edu> Signed-off-by: Dan Wells <dbw2@calvin.edu>
This patch teaches search how to limit the number of facets retrieved
per defined facet field. Setting a limit is useful so that
open-ils.cstore backends don't end up needlessly consuming
memory when fetching facets for a large result set; if a broad
search retrieves over 10,000 author facets (say), even the most
persistant user is not going to actually look at all of them. Fetching
fewer facets can also slightly speed up generation of search
results.
The limit is controlled by a new global flag, search.max_facets_per_field,
whose label is "Search: maximum number of facet values to retrieve for
each facet field". The default limit value is 1,000, but lower values
(e.g., 100) are perhaps even better for most catalogs.
To test:
[1] Upon applying the patch, set the value of the
search.max_facets_per_field global flag to a small
value.
[2] Perform some searches and verify that the number
of facets retrieved doesn't exceed the limit; note
that the limit is per facet *field*, not overall
or per field class.
Signed-off-by: Galen Charlton <gmc@esilibrary.com> Signed-off-by: Ben Shum <ben@evergreener.net>
blake [Wed, 23 Dec 2015 20:20:40 +0000 (14:20 -0600)]
LP#1466990: Detailed search results shows parts for items that dont have parts
The part_label variable needs to be reset between iterations. The variable was still set
and bled from copy to copy. Testing this will require a search with details turned on.
The search result set needs to include a bib that has copies with parts (with at least
one copy invisible) and another bib that has copies without parts.
Signed-off-by: blake <blake@mobiusconsortium.org> Signed-off-by: Ben Shum <ben@evergreener.net>
Adds a new srfsh script which calls a new open-ils.storage API call
which sets the cc_number value to NULL on all credit card payments
older than the age specified in the srfsh script.
Adds example CRON entry.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Kathy Lussier <klussier@masslnc.org>
Bill Erickson [Thu, 18 Jul 2013 15:17:23 +0000 (11:17 -0400)]
LP#1202742 Non-active transit copy status messages
When an in-transit copy is checked into the staff client, display a special
message in the transit alert dialog and in the printed transit receipt
(optionally, via macro) if the copy is in (or, rather, will be once it
arrives at its destination) a non-active copy status.
See config.copy_status.copy_active.
For example, assuming the org unit setting 'circ.lost_immediately_available'
is unset, when a Lost copy is checked in that must transit home, the
following message will appear in the transit alert dialog:
This item is in status "Lost", additional staff action may be required.
Additionally, the value of the 'transit_copy_status_msg' macro, which
defaults to "", will be set to this message, so that the message may
appear in printed transit slips.
Note that the code will test for the presence of the
"staff.circ.utils.transit.copy_status_message" string property and fail
gracefully if it is unset. Through this, admins can disable this
feature entirely.
Signed-off-by: Bill Erickson <berick@esilibrary.com> Signed-off-by: Chris Sharp <csharp@georgialibraries.org> Signed-off-by: Kathy Lussier <klussier@masslnc.org>
Michael Peters [Tue, 18 Aug 2015 16:49:10 +0000 (12:49 -0400)]
LP#1013786 TPAC add reminder to modify update_pasword_msg.tt2 to global.password_regex
Currently, libraries can configure their own password strength regular expressions
via the Library Settings Editor. This, however, did not provide a reminder
that the message shown to the patron when resetting their password needed to
meet those requirements.
This patch provides a hint in the description of the YAOUS global.password_regex
to remind that update_password_msg.tt2 should be updated with a user-friendly
text string explaining the password requirements if they are changed from the default.