Avoid requiring staff to send an Enter event (keyword / scanner) when
entering a patron barcode into the place holds form. Instead, look the
barcode up after a sufficient amount of time has passed.
Limit the authority_full_rec_value_index and
authority_full_rec_value_tpo_index indexes to the first 1024
characters of a field or subfield in order to avoid database errors
when inserting or updating authorities with long fields.
Include release note and regression test.
Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Jennifer Weston <jennifer.weston@equinoxOLI.org> Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Lp 1942920: Show Legacy/Not Dated for Legacy Circs
When legacy circ counts are displayed in the AngularJS client, the
year shows up as -1. This patch attempts to replace -1 with a
translatable string: "Legacy/Not Dated" as was used in the XUL staff
client.
Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Michele Morgan <mmorgan@noblenet.org>
This patch enables mod_headers for Debian Stretch and Buster
and Ubuntu Bionic and Focal during installation. Without
mod_headers, the Angular staff client application can have
its index page cached for 24 hours on a stock system, meaning
that browsers will not consistently fetch the updated app
after an upgrade.
This patch does not change the Fedora Makefile as mod_headers
is enabled by default on RHEL-like distributions.
UPGRADE NOTES
-------------
Existing Evergreen systems on Debian and Ubuntu should
do the following to ensure that mod_headers is active:
To test
-------
[1] Perform a fresh installation of Evergreen on Stretch, Buster,
Bionic, or Focal.
[2] Verify that mod_headers is enabled.
[3] (Optional) Fetch the Angular staff client index page, e.g.,
/eg2/staff, and verify that the response headers call for
not caching it.
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org> Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
Shula Link [Tue, 13 Jul 2021 14:16:39 +0000 (10:16 -0400)]
LP1834258 Replace Javascript with Placeholder Attribute
onfocus/onblur javascript replaced with placeholder="[% seed %]" in
Open-ILS/src/templates/kpac/getit.tt2 and
Open-ILS/src/templates/kpac/parts/searchbox.tt2
Signed-off-by: Shula Link <slink@gchrl.org> Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org> Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
Bill Erickson [Mon, 2 Aug 2021 20:30:21 +0000 (16:30 -0400)]
LP1938729 Cache "cascade" setting values
Cache values retrieved from 'open-ils.actor.settings.retrieve' lookups
in IndexedDB, similar to to org unit setting lookups, to reduce the need
for so many API calls for settings retrieval.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
This change places the cursor in the user name field and adjusts the order
of the elements so that tabbing out of the user name field comes to the
password field next.
Note that this modifies both the login modal and the embedded login form.
Bill Erickson [Mon, 11 Jan 2021 15:59:54 +0000 (10:59 -0500)]
LP1911023 Batch hold cancel refreshes before completion
Ensure all hold cancelation promises complete before reporting the
results back to the caller. Issue was result of thinko in the code
that failed to relay one of the promises in the chain, so it reported
promise completion prematurely.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
A change in Perl release 5.26.0 necessitates that the SIP_DIR variable
(default value "/opt/SIPServer") be exported to the environment in
oils_ctl.sh when attempting to start SIPServer. This change affects
Ubuntu 18.04 (Bionic Beaver) and Debian 10 (Buster) and any future
releases.
To verify the bug:
1. Install OpenSRF, Evergreen, and SIPServer on an affected O/S.
2. Start OpenSRF service.
3. Start SIPServer via oils_ctl.sh:
oils_ctl.sh -a start_sip
4. Notice the "Starting OILS SIP Server" message is printed with no
indication of failure.
5. Verify that the PID file exists: /openils/var/run/oils_sip.pid
6. Verify that no SIPServer processes are actually running:
pgrep -af SIPServer
The above should produce no output.
To test this patch:
1. Apply this patch and install oils_ctl.sh to /openils/bin/.
2. Assuming you have run the previous steps, delete the PID file:
rm /openils/var/run/oils_sip.pid
3. Start SIPServer via oils_ctl.sh:
oils_ctl.sh -a start_sip
4. Notice the "Starting OILS SIP Server" message is printed.
5. Verify that the PID file exists: /openils/var/run/oils_sip.pid
6. `pgrep -af SIPServer` should produce output.
It is safe to apply this patch on an unaffected O/S. Explicitly
adding SIP_DIR to PERL5LIB will have no detrimental effect on any O/S
currently supported by Evergreen.
Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Galen Charlton [Wed, 25 Aug 2021 22:21:03 +0000 (18:21 -0400)]
LP#1928275: fix the Angular "Copy Queue To Bucket"
Similar to bug 1934184, a blank routerLink on an anchor no longer
causes an ngbModal to open via a click handler.
To test
-------
[1] Create a MARC import bib queue that has at least one imported
record it.
[2] Click the "Copy Queue To Bucket" link from the queue inspection page
and observe that nothing happens.
[3] Apply the patch and repeat step 2. This time, the add-to-bucket dialog
should appear.
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org> Signed-off-by: Mary Llewellyn <mllewell@biblio.org> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
LP1924621 Staff catalog place hold screen preferred name
Displays the preferred first or last name on the place holds screen,
if a patron barcode is entered.
To test.
1. Set up a borrower with a preferred first name, and one with a
preferred last name, and one with both.
2. Use the catalog place hold screen to search for these borrowers
and notice that the preferred names, if available, are displayed.
* note newline added by Bill to break up wide column.
Signed-off-by: Garry Collum <gcollum@gmail.com> Signed-off-by: Mary Llewellyn <mllewell@biblio.org> Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Gina Monti <gmonti@biblio.org> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Bill Erickson [Wed, 12 May 2021 15:46:01 +0000 (11:46 -0400)]
LP1941764 Import from queue propagate form inputs
When importing records from an existing Vandelay queue, ensure the
selected queue, its match set, its match bucket, and its holdings import
profile are propagated into the import form.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Christine Morgan <cmorgan@noblenet.org> Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Michele Morgan <mmorgan@noblenet.org> Signed-off-by: Tiffany Little <tlittle@georgialibraries.org> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Galen Charlton [Thu, 5 Aug 2021 21:55:18 +0000 (17:55 -0400)]
LP#1844121: prevent staff login by expired barcode
open-ils.auth.authenticate.init accepts an identifier as its
sole parameter, then determines whether it looks like a
username or barcode and retrieves the patron's password
salt as the seed accordingly.
open-ils.auth.authenticate.complete can accept the identifier
via the 'identifier', 'username', or 'barcode' keys, but the
key used does not need to match how .init found the patron.
As a consequence, the .init/.complete dance can retrieve the
patron by barcode but handle the barcode value as if it were
a username, thereby bypassing the check of whether the barcode
was inactive. In particular, the AngularJS staff client login
process does this, meaning that staff members can log in to the
staff client via the AngularJS form using an expired barcode.
This is not good. The OPAC explicitly blocks logging in using an
inactive barcode because it checks the identifier type and sets
the key passed to .complete accordingly. The Angular staff login
page also prevents logging in using an inactive barcode because
(a) it uses open-ils.auth.login, which doesn't have the same
problem and (b) it forces the identifier to be marked as a user
name regardless.
NOTE: this means that the Angular staff login form prevents staff
from logging in via barcode, which potentially is a regression as
compared to the AngularJS side (or, alternatively, is providing
additional necessary strictness).
This patch avoids the problem by having .complete inspect the
cached seed created by .init to determine how the user was ultimately
found.
Some alternative approaches that were rejected include:
[1] Having AngularJS just mirror Angular. Problem: if some staff
users are used to using their barcode to log in, doing
this would cause an immediate problem. I note that because
the staff interface URL is commonly expressed as
https://library.example/eg/staff, is currently far more common
for the staff interface to be logged into via the AngularJS
form rather than the Angular one.
[2] Having AngularJS use open-ils.auth.login, but make it and
Angular use 'identifier' as the key rather than 'username'.
Problem: while this would have the desired effect if you
only use native authentication, if you're using open-ils.auth_proxy,
it won't work - open-ils.auth_proxy.login doesn't recognize an
'identifier' parameter. While that could be changed, it
is more invasive.
To test
-------
[1] Set up a staff user that has a username, an active barcode,
and an inactive barcode.
[2] Log in to the AngularJS staff interface (/eg/staff) using
the username, the active barcode, and the inactive one.
[3] Note that you are permitted to log in with all three identifiers.
[4] Apply the patch and repeat step 2.
[5] This time, logging in using the inactive barcode should
fail.
[6] Verify that other login types continue to work as expected:
- Angular staff login form
- OPAC
- SIP2 terminal login
- SIP2 user authentication
- operator change (Angular and AngularJS)
- Web-based self-check
[7] Extra credit: test logging in via open-ils.auth_proxy with
it falling back to native authentication.
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org> Signed-off-by: Shula Link <slink@gchrl.org> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Terran McCanna [Fri, 18 Jun 2021 22:12:08 +0000 (18:12 -0400)]
LP1904754 Former precat still displays precat info
This fixes a display issue where the precat title and author
were still displaying once the record was no longer a precat,
which effectively duplicated the title and author.
Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org> Signed-off-by: Bill Erickson <berickxx@gmail.com>
Adam Bowling [Fri, 23 Jul 2021 20:00:35 +0000 (16:00 -0400)]
LP1937875: Remove GitHub reference from package.js
Removes the call to GitHub (required under legacy circumstances),
since it can cause some machines lacking SSH keys for GitHub to
fail when "npm install" is run for the AngularJS web client.
Signed-off-by: Adam Bowling <abowling@emeralddata.net> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Adds OPAC visible column to holdings grid in the Angular catalog.
Signed-off-by: Dan Briem <dbriem@wlsmail.org> Signed-off-by: Jennifer Pringle <jennifer.pringle@bc.libraries.coop> Signed-off-by: Bill Erickson <berickxx@gmail.com>
Jason Boyer [Fri, 20 Aug 2021 18:00:25 +0000 (14:00 -0400)]
LP1908614: Show the Age Hold Protection name in the staff catalog
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org> Signed-off-by: Michele Morgan <mmorgan@noblenet.org> Signed-off-by: Bill Erickson <berickxx@gmail.com>
Jessica Woolford [Wed, 17 Mar 2021 20:31:30 +0000 (16:31 -0400)]
LP1786971 z39.50 using TCN instead of ID
This patch switches the target to overlays to the bib ID instead of the
TCN. This allows overlays to work for sites where TCN and bib ID are not
the same.
Signed-off-by: Jessica Woolford <jwoolford@biblio.org>
LP1786971 Z39.50 TCN-Bib ID display and wording
This adds the TCN to the Z39.50 interface when a record is
marked for overlay and the TCN does not match the Bib ID.
Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org> Signed-off-by: Mary Llewellyn <mllewell@biblio.org> Signed-off-by: Bill Erickson <berickxx@gmail.com>
When cloning a patron record, the address gets set to pending and cannot
be fixed until the new patron record is saved.
The address creation steps for cloned records are a little different if
the library setting "Patron Registration: Cloned patrons get address copy" is
set, so test with that enabled and disabled. In our system we have that setting
enabled.
The issue is that the values come in as a string like 't' or 'f' and need to be converted
to a boolean value. That is done in the normal address loading code, but wasn't in
the cloning code.
I also added in a fix for the city limits flag not getting cloned which seems
like an related issue. This seems like it was just cosmetic, the city limits
does get set when the record is saved, based on the parent records address.
Testing Plan:
Before change:
1. Enable "Cloned patrons get address copy" setting.
2. Open up a patron record that has a valid non pending address with city limits checked.
3. Save and Clone
4. Notice that the address in the new cloned record says pending.
5. Notice that the city limits checkbox isn't checked.
After change applied:
1. Enable "Cloned patrons get address copy" setting.
2. Open up a patron record that has a valid non pending address with city limits checked.
3. Save and Clone
4. Notice that the address in the new cloned record doesn't say pending.
5. Notice that the city limits checkbox is checked.
Bill Erickson [Wed, 3 Jul 2019 18:34:39 +0000 (14:34 -0400)]
LP1752356 Offline expired patrons download date additions
Modify wording to clarify the date displayed is that of the block list
download and not necessarily the date the patron was flagged expired.
Avoid console errors when the file download date is not known -- edge
case where the code is updated but the block list was not updated in the
meantime.
Clean up some debug logging.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org> Signed-off-by: Jason Boyer <jboyer@equinoxOLI.org>
Mike Risher [Mon, 1 Jul 2019 15:56:17 +0000 (15:56 +0000)]
LP1752356 Offline block list date addition
In offline mode when checking out for an expired patron, we changed
the error message so that the last date the blocklist was downloaded
is displayed along with the patron barcode
Signed-off-by: Mike Risher <mrisher@catalyte.io> Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org> Signed-off-by: Jason Boyer <jboyer@equinoxOLI.org>
Mike Rylander [Tue, 9 Apr 2019 15:30:15 +0000 (11:30 -0400)]
LP#1823983: repeat_delay check removes event definition id filter
This bug has existed since the repeat_delay feature was added, but likely only
rarely was triggered because most events don't have a repeat_delay, and those
that do don't interact with the same target. However, as more repeatable event
definitions are created, inappropriate interaction becomes more likely.
In this commit we avoid overwriting the whole join condition clause, which
already contains an event definition id filter and needs to retain it.
Included is an unrelated change that uses the new-ish form of
interval_to_seconds that avoids DST boundary shifting issues by passing a
context DateTime object as the second parameter.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
LP1809157 SMS Carriers display not in alphabetical order
This alphabetizes the carrier display when editing the sms carrier in an existing hold.
It also adds the region to the name to make the interface consistent with other interfaces.
To Test:
1. Enable SMS options in the Library Settings.
2. Place a hold for a patron.
3. Use the Edit Notifications Settings. Enter an SMS number, if needed.
4. Drop-down the Carrier list - the list is not in alphabetical order.
5. Apply the patch and repeat 3-4.
Adds an info button next to Total Circs in the AngularJS staff
client Item Status screen. Clicking the button displays a
popover list of total circs by year.
Signed-off-by: Dan Briem <dbriem@wlsmail.org> Signed-off-by: Michele Morgan <mmorgan@noblenet.org> Signed-off-by: John Amundson <jamundson@cwmars.org> Signed-off-by: Jason Stephenson <jason@sigio.com>
Mike Rylander [Mon, 7 Jun 2021 19:57:32 +0000 (15:57 -0400)]
LP#1931162: DYM needs some situational optimization
For some data sets and some queries the Did You Mean search suggestion
logic can be much too slow. This is mainly in cases where a "misspelled"
word of sufficient length greater than the symspell prefix length is
checked against many short prefixes that have many long suggestions
attached to them.
This commit optimizes for that case in particular by testing the length
of suggestions and prefix keys against the user input to avoid
unnecessary tests. Futher, it captures the edit distance of suggestions
that pass that test in-line, avoiding expensive retesting, and caches
the short-cutoff edit distance when in low-verbosity mode to avoid
future different-but-not-too-different suggestions coming from the same
prefix key.
It additionally provides a general optimization by batching the capture
of suggest counts to avoid per-suggestion secondary lookups, and a
micro-optimization of ordering suggestions by length at distance cache
time.
Signed-off-by: Mike Rylander <mrylander@gmail.com> Signed-off-by: Shula Link <slink@gchrl.org> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
Jason Etheridge [Tue, 9 Feb 2021 14:42:06 +0000 (09:42 -0500)]
lp1908439 Auto-override enhancment
This reworks the override action dialogs in the patron display for Check
Out and Items Out, and in the Circulation -> Renew Items interface. It
exposes the auto-override behavior as checkboxes giving staff more fine
grained control over which events are auto-forced or skipped upon
subsequent encounters. It also changes the Cancel action for batch
renewals to abort the remaining renewals in the batch, and makes it so
that new authorization credentials provided during such a batch will be
treated as an operator change for the entire batch. We also fix an
existing bug where events marked as already encountered for
auto-override could leak into other patron contexts via Patron Search.
Signed-off-by: Jason Etheridge <jason@EquinoxInitiative.org> Signed-off-by: Terran McCanna <tmccanna@georgialibraries.org> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Jane Sandberg [Fri, 23 Jul 2021 17:15:13 +0000 (10:15 -0700)]
LP1906058: Course-term map interface only allow reasonable mappings
Different libraries will use different sets of course terms. In an
academic library context, for example, a consortium may include
libraries with very different start and end dates to their terms/semesters,
different numbers of terms/year, etc.
This commit changes the interface to only allow users to associate
a course with a term from the same library or one of its ancestors.
To test:
1. Create many courses and course terms and many different OUs.
2. On the course list, click "Terms taught". Associate some courses
and course terms. Make sure that you aren't able to associate your
course with any course terms that would not be reasonable for the
course's library.
3. Edit a course, and choose the Course terms tab. Continue to associate
courses and terms, and make sure the mappings are reasonable.
Galen Charlton [Sun, 15 Aug 2021 15:27:41 +0000 (11:27 -0400)]
LP#1905068: (follow-up) never initialize an OU ID to 1
This change has no effect on behavior, as defaultOuId's
initialization value always gets replaced with the user's
WS OU or the org root when the contructor is run, but
avoids any implication during code-reading that the top
of the OU tree can be assumed to have ID 1.
Jane Sandberg [Wed, 23 Jun 2021 23:59:51 +0000 (16:59 -0700)]
LP1905068: Add org-family-select to course list
To test:
1) Apply this patch
2) Admin > Local admin > Course reserves list
3) Check that the list defaults to courses available
at your workstation org unit
4) Check that, when you select ancestors, descendants,
or a different org unit, the course list updates
accordingly
5) Check that the list only displays org units for
which you have the MANAGE_RESERVES permission
Signed-off-by: Jane Sandberg <sandbej@linnbenton.edu> Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Add lp1923076-test-perl-scalar-return.t to the Perl live tests to test
a couple of back end calls affected by the changes in this branch.
These backend calls are those that are easily testable with Concerto
data.
Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Michele Morgan <mmorgan@noblenet.org> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Remove a block of commented code that was turned up while working on
this issue. This is in its own commit to make it easier to revert, if
necessary.
Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Michele Morgan <mmorgan@noblenet.org> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Add cast to int of scalar used on arrays in more places where it seems
necessary.
Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Michele Morgan <mmorgan@noblenet.org> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Jeff Davis [Thu, 8 Apr 2021 02:41:49 +0000 (19:41 -0700)]
LP#1923076: ensure length of empty array is treated as a number when retrieving hold counts
Thanks to Jason Stephenson for suggesting this solution.
Signed-off-by: Jeff Davis <jdavis@sitka.bclibraries.ca> Signed-off-by: Jason Stephenson <jason@sigio.com> Signed-off-by: Michele Morgan <mmorgan@noblenet.org> Signed-off-by: Mike Rylander <mrylander@gmail.com>
Jane Sandberg [Tue, 13 Jul 2021 03:56:01 +0000 (20:56 -0700)]
LP1935693: Add circulation modifier to course page
Also makes some strings extractable for translation that
were previously missed.
To test:
1) Enable the course materials module
2) Add some courses
3) Add some materials to those courses, using a mix of
circulation modifiers
4) In the OPAC, use the Course Search to search for
your courses
5) Click on the course you created
6) Note that physical items associated with the course
display their circulation modifiers in the circulation
modifier column.
LP#1912852: add jump-on-one-hit support to Angular staff catalog
This patch add support for the opac.staff.jump_to_details_on_single_hit
library setting to the Angular staff catalog.
To test
-------
[1] Apply the patch.
[2] Ensure that the opac.staff.jump_to_details_on_single_hit setting
is off for your workstation.
[3] Perform searches using the Angular staff catalog. Verifying that
searches that return any number of results display them on the
results page.
[4] Set the library setting to true and reload the staff catalog.
[5] Perform keyword, numeric, and MARC searches using terms that
result in a single-record result set. Verify that the interface
redirects to the single-record page for that hit.
[6] Perform searches that would return zero results. Verify that
the results page indicates zero hits fuond.
[7] Perform searches that would return more than one result. Verify
that the results are displayed on the results page.
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org> Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org> Signed-off-by: Jason Etheridge <jason@EquinoxOLI.org> Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
When a staff person tries to schedule curbside appointments
after their UTC equivalent time moves to the next day, the
timeslots for the next day are shown, and appointments get
made for the next day.
For example, when CST is the local timezone (UTC-6), after 6pm
appointments for the current day are scheduled for the next day.
Appointments for the next day get scheduled for the day after.
This happens because toISOString is used to grab the current date,
but toISOString always returns UTC time. The date widget will show
the correct date, but the time slots will actually be for the next
day. This is more noticeable if days have different schedules.
Another clue is that the time slot selector will show all timeslots for
the day, not just the ones that are upcoming.
Testing Plan:
1. Enable curbside for test location, and set org unit hours to
be at least through 8pm for open hours.
2. Wait until after 4PM (Pacific), 6pm CST, 7PM EST, or
change your computer clock.
3. Try to schedule an appointment for the current day.
4. The appointment should get scheduled for the next day.
5. Apply the fix.
6. Try to schedule another appointment and see that the correct
date gets selected.
Jason Boyer [Sat, 10 Nov 2018 22:53:16 +0000 (17:53 -0500)]
LP1802682: Use Default Net Access Level OUS
This branch does two things: makes use of the OUS
that determines the default Net Access Level, and
also changes the type of the coust entry to make
using it more user friendly.
Terran McCanna [Thu, 22 Oct 2020 22:05:37 +0000 (18:05 -0400)]
LP1901028 Print Template for Checkout Missing Fields
The fields are actually available, but the hints in the template
were incorrect. This fixes the hints for call number, owning library
name, owning library short name, and circulation modifier.
This patch makes the form in the self-registration screen in the Bootstrap
opac a little responsive on smaller devices.
To test.
1. Turn on self-registration in the library settings.
2. Go to the self-registration screen and make the screen as small as possible.
3. Apply the patch.
4. Notice that the form labels and input boxes are now more aesthetic.
5. Create some self-registration requests to make sure the form captures the data.
Garry Collum [Thu, 27 May 2021 17:49:00 +0000 (13:49 -0400)]
LP1929839 Load Shared Bucket text error
Changes the title of the Load Shared Bucket pop-up box from "Load Shared
Bucket Bucket by ID" to "Load Shared Bucket by ID". I decided not to
change it to "Load Shared Bucket by Bucket ID" since "Bucket ID" is
displayed next to the input field.
This affects all 3 types of buckets: item, record and user.
Bill Erickson [Tue, 3 Aug 2021 20:58:29 +0000 (16:58 -0400)]
LP1934184 Vandelay Delete Queue action repair
Fixes the Queue Details page Delete Queue link. Before it did nothing,
now it prompts the user to confirm deletion followed by deleting the
queue (when confirmed).
To test, go to Cataloging => MARC Batch Import/Export => Inspect Queue
=> Double-click a queue => Click Delete Queue (under Queue Actions) and
confirm that the confirmation dialog appears and deletion works.
Signed-off-by: Bill Erickson <berickxx@gmail.com> Signed-off-by: Christine Morgan <cmorgan@noblenet.org> Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Galen Charlton [Fri, 6 Aug 2021 15:35:49 +0000 (11:35 -0400)]
LP#1450519: remove unauthorized access to library setting history
This patch changes the current Library Settings editor so that
it doesn't display the setting history for a setting that the user
doesn't have the underlying view permission for. It also removes
the coustl IDL class [config.org_unit_setting_type_log] from PCRUD.
Access to the setting history is now done through a new method,
open-ils.actor.org_unit.settings.history.visible.retrieve, which
accepts an authtoken and a setting name. If the user has the
relevant view permission, setting history entries at all of the
OUs that they have the permission at are returned. If the user
lacks the permission, an empty array is returned. If the setting
has no permission associated with it, all history entries for
the setting are returned. The user must have at least STAFF_LOGIN
to retrieve any entries at all.
To test
-------
[1] As an administrator, make some changes to the values of
a privileged library setting (such as one of the credit card
ones) and an unprivileged one (e.g., lib.info_url).
[2] Log in as a staff user without administration privileges
and go to the library settings editor. Note that while the
current value of privileged settings are not displayed, clicking
on the history link displays the full history of the setting.
[3] Apply the patch and repeat step 2.
[4] This time, history for the privileged setting is not displayed,
while history for an unprivileged setting continues to be
available.
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org> Signed-off-by: Shula Link <slink@gchrl.org> Signed-off-by: Jason Stephenson <jason@sigio.com>